Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 357687 - media-libs/libsdl assumes passing overlapping memory regions to memcpy() is safe
Summary: media-libs/libsdl assumes passing overlapping memory regions to memcpy() is safe
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Games
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 354175
  Show dependency tree
 
Reported: 2011-03-06 19:08 UTC by Richard
Modified: 2011-03-09 02:24 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Richard 2011-03-06 19:08:41 UTC
There is an upstream bug report regarding this that contains a patch:

http://bugzilla.libsdl.org/show_bug.cgi?id=1090

Bug #354175 involves a program that is affected by this. Applying the upstream patch to media-libs/libsdl-1.2.14-r5 resolves it. The following commands can be used to test the patch:

ebuild $(equery which media-libs/libsdl-1.2.14-r5) prepare
cd /var/tmp/portage/media-libs/libsdl-1.2.14-r5/work/SDL-1.2.14
wget -O - http://bugzilla.libsdl.org/attachment.cgi?id=574 | patch --dry-run -p1
ebuild $(equery which media-libs/libsdl-1.2.14-r5) merge

The other ebuild versions, including the media-libs/libsdl-1.2.13-r1 ebuild used by stable, are also affected. The following commands can be used to test the patch with media-libs/libsdl-1.2.13-r1:

ebuild $(equery which media-libs/libsdl-1.2.13-r1) prepare
cd /var/tmp/portage/media-libs/libsdl-1.2.13-r1/work/SDL-1.2.13
wget -O - http://bugzilla.libsdl.org/attachment.cgi?id=574 | patch --dry-run -p1
ebuild $(equery which media-libs/libsdl-1.2.13-r1) merge

The reason we are seeing this issue in programs that rely on libsdl now is because of a change to glibc's memcpy() function late last year. The old implementation allowed programs to call memcpy() on overlapping regions. The new implementation copies memory in reverse, which broke any code that relied on the old implementation. The assumption that memcpy() works between overlapping regions of memory is illegal under ANSI C. There is a fairly lengthy bug report at the Fedora Linux bug tracker about this where Linus Torvalds commented on the issue:

https://bugzilla.redhat.com/show_bug.cgi?id=638477

I recommend inserting media-libs/libsdl-1.2.13-r2 and media-libs/libsdl-1.2.14-r6 into the portage tree with this patch. I also strongly recommend removing the existing ebuilds from the portage tree.
Comment 1 Richard 2011-03-06 19:14:27 UTC
I made a small mistake in my previous comment. The commands to test the application of this patch to unstable should be:

ebuild $(equery which media-libs/libsdl-1.2.14-r5) prepare
cd /var/tmp/portage/media-libs/libsdl-1.2.14-r5/work/SDL-1.2.14
wget -O - http://bugzilla.libsdl.org/attachment.cgi?id=574 | patch -p1
ebuild $(equery which media-libs/libsdl-1.2.14-r5) merge

The commands to test the application of this patch to stable should be:

ebuild $(equery which media-libs/libsdl-1.2.13-r1) prepare
cd /var/tmp/portage/media-libs/libsdl-1.2.13-r1/work/SDL-1.2.13
wget -O - http://bugzilla.libsdl.org/attachment.cgi?id=574 | patch -p1
ebuild $(equery which media-libs/libsdl-1.2.13-r1) merge

Sorry about any confusion my mistake might have caused. I had already modified the ebuild in a local overlay, so when I was testing these commands, I had to first reverse the patch and then apply it. I accidentally copied one of the --dry-run commands I had done during the course of this and then carried that mistake over the other set I had posted.
Comment 2 Richard 2011-03-06 19:23:32 UTC
I just noticed that sys-libs/glibc-2.13-r1 is keyworded, so anyone affected by this is likely using the unstable tree. Please disregard the instructions I posted for users of the stable tree. As long as they do not unkeyword glibc, they will likely not need to worry about this.
Comment 3 Richard 2011-03-06 19:24:26 UTC
(In reply to comment #2)
> I just noticed that sys-libs/glibc-2.13-r1 is keyworded, so anyone affected by
> this is likely using the unstable tree. Please disregard the instructions I
> posted for users of the stable tree. As long as they do not unkeyword glibc,
> they will likely not need to worry about this.
> 

Actually disregard comment #2. That was meant for bug #354175. I posted it in this bug by mistake.
Comment 4 Mr. Bones. (RETIRED) gentoo-dev 2011-03-08 22:10:00 UTC
fixed in libsdl-1.2.14-r6
Comment 5 Richard 2011-03-09 01:53:06 UTC
(In reply to comment #4)
> fixed in libsdl-1.2.14-r6

libsdl-1.2.13-r1 also misuses memcpy(), so you might want to patch it too. Otherwise, this issue will occur again when glibc-2.13 becomes stable.
Comment 6 Mr. Bones. (RETIRED) gentoo-dev 2011-03-09 02:24:44 UTC
guess we'll mark the later version of libsdl stable before making glibc-2.13 stable.