[UBUNTU] - glibc: z15 (s390x) strstr implementation can return incorrect result if search string cross page boundary

Bug #1854326 reported by bugproxy on 2019-11-28
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
High
Skipper Bug Screeners
glibc (Ubuntu)
High
Canonical Foundations Team
Eoan
High
Unassigned

Bug Description

[Impact]

glibc: strstr(): Invalid result if needle crosses page on s390-z15 ifunc variant.
If the specified needle crosses a page-boundary, the s390-z15 ifunc variant of
strstr truncates the needle which results in invalid results.

Example:
needle = "Hello" <page-boundary> "World"
really used needle = "Hello"
haystack = "abc HelloBug def"
result = "HelloBug def"

This only happens if the needle before page-boundary contains 9 or less characters.

See upstream-glibc bugzilla "Bug 25226 - strstr: Invalid result if needle crosses page on s390-z15 ifunc variant."
(https://sourceware.org/bugzilla/show_bug.cgi?id=25226)

Fixed with upstream-glibc commit "S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant. [BZ #25226]"
(https://sourceware.org/git/?p=glibc.git;a=commit;h=bfdb731438206b0f70fe7afa890681155c30b419)

Please backport this commit to Ubuntu 19.10, which includes glibc 2.30

Already backported to upstream-glibc-release-branch-2.30:
https://sourceware.org/git/?p=glibc.git;a=commit;h=f4419b0d0181da28f18cba40068f2e75300f5020

glibc 2.31 (tentativ GA 2020-02-01) will have this fix integrated.
If this version will not be picked finally, then this fix is also needed for 20.04

[Test Case]

 * glibc builds and passes testsuite, as the commit to backport includes comprehensive testsuite for the problem in question in the glibc api.

[Regression Potential]

 * Fix released in focal, and available from stable upstream branches.
 * all autopkgtests will be triggered, implying that comprehensive test coverage will execute on all architectues.

bugproxy (bugproxy) on 2019-11-28
tags: added: architecture-s39064 bugnameltc-182602 severity-high targetmilestone-inin1910
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → glibc (Ubuntu)
Frank Heimes (fheimes) on 2019-11-28
Changed in ubuntu-z-systems:
status: New → Triaged
importance: Undecided → High
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
Changed in glibc (Ubuntu):
importance: Undecided → High
assignee: Skipper Bug Screeners (skipper-screen-team) → Canonical Foundations Team (canonical-foundations)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package glibc - 2.30-0ubuntu3

---------------
glibc (2.30-0ubuntu3) focal; urgency=medium

  * Cherrypick upstream fix for strstr on s390x z15. LP: #1854326

 -- Dimitri John Ledkov <email address hidden> Fri, 29 Nov 2019 14:19:57 +0000

Changed in glibc (Ubuntu):
status: New → Fix Released
Frank Heimes (fheimes) on 2019-12-16
Changed in ubuntu-z-systems:
status: Triaged → In Progress

------- Comment From <email address hidden> 2019-12-17 04:21 EDT-------
Hi,

I've installed Ubuntu 20.04 with glibc (2.30-0ubuntu3) and checked that the fix is included.
Thanks.

Will this fix also be available for Ubuntu 19.10 where this z15 strstr ifunc variant is also available?

description: updated

Hello bugproxy, or anyone else affected,

Accepted glibc into eoan-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/glibc/2.30-0ubuntu2.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-eoan to verification-done-eoan. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-eoan. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in glibc (Ubuntu Eoan):
status: New → Fix Committed
tags: added: verification-needed verification-needed-eoan
Frank Heimes (fheimes) on 2020-02-10
Changed in ubuntu-z-systems:
status: In Progress → Fix Committed

------- Comment From <email address hidden> 2020-02-10 11:34 EDT-------
Comment from IBM Dev:
I've installed Ubuntu 19.10 with libc6/eoan-proposed 2.30-0ubuntu2.1 and checked with an own test-program that the fix is included.
--> verfied

Frank Heimes (fheimes) wrote :

Many thx for the verification - I'm adjusting the tags accordingly.

tags: added: verification-done verification-done-eoan
removed: verification-needed verification-needed-eoan
Ernst Sjöstrand (ernstp) wrote :

That i386 build failure in eoan-proposed is quite annoying:

https://launchpad.net/ubuntu/+source/glibc/2.30-0ubuntu2.1/+build/18674640

Makes build-essential uninstallable for example...

Leon (lehjr) wrote :

"That i386 build failure in eoan-proposed is quite annoying"

More than just that, it makes things like Steam and Wine 32 bit libs uninstallable.

is 2.30-0ubuntu3 from "The Focal Fossa" a drop in replacement?

pvdeynse (vandeynse) wrote :

yes i have same problem, Wine is no longer working, and if i reinstall Wine than it breaks my nvidia-340 driver. It took me 2 days to downgrade glibc from 2.30-0ubuntu2.1 to 2.30-0ubuntu2 all is working fine again but "Software Updater" now complains that not all updates can be installed and asks me to run a partial upgrade.

jscmal (jscmal) wrote :

I have no problem on my ubuntu installation.

But this file with another one (or more) of GNU C are still not ready to be updated.

I am waiting for days now. This situation begins to worry.

I hope to see every problem solved soon.

bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2020-02-17 02:51 EDT-------
It's unclear to me, why a s390x-only change leads to i386 fails.
Have you just backported the single commit or have you done further changes (further commits / sync from Ubuntu 19.10 to Ubuntu 20.04 libc6-package / package files)?

Łukasz Zemczak (sil2100) wrote :

Ok, so I have re-triggered the i386 build and this time it built correctly, so the i386-caused issues should have disappeared. I will be releasing the SRU if everything seems to work properly now.

Download full text (4.0 KiB)

All autopkgtests for the newly accepted glibc (2.30-0ubuntu2.1) for eoan have finished running.
The following regressions have been reported in tests triggered by the package:

syncthing/1.1.4~ds1-4 (i386)
libscalar-util-numeric-perl/0.40-1build4 (armhf)
resource-agents/1:4.2.0-1ubuntu2 (armhf)
libdevice-cdio-perl/unknown (armhf)
libperlio-eol-perl/unknown (armhf)
heaptrack/1.1.0+20180922.gitf752536-4 (armhf)
timew/1.1.1+ds.1-1 (armhf)
donkey/1.2.0-4 (armhf)
zope.interface/unknown (armhf)
smcroute/2.4.2-4 (i386)
libcompress-raw-zlib-perl/2.087-1 (armhf)
fclib/3.0.0+dfsg-2build1 (s390x)
gemma/0.98.1+dfsg-1 (armhf)
feersum/1.407-1 (arm64)
yorick/unknown (armhf)
r-cran-msm/1.6.7-1 (ppc64el)
mercurial/4.8.2-1ubuntu4 (armhf)
libposix-2008-perl/0.16-1build1 (armhf)
r-cran-bitops/unknown (armhf)
systemd/242-7ubuntu3.7 (i386)
libtext-metaphone-perl/unknown (armhf)
libimage-sane-perl/0.14-1build3 (s390x)
libclass-methodmaker-perl/2.24-1build5 (armhf)
morbig/unknown (i386)
protobuf/unknown (armhf)
libterm-size-perl/0.209-1build1 (armhf)
natsort/6.0.0-1 (ppc64el, s390x, armhf, i386, amd64, arm64)
mysql-8.0/8.0.19-0ubuntu0.19.10.3 (i386, amd64, arm64)
octave-ltfat/unknown (armhf)
libreoffice/1:6.3.4-0ubuntu0.19.10.1 (armhf, arm64)
libmsgcat-perl/1.03-7build1 (armhf)
libnet-ssleay-perl/1.88-0ubuntu1 (i386)
libkcddb/4:19.04.3-0ubuntu1 (ppc64el, s390x, armhf, i386, amd64, arm64)
libstring-similarity-perl/1.04-2build1 (armhf)
libbit-vector-perl/7.4-1build5 (i386)
snpomatic/1.0-4 (i386)
wireguard/0.0.20190913-1ubuntu1 (i386, ppc64el, armhf, amd64, s390x)
sbd/1.4.0-18-g5e3283c-1ubuntu1 (amd64)
rtags/2.33-2 (i386)
iproute2/unknown (armhf)
openssh/1:8.0p1-6build1 (ppc64el, s390x, armhf, i386, amd64, arm64)
ruby-nokogumbo/unknown (armhf)
ruby-libxml/3.1.0-1 (s390x)
mpi4py/3.0.2-13 (armhf)
libunix-syslog-perl/1.1-3build1 (armhf)
python3-lxc/1:3.0.4-1ubuntu3 (i386, amd64)
smalt/0.7.6-8 (i386)
ikiwiki-hosting/0.20180719-1build1 (armhf)
pango1.0/1.42.4-7 (amd64)
apache2/2.4.41-1ubuntu1 (armhf)
ignition-math2/unknown (armhf)
tdb/unknown (armhf)
segyio/unknown (armhf)
aspcud/unknown (armhf)
libhttp-parser-xs-perl/unknown (armhf)
openjdk-8/8u242-b08-0ubuntu3~19.10 (armhf)
ruby-mysql2/0.5.2-1ubuntu2 (armhf)
pg-snakeoil/1.1-1build1 (ppc64el, s390x, armhf, i386, amd64, arm64)
libpar-packer-perl/1.047-1build1 (armhf)
r-cran-processx/3.4.1-1 (s390x)
libcrypt-rijndael-perl/unknown (armhf)
libcrypt-openssl-dsa-perl/0.19-1build3 (armhf)
libsys-cpu-perl/0.61-2build3 (armhf)
libautovivification-perl/unknown (armhf)
libhtml-strip-perl/unknown (armhf)
lxc/3.0.4-0ubuntu1 (amd64)
exonerate/unknown (armhf)
gvfs/1.42.1-1ubuntu1 (amd64, arm64)
subvertpy/unknown (armhf)
libperlio-utf8-strict-perl/unknown (armhf)
gcc-snapshot/1:20191008-1ubuntu1 (armhf)
libuv1/unknown (armhf)
ruby-rblineprof/0.3.7-2 (armhf)
libencode-hanextra-perl/0.23-5build1 (armhf)
r-bioc-delayedarray/0.10.0+dfsg-1 (armhf)
tracker/2.3.0-1 (armhf)
libyaml-libyaml-perl/0.80+repack-1 (armhf)
knotifyconfig/unknown (armhf)
r-cran-geepack/unknown (armhf)
libfuture-asyncawait-perl/0.32-1 (arm64)
pyzmq/17.1.2-3ubuntu1 (amd64, arm64)
ncurses/unknown (armhf)
flog/unknown (armhf)
openjdk-lts/blacklisted (arm64)
reprotest/0.7.9 (i...

Read more...

Mathew Hodson (mhodson) on 2020-02-25
Changed in glibc (Ubuntu Eoan):
importance: Undecided → High
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package glibc - 2.30-0ubuntu2.1

---------------
glibc (2.30-0ubuntu2.1) eoan; urgency=medium

  * Cherrypick upstream fix for strstr on s390x z15. LP: #1854326

 -- Dimitri John Ledkov <email address hidden> Fri, 29 Nov 2019 14:19:57 +0000

Changed in glibc (Ubuntu Eoan):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for glibc has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Changed in ubuntu-z-systems:
status: Fix Committed → Fix Released

------- Comment From <email address hidden> 2020-02-28 04:17 EDT-------
IBM Bugzilla status -> closed, Fix Released by all requested distros.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers