mawk memory corruption on recent tzdb data
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mawk (Ubuntu) |
Triaged
|
Medium
|
Unassigned |
Bug Description
mawk corrupts memory and dumps core when processing recent tzdb releases. Although Ubuntu users can work around the problem by using 'make AWK=gawk', it would be better if ordinary 'make' worked (where AWK defaults to awk, and awk on Ubuntu defaults to mawk.
Since this is memory corruption there may well be a security vulnerability in mawk. I have not checked for this, though.
A simple fix would be to upgrade mawk to the current upstream release. I see that there's already a request to do that; see Bug#1332114. I don't know why Debian and Ubuntu are wedged on an ancient upstream version.
To reproduce the problem, download the most recent tzdb release and run 'make AWK=mawk vanguard.zi'. A shell transcript follows. I ran this on Ubuntu 16.04.4 LTS x86-64; 'dpkg -s mawk' reports 'Version: 1.3.3-17ubuntu2'. The shell commands I ran were:
wget https:/
tar xf tzdb-2018e.tar.lz
cd tzdb-2018e
make AWK=mawk vanguard.zi
Here's the behavior I observed:
$ wget https:/
--2018-07-18 04:09:59-- https:/
Resolving www.iana.org (www.iana.org)... 192.0.32.8, 2620:0:2d0:200::8
Connecting to www.iana.org (www.iana.
HTTP request sent, awaiting response... 302 FOUND
Location: https:/
--2018-07-18 04:10:00-- https:/
Resolving data.iana.org (data.iana.org)... 72.21.81.189, 2606:2800:
Connecting to data.iana.org (data.iana.
HTTP request sent, awaiting response... 200 OK
Length: 437679 (427K) [application/x-tar]
Saving to: ‘tzdb-2018e.tar.lz’
tzdb-2018e.tar.lz 100%[==
2018-07-18 04:10:00 (6.49 MB/s) - ‘tzdb-2018e.tar.lz’ saved [437679/437679]
$ tar xf tzdb-2018e.tar.lz
$ cd tzdb-2018e
$ make AWK=mawk vanguard.zi
mawk -v DATAFORM=`expr vanguard.zi : '\(.*\).zi'` -f ziguard.awk \
africa antarctica asia australasia europe northamerica southamerica etcetera systemv factory backward >vanguard.zi.out
*** Error in `mawk': malloc(): memory corruption: 0x0000000001ebc4f0 ***
======= Backtrace: =========
/lib/x86_
/lib/x86_
/lib/x86_
mawk[0x40ff0f]
mawk[0x405dff]
mawk[0x40e1e0]
mawk[0x406b6e]
mawk[0x40185d]
/lib/x86_
mawk[0x40188d]
======= Memory map: ========
00400000-0041b000 r-xp 00000000 08:01 2622228 /usr/bin/mawk
0061a000-0061b000 r--p 0001a000 08:01 2622228 /usr/bin/mawk
0061b000-0061d000 rw-p 0001b000 08:01 2622228 /usr/bin/mawk
0061d000-00621000 rw-p 00000000 00:00 0
01ea0000-01ec1000 rw-p 00000000 00:00 0 [heap]
7fb094000000-
7fb094021000-
7fb098482000-
7fb098498000-
7fb098697000-
7fb098698000-
7fb098858000-
7fb098a58000-
7fb098a5c000-
7fb098a5e000-
7fb098a62000-
7fb098b6a000-
7fb098d69000-
7fb098d6a000-
7fb098d6b000-
7fb098f69000-
7fb098f8f000-
7fb098f90000-
7fb098f91000-
7fb098f92000-
7ffc1066f000-
7ffc106a1000-
7ffc106a4000-
ffffffffff60000
Aborted (core dumped)
Makefile:565: recipe for target 'vanguard.zi' failed
make: *** [vanguard.zi] Error 134
$
Thank you for taking the time to report this bug and helping to make Ubuntu better.
Reproduced on Xenial. I had to install "make" and "lzip".