Update Package request for libservicelog
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
The Ubuntu-power-systems project |
Fix Released
|
High
|
Canonical Foundations Team | ||
libservicelog (Ubuntu) |
Fix Released
|
High
|
Steve Langasek | ||
Xenial |
Fix Released
|
High
|
Łukasz Zemczak |
Bug Description
[Impact]
Update Package request for libservicelog. Some upstream patches have been requested to be included in both bionic and xenial. The addressed issues can potentially affect customer environments, causing possible segmentation faults.
[Test Case]
The packages will be validated by the requesting party (see original description).
Besides making sure servicelog does not segfault anymore and performing general dogfooding, the upstream test-suite will need to be run and made sure to pass on the affected systems.
[Regression Potential]
Hard to assess but the requested patches have been in upstream trunk since at least a year and no issues have been reported - changes also present in Debian and Ubuntu bionic since last year.
[Original Description]
---Problem Description---
Update Package request for libservicelog
Machine Type = lpar
---Steps to Reproduce---
servicelog --dump
---uname output---
Linux tuleta4u-lp9 4.10.0-27-generic #30~16.04.2-Ubuntu SMP Thu Jun 29 16:06:52 UTC 2017 ppc64le ppc64le ppc64le GNU/Linux
Please pull below mentioned patches for libservicelog package
commit 4fe9d9239f17260
Author: Ankit Kumar <email address hidden>
Date: Sat May 20 01:38:41 2017 +0530
Validate text string before and after bind call
While binding string to query, if string is NULL then bind call gets ignored.
While fetching data from string, if data is NULL then current code makes query
as NULL and returns.
This patch validates text string before and after bind call. It assigns string
to "" incase data is NULL points to NULL pointer. After this we will be able
to display information even if some of string data is NULL.
It also does NULL checks for compulsory string.
Signed-off-by: Ankit Kumar <email address hidden>
[Killed redundant goto statements - Vasant]
Signed-off-by: Vasant Hegde <email address hidden>
commit 787594814eb88e3
Author: Ankit Kumar <email address hidden>
Date: Sat May 20 01:10:49 2017 +0530
Correct string length calculation and validates destination buffer size before strncpy
This patch corrects string length calculation logic and validates destination
buffer size before calling strncpy to avoid memory corruption.
Signed-off-by: Ankit Kumar <email address hidden>
[Moved memset to right place and removed redundant condition check -
Vasant]
Signed-off-by: Vasant Hegde <email address hidden>
commit 48875ee8614eeef
Author: Ankit Kumar <email address hidden>
Date: Thu Sep 15 16:16:49 2016 +0530
NULL check before strdup call
This patch does "NULL checks" before passing argument to strdup call.
Signed-off-by: Ankit Kumar <email address hidden>
Signed-off-by: Vasant Hegde <email address hidden>
commit 40b4f7a52e61fb9
Author: Ankit Kumar <email address hidden>
Date: Thu Sep 15 16:16:48 2016 +0530
NULL check before strlen call
This patch checks NULL pointer before strlen call.
Signed-off-by: Ankit Kumar <email address hidden>
[Fixed build warning - Vasant]
Signed-off-by: Vasant Hegde <email address hidden>
tags: | added: architecture-ppc64 bugnameltc-156869 severity-high targetmilestone-inin16044 |
Changed in ubuntu: | |
assignee: | nobody → Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) |
affects: | ubuntu → libservicelog (Ubuntu) |
Changed in ubuntu-power-systems: | |
importance: | Undecided → High |
tags: | added: upgrade-software-version |
Changed in ubuntu-power-systems: | |
assignee: | nobody → Canonical Foundations Team (canonical-foundations) |
tags: | added: triage-g |
Changed in libservicelog (Ubuntu): | |
assignee: | Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) → Canonical Foundations Team (canonical-foundations) |
importance: | Undecided → High |
tags: |
added: triage-r removed: triage-g |
Changed in libservicelog (Ubuntu): | |
assignee: | Canonical Foundations Team (canonical-foundations) → Steve Langasek (vorlon) |
status: | New → Fix Committed |
Changed in libservicelog (Ubuntu Xenial): | |
assignee: | nobody → Canonical Foundations Team (canonical-foundations) |
tags: | added: id-59a4c1e54b49b47985c45376 |
tags: |
added: triage-g removed: triage-a |
tags: |
added: triage-a removed: triage-g |
Changed in ubuntu-power-systems: | |
status: | New → Incomplete |
status: | Incomplete → Triaged |
Changed in libservicelog (Ubuntu Xenial): | |
importance: | Undecided → High |
tags: |
added: triage-r removed: triage-a |
Changed in libservicelog (Ubuntu Xenial): | |
status: | Incomplete → Triaged |
tags: |
added: triage-g removed: triage-r |
tags: |
added: triage-a removed: triage-g |
Changed in libservicelog (Ubuntu Xenial): | |
assignee: | Canonical Foundations Team (canonical-foundations) → Łukasz Zemczak (sil2100) |
status: | Triaged → In Progress |
Changed in ubuntu-power-systems: | |
status: | Triaged → Incomplete |
tags: |
added: triage-g removed: triage-a |
Changed in libservicelog (Ubuntu Xenial): | |
status: | Incomplete → Triaged |
Changed in ubuntu-power-systems: | |
status: | Incomplete → Triaged |
description: | updated |
Changed in ubuntu-power-systems: | |
status: | Triaged → Fix Committed |
Changed in ubuntu-power-systems: | |
status: | Fix Committed → Fix Released |
For 17.10, I've attempted to upload the 1.1.18 upstream version rather than cherry-picking individual fixes. However, the package fails to build on the Ubuntu builders due to a series of bugs.
- when the test binary is built, it is linked against libservicelog.so, not libservicelog.la. This means that there is no libtool wrapper script to set the path; and the test binary only ever works if there is an already-installed version of libservicelog on the system path which is being tested instead of the just-built version. libservicelog/ does not already exist on the system, servicelog_open() will *always* fail.
- if servicelog_open() returns a failure, test_libservicelog segfaults because it tries to dereference a null pointer.
- if /var/lib/
I've written patches for the first two issues; but the hard-coding of a system path in the library makes it difficult to fix the third issue in a way that is compatible with an unprivileged build environment.
I'm attaching the two patches, and will disable the test suite in the Ubuntu package pending resolution of the third issue. This is not a regression since the test suite is new since 1.1.16.