[physfs] physfs corruption (double free) in hardened version
Patrick Matthäi
pmatthaei at debian.org
Wed May 4 15:59:10 EDT 2011
Am 04.05.2011 21:48, schrieb Ryan C. Gordon:
>
>> I have attached a test program of a bug submitter, with that physfs
>> crashs, because of a double free exception, on amd64 (but not on i386).
>
> I can't reproduce this; Valgrind reports no double free errors, and
> glibc does not panic about a double-free as was indicated.
>
> I build this on amd64 with physfs-2.0.2 and gcc "version 4.4.5
> (Ubuntu/Linaro 4.4.4-14ubuntu5)", made a testdir directory and put two
> dummy files in it.
>
> gcc -O0 -ggdb3 -o bug bug.c -I.. ./libphysfs.a -lz -std=c99
>
> bug.c correctly gets a list of the two dummy files, and then
> successfully frees that list without a double-free. If I add a call to
> PHYSFS_deinit() at the end, there isn't even a single memory leak in the
> whole program.
>
> Perhaps the problem is elsewhere?
>
> (Granted, I'm not building this "hardened" ... if you give me
> instructions for that, I'll try it.)
The easiest way is:
# apt-get install hardening-wrapper
$ export DEB_BUILD_HARDENING=1
$ ./configure; make foo
Have a look here (there you also see the build flags):
http://wiki.debian.org/Hardening
--
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi
GNU/Linux Debian Developer
E-Mail: pmatthaei at debian.org
patrick at linux-dev.org
Comment:
Always if we think we are right,
we were maybe wrong.
*/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://icculus.org/pipermail/physfs/attachments/20110504/27fb31f5/attachment.pgp>
More information about the physfs
mailing list