Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

glibc-2.38.9000-528-g6bd0e4efcc: FAIL: 1 regressions

Description

Commit: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=6bd0e4efcc78f3c0115e5ea9739a1642807450da
commit glibc-2.38.9000-528-g6bd0e4efcc
Author: Arjun Shankar <arjun@redhat.com>
Date: Mon Jan 15 17:44:43 2024 +0100

syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)

__vsyslog_internal did not handle a case where printing a SYSLOG_HEADER
containing a long program name failed to update the required buffer
size, leading to the allocation and overflow of a too-small buffer on
the heap. This commit fixes that. It also adds a new regression test
that uses glibc.malloc.check.
... 4 lines of the commit log omitted.

Latest data: https://git-us.linaro.org/toolchain/ci/interesting-commits.git/plain/glibc/sha1/6bd0e4efcc78f3c0115e5ea9739a1642807450da/jira/yaml

Activity

Adhemerval Zanella 
March 14, 2024 at 1:18 PM

The containers tests should be fixed on arm32 on abe.sh.

Adhemerval Zanella 
March 12, 2024 at 12:02 PM

I think I found the issue and I have added a abe fix to handle it https://review.linaro.org/c/toolchain/abe/+/46859

Adhemerval Zanella 
March 6, 2024 at 2:32 PM

It seems that the containers tests are still failing for some reason, maybe was not suffice or it is not correctly working as expected. I will check this out.

Maxim Kuvyrkov 
March 6, 2024 at 2:18 PM

Adhemerval Zanella 
January 31, 2024 at 11:36 AM

I tracked on . It seems the https://review.linaro.org/c/toolchain/abe/+/46490 did not really fix it, or the container do not have abe updated. I will need to dig into to check it.

Fixed

Details

Assignee

Reporter

Start date

Components

Priority

Parent

Checklist

Sentry

Created January 31, 2024 at 2:41 AM
Updated March 14, 2024 at 1:18 PM
Resolved March 14, 2024 at 1:18 PM