Closed murdegern closed 6 years ago
carnil
commented
7 years ago @murdegern, @shlomif FTR, this had caused a couple of build failures for us (Debian Perl Group), while applying the patch:
https://buildd.debian.org/status/logs.php?pkg=libxml-libxml-perl&ver=2.0128%2Bdfsg-2
carnil
commented
7 years ago @murdegern, @shlomif any news on that issue? (any ideas about the failures as found in Debian?)
murdegern
commented
7 years ago Am Sat, 12 Aug 2017 21:20:28 +0000 (UTC) schrieb carnil notifications@github.com:
@murdegern, @shlomif any news on that issue? (any ideas about the failures as found in Debian?)
Hi, "murdegern" here,
I'm a bit confounded actually. It looks as if a) the bug was NOT fixed by my patch or b) there's something else which pounces on architectures beyond x64 (libxml bugs?)
My problem here is that I'm restricted in time I can devote to this issue. Also, I only have 64 bit intel machines available. I'll try to get a valgrind session on the test, perhaps something can be seen anyway.
Regards, Torsten
pmonrealgonzalez
commented
7 years ago In openSUSE (Tumbleweed), the patch and the tests work fine in x86_64 but in other architectures the new test is failing. Here is a summary of the errors by arch:
1) In i586: [ 92s] Integer overflow in hexadecimal number at t/92CVE-2017-10672.t line 37. [ 92s] Integer overflow in hexadecimal number at t/92CVE-2017-10672.t line 43.
2) In ppc: [ 36s] Attempt to free unreferenced scalar: SV 0x20947ff0, Perl interpreter: 0x20920010 at t/92CVE-2017-10672.t line 28.
3) In ppc64: [ 36s] Error in `/usr/bin/perl': free(): invalid pointer: 0x000001003f1582c0
shlomif
commented
6 years ago Thanks for the patches! I'm going to close this pull- req for now due to the reported problems. Please fix those and resubmit.
and add a test.