Comment 0 for bug 130376

The build machine behind cdimage.ubuntu.com was recently upgraded to edgy/amd64. While testing the new system, I found that mkisofs segfaulted while trying to build Ubuntu alternate install CD images. Investigation showed that this is due to incorrect linked list code used while constructing the JTE include and exclude lists for jigdo file generation. This is unlikely to affect normal users of mkisofs, but affects those trying to build Debian or Ubuntu CD images.

This is also Debian bug 411873, and I've sent a patch there.

Since the crash is rather dependent on precise details of stack layout, it's not necessarily easy to reproduce directly. However, valgrind picks it up with no trouble. Steps to reproduce on an edgy system with mkisofs and valgrind installed (for feisty and gutsy, substitute "genisoimage" for "mkisofs" throughout:

  mkdir -p /tmp/mkisofs-test
  cd /tmp/mkisofs-test
  mkdir -p t/pool
  dd if=/dev/zero of=t/file bs=1024 count=100
  touch md5
  valgrind mkisofs -o t.iso -jigdo-jigdo t.jigdo -jigdo-template t.template -md5-list md5 -jigdo-force-md5 /pool/ t

The output will contain an error similar to the following (exact numbers are unimportant):

  ==8624== Conditional jump or move depends on uninitialised value(s)
  ==8624== at 0x42BB38: (within /usr/bin/mkisofs)
  ==8624== by 0x40E7D6: (within /usr/bin/mkisofs)
  ==8624== by 0x40EBD9: (within /usr/bin/mkisofs)
  ==8624== by 0x40460E: main (in /usr/bin/mkisofs)
  ==8624== by 0x4C570C3: (below main) (in /lib/libc-2.4.so)

The patch affects only JTE code, so (barring regressions due simply to rebuilding cdrtools), other uses of mkisofs will not be affected. Typical uses of mkisofs to build simple ISO images from a tree of files on disk do not use JTE; it is an advanced feature for use by distributors of heavily-downloaded ISO images.