Re: Two valgrind errors

help-libtasn1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Two valgrind errors

From:	Simon Josefsson
Subject:	Re: Two valgrind errors
Date:	Mon, 24 Oct 2011 13:40:39 +0200
User-agent:	Gnus/5.110018 (No Gnus v0.18) Emacs/23.2 (gnu/linux)

Dan Kegel <address@hidden> writes:

> Hi,
> while valgrinding the wine conformance test suite (over and over and
> over again, getting ready to do this on buildbot),
> I saw the following warnings:
>
> Invalid read of size 4
>    at 0x51966F3: asn1_der_coding (in
>    /usr/lib/i386-linux-gnu/libtasn1.so.3.1.11)

Can you get line numbers for the libtasn1 code?  Your other post had
debug symbols for GnuTLS, but not for Libtasn1.  There is a
'libtasn1-3-dbg' package.

> I've installed debugging symbols, so I can probably give a better backtrace
> next time I hit these, if you like.
> That first error has been noted before on the web:
> http://www.mail-archive.com/address@hidden/msg935627.html
> http://meego.gitorious.org/meego-middleware/syncevolution/commit/c890b7f6e45e4ef915c135544dd5dd198339d1ba/diffs
> so it's not just me :-)

It may be a problem with the compiler optimizing strlen calls, but
without line numbers it is difficult to tell.

> Is there a more secure way to report this kind of error?

You can PGP/MIME sign your post, if that is what you meant. :-)

Read-out-of-bound is generally not a security problem, unless the code
uses the out of bound data for something.

/Simon

[Prev in Thread]

Current Thread

[Next in Thread]

Two valgrind errors, Dan Kegel, 2011/10/21
- Re: Two valgrind errors, Dan Kegel, 2011/10/21
- Re: Two valgrind errors, Simon Josefsson <=
  - Re: Two valgrind errors, Dan Kegel, 2011/10/24
    - Re: Two valgrind errors, Simon Josefsson, 2011/10/24

Prev by Date: Re: Two valgrind errors
Next by Date: Re: Two valgrind errors
Previous by thread: Re: Two valgrind errors
Next by thread: Re: Two valgrind errors
Index(es):
- Date
- Thread