| 2019-11-26 13:09:03 |
Dan Streetman |
bug |
|
|
added bug |
| 2019-11-26 13:09:17 |
Dan Streetman |
nominated for series |
|
Ubuntu Disco |
|
| 2019-11-26 13:09:17 |
Dan Streetman |
bug task added |
|
cachefilesd (Ubuntu Disco) |
|
| 2019-11-26 13:09:17 |
Dan Streetman |
nominated for series |
|
Ubuntu Bionic |
|
| 2019-11-26 13:09:17 |
Dan Streetman |
bug task added |
|
cachefilesd (Ubuntu Bionic) |
|
| 2019-11-26 13:09:17 |
Dan Streetman |
nominated for series |
|
Ubuntu Focal |
|
| 2019-11-26 13:09:17 |
Dan Streetman |
bug task added |
|
cachefilesd (Ubuntu Focal) |
|
| 2019-11-26 13:09:17 |
Dan Streetman |
nominated for series |
|
Ubuntu Eoan |
|
| 2019-11-26 13:09:17 |
Dan Streetman |
bug task added |
|
cachefilesd (Ubuntu Eoan) |
|
| 2019-11-26 13:21:27 |
Dan Streetman |
nominated for series |
|
Ubuntu Xenial |
|
| 2019-11-26 13:21:27 |
Dan Streetman |
bug task added |
|
cachefilesd (Ubuntu Xenial) |
|
| 2019-11-26 13:21:41 |
Dan Streetman |
cachefilesd (Ubuntu Xenial): status |
New |
Invalid |
|
| 2019-11-26 13:21:45 |
Dan Streetman |
cachefilesd (Ubuntu Bionic): status |
New |
Triaged |
|
| 2019-11-26 13:21:48 |
Dan Streetman |
cachefilesd (Ubuntu Bionic): status |
Triaged |
In Progress |
|
| 2019-11-26 13:21:50 |
Dan Streetman |
cachefilesd (Ubuntu Disco): status |
New |
In Progress |
|
| 2019-11-26 13:21:51 |
Dan Streetman |
cachefilesd (Ubuntu Eoan): status |
New |
In Progress |
|
| 2019-11-26 13:21:53 |
Dan Streetman |
cachefilesd (Ubuntu Focal): status |
New |
In Progress |
|
| 2019-11-26 13:21:56 |
Dan Streetman |
cachefilesd (Ubuntu Focal): assignee |
|
Dan Streetman (ddstreet) |
|
| 2019-11-26 13:21:57 |
Dan Streetman |
cachefilesd (Ubuntu Eoan): assignee |
|
Dan Streetman (ddstreet) |
|
| 2019-11-26 13:21:59 |
Dan Streetman |
cachefilesd (Ubuntu Disco): assignee |
|
Dan Streetman (ddstreet) |
|
| 2019-11-26 13:22:01 |
Dan Streetman |
cachefilesd (Ubuntu Bionic): assignee |
|
Dan Streetman (ddstreet) |
|
| 2019-11-26 13:22:05 |
Dan Streetman |
cachefilesd (Ubuntu Focal): importance |
Undecided |
Low |
|
| 2019-11-26 13:22:07 |
Dan Streetman |
cachefilesd (Ubuntu Eoan): importance |
Undecided |
Low |
|
| 2019-11-26 13:22:09 |
Dan Streetman |
cachefilesd (Ubuntu Focal): importance |
Low |
Medium |
|
| 2019-11-26 13:22:11 |
Dan Streetman |
cachefilesd (Ubuntu Eoan): importance |
Low |
Medium |
|
| 2019-11-26 13:22:13 |
Dan Streetman |
cachefilesd (Ubuntu Disco): importance |
Undecided |
Medium |
|
| 2019-11-26 13:22:15 |
Dan Streetman |
cachefilesd (Ubuntu Bionic): importance |
Undecided |
Medium |
|
| 2019-11-26 13:23:10 |
Dan Streetman |
description |
[impact]
the build_cull_table() function scans through elements up to nr_in_ready_table/nr_in_build_table, and performs actions if a match was found; however the match detection logic simply compares the for loop index against nr_in_*_table - 1, which underflows when 0, resulting in incorrect if section being run and then segfaulting.
[test case]
this is difficult to reproduce and it's unclear the specific conditions that can reproduce it, but it has been reported to happen and review of the code shows it clearly could happen.
[regression potential]
this simply moves the -1 over to the for loop counter as a +1, so the most likely regression would be a for loop counter overflow. However that should not happen as the culltable_size is limited to 4096, and the for loop counter is unsigned int; so it should be safe from overflow. Any other regression would likely involve a similar result as the current bug, a segfault. |
[impact]
the build_cull_table() function scans through elements up to nr_in_ready_table/nr_in_build_table, and performs actions if a match was found; however the match detection logic simply compares the for loop index against nr_in_*_table - 1, which underflows when 0, resulting in incorrect if section being run and then segfaulting.
[test case]
this is difficult to reproduce and it's unclear the specific conditions that can reproduce it, but it has been reported to happen and review of the code shows it clearly could happen.
[regression potential]
this simply moves the -1 over to the for loop counter as a +1, so the most likely regression would be a for loop counter overflow. However that should not happen as the culltable_size is limited to 4096, and the for loop counter is unsigned int; so it should be safe from overflow. Any other regression would likely involve a similar result as the current bug, a segfault.
[other info]
this bug does not exist in Xenial, as the counters there are signed ints, so underflow (from 0) does not happen. |
|
| 2019-11-26 13:51:21 |
Dan Streetman |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945527 |
|
| 2019-11-26 13:51:21 |
Dan Streetman |
bug task added |
|
cachefilesd (Debian) |
|
| 2019-11-26 16:09:47 |
Bug Watch Updater |
cachefilesd (Debian): status |
Unknown |
New |
|
| 2019-11-26 16:14:25 |
Launchpad Janitor |
cachefilesd (Ubuntu Focal): status |
In Progress |
Fix Released |
|
| 2019-11-29 11:23:26 |
Timo Aaltonen |
cachefilesd (Ubuntu Eoan): status |
In Progress |
Fix Committed |
|
| 2019-11-29 11:23:29 |
Timo Aaltonen |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2019-11-29 11:23:32 |
Timo Aaltonen |
bug |
|
|
added subscriber SRU Verification |
| 2019-11-29 11:23:37 |
Timo Aaltonen |
tags |
|
verification-needed verification-needed-eoan |
|
| 2019-11-29 11:30:41 |
Timo Aaltonen |
cachefilesd (Ubuntu Disco): status |
In Progress |
Fix Committed |
|
| 2019-11-29 11:30:48 |
Timo Aaltonen |
tags |
verification-needed verification-needed-eoan |
verification-needed verification-needed-disco verification-needed-eoan |
|
| 2019-11-29 11:32:02 |
Timo Aaltonen |
cachefilesd (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2019-11-29 11:32:08 |
Timo Aaltonen |
tags |
verification-needed verification-needed-disco verification-needed-eoan |
verification-needed verification-needed-bionic verification-needed-disco verification-needed-eoan |
|
| 2020-01-09 16:45:19 |
Dan Streetman |
tags |
verification-needed verification-needed-bionic verification-needed-disco verification-needed-eoan |
verification-done verification-done-bionic verification-done-disco verification-done-eoan |
|
| 2020-01-13 07:36:19 |
Launchpad Janitor |
cachefilesd (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
| 2020-01-13 07:36:22 |
Ćukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2020-01-13 07:58:11 |
Launchpad Janitor |
cachefilesd (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2020-01-16 11:28:14 |
Launchpad Janitor |
cachefilesd (Ubuntu Disco): status |
Fix Committed |
Fix Released |
|
| 2024-05-08 19:26:32 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~liushuyu-011/ubuntu/+source/cachefilesd/+git/cachefilesd/+merge/465799 |
|
