Ubuntu
gedit package

Zeitgeist plugin read/write after free on datasource registration

Bug #1477983 reported by Steve Dodier-Lazaro
12
This bug affects 3 people
Affects Status Importance Assigned to Milestone
gedit
Fix Released
Medium
gedit (Ubuntu)
Fix Released
Medium
Unassigned
Trusty
Triaged
Medium
Unassigned
Vivid
Triaged
Medium
Unassigned
Wily
Fix Released
Medium
Unassigned

Bug Description

The Zeitgeist plugin creates a GPtrArray to give to libzeitgeist when registering a Zeitgeist datasource. libzeitgeist internally sinks this reference, but the plugin assumes the GPtrArray to still be available and later attempts to unref it.

The attached patch adds a reference to the GPtrArray to keep it available until the end of the plugin's initialisation code, where it is unrefed. The patch is designed to integrate with quilt on top of gedit 3.10.4-0ubuntu10.

The upstream bug report is https://bugzilla.gnome.org/show_bug.cgi?id=752824.

Tags: patch
Revision history for this message
Steve Dodier-Lazaro (sidi) wrote :
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "fix_read_after_free.patch" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

tags: added: patch
Revision history for this message
Robert Ancell (robert-ancell) wrote :

It's possible that bug 1232987, bug 1273230 and bug 1382792 may be duplicates of this.

Changed in gedit (Ubuntu):
importance: Undecided → High
status: New → Triaged
Robert Ancell (robert-ancell)
Changed in gedit (Ubuntu Vivid):
status: New → Triaged
Changed in gedit (Ubuntu Wily):
importance: High → Medium
Changed in gedit (Ubuntu Vivid):
importance: Undecided → Medium
Changed in gedit (Ubuntu Trusty):
importance: Undecided → Medium
status: New → Triaged
Robert Ancell (robert-ancell)
Changed in gedit (Ubuntu Wily):
status: Triaged → Fix Committed
Bug Watch Updater (bug-watch-updater)
Changed in gedit:
importance: Unknown → Medium
status: Unknown → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gedit - 3.10.4-0ubuntu13

---------------
gedit (3.10.4-0ubuntu13) wily; urgency=medium

  * debian/patches/git_zeitgeist_crash.patch:
    - Fix crash in Zeitgeist plugin (LP: #1477983)

 -- Robert Ancell <email address hidden> Thu, 13 Aug 2015 10:26:53 +1200

Changed in gedit (Ubuntu Wily):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.