[wcslib] 10/11: Temporarily add fixes for -fsanitize=address problems

Ole Streicher olebole at moszumanska.debian.org
Wed Apr 8 09:06:40 UTC 2015 

This is an automated email from the git hooks/post-receive script.

olebole pushed a commit to branch debian
in repository wcslib.

commit 710eea66d68d4b0c49d86778b7f423a6f03585b4
Author: Ole Streicher <debian at liska.ath.cx>
Date:   Wed Apr 8 11:05:28 2015 +0200

    Temporarily add fixes for -fsanitize=address problems
---
 debian/patches/fix_test_tdis1_c.patch    | 37 +++++++++++++++++++++++++
 debian/patches/fix_test_tdis1_f.patch    | 46 ++++++++++++++++++++++++++++++++
 debian/patches/fix_test_tfitshdr_f.patch | 46 ++++++++++++++++++++++++++++++++
 debian/patches/fix_test_twcsfix_f.patch  | 29 ++++++++++++++++++++
 debian/patches/series                    |  4 +++
 5 files changed, 162 insertions(+)

diff --git a/debian/patches/fix_test_tdis1_c.patch b/debian/patches/fix_test_tdis1_c.patch
new file mode 100644
index 0000000..ce544c6
--- /dev/null
+++ b/debian/patches/fix_test_tdis1_c.patch
@@ -0,0 +1,37 @@
+ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffb5282290 at pc 0x40209c bp 0x7fffb5282030 sp 0x7fffb5282028
+WRITE of size 16 at 0x7fffb5282290 thread T0
+    #0 0x40209b in main test/tdis1.c:99
+    #1 0x7f4587f0bb44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)
+    #2 0x401bf8 (/tmp/buildd/wcslib-5.1/C/tdis1+0x401bf8)
+
+Address 0x7fffb5282290 is located in stack of thread T0 at offset 352 in frame
+    #0 0x401cd5 in main test/tdis1.c:56
+
+  This frame has 16 object(s):
+    [32, 36) 'j'
+    [96, 100) 'n'
+    [160, 164) 'nsamp'
+    [224, 228) 'nreject'
+    [288, 292) 'nwcs'
+    [352, 360) 'naxis' <== Memory access at offset 352 partially overflows this variable
+    [416, 424) 'wcs'
+    [480, 496) 'pixblc'
+    [544, 560) 'pixsamp'
+    [608, 624) 'pixtrc'
+    [672, 736) 'pix'
+    [768, 832) 'pxi'
+    [864, 936) 'stats'
+    [992, 1073) 'keyrec'
+    [1120, 1264) 'affine'
+    [1312, 289313) 'header'
+--- a/C/test/tdis1.c
++++ b/C/test/tdis1.c
+@@ -96,7 +96,7 @@
+     return 1;
+   }
+ 
+-  memset(naxis, 0, 4*sizeof(int));
++  memset(naxis, 0, 2*sizeof(int));
+ 
+   k = 0;
+   nkeyrec = 0;
diff --git a/debian/patches/fix_test_tdis1_f.patch b/debian/patches/fix_test_tdis1_f.patch
new file mode 100644
index 0000000..d042645
--- /dev/null
+++ b/debian/patches/fix_test_tdis1_f.patch
@@ -0,0 +1,46 @@
+ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffd013414c at pc 0x7f16d99947eb bp 0x7fffd0133170 sp 0x7fffd0132930
+WRITE of size 4 at 0x7fffd013414c thread T0
+    #0 0x7f16d99947ea (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x2e7ea)
+    #1 0x7f16d9723cbc (/usr/lib/x86_64-linux-gnu/libgfortran.so.3+0xdbcbc)
+    #2 0x402c06 in tdis1 test/tdis1.f:103
+    #3 0x404108 in main test/tdis1.f:264
+    #4 0x7f16d8b6cb44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)
+    #5 0x4021c8 (/tmp/buildd/wcslib-5.1/Fortran/tdis1+0x4021c8)
+
+Address 0x7fffd013414c is located in stack of thread T0 at offset 860 in frame
+    #0 0x4022a5 in tdis1 test/tdis1.f:28
+
+  This frame has 16 object(s):
+    [32, 36) 'ilat'
+    [96, 100) 'ilng'
+    [160, 164) 'j'
+    [224, 228) 'n'
+    [288, 292) 'nclos'
+    [352, 356) 'nkeyrc'
+    [416, 420) 'nreject'
+    [480, 484) 'ntest'
+    [544, 548) 'nwcs'
+    [608, 612) 'status'
+    [672, 680) 'wcsp'
+    [736, 744) 'absmax'
+    [800, 808) 'relmax'
+    [864, 880) 'naxis' <== Memory access at offset 860 underflows this variable
+    [928, 960) 'crpix'
+    [992, 1072) 'keyrec'
+--- a/Fortran/test/tdis1.f
++++ b/Fortran/test/tdis1.f
+@@ -99,9 +99,11 @@
+           IF (KEYREC(:8).EQ.'HISTORY ') GO TO 40
+ 
+           IF (KEYREC(:5).EQ.'NAXIS') THEN
+-            READ (KEYREC(6:6), '(I1)') J
+-            READ (KEYREC(11:), *) NAXIS(J)
+-            GO TO 40
++            IF  (KEYREC(6:6).NE.' ') THEN
++              READ (KEYREC(6:6), '(I1)') J
++              READ (KEYREC(11:), *) NAXIS(J)
++              GO TO 40
++            END IF
+           END IF
+ 
+           HEADER(K:) = KEYREC
diff --git a/debian/patches/fix_test_tfitshdr_f.patch b/debian/patches/fix_test_tfitshdr_f.patch
new file mode 100644
index 0000000..11818ef
--- /dev/null
+++ b/debian/patches/fix_test_tfitshdr_f.patch
@@ -0,0 +1,46 @@
+ERROR: AddressSanitizer: stack-buffer-overflow on address 0x<address> at pc 0x<address> bp 0x<address> sp 0x<address>
+WRITE of size 8 at 0x<address> thread T0
+    #0 0x<address> in wcspih /tmp/buildd/wcslib-5.1/C/wcspih.l:212
+    #1 0x<address> in wcspih_ /tmp/buildd/wcslib-5.1/Fortran/wcshdr_f.c:59
+    #2 0x<address> in tfitshdr test/tfitshdr.f:108
+    #3 0x<address> in main test/tfitshdr.f:302
+    #4 0x<address> in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x<address>)
+    #5 0x<address> (/tmp/buildd/wcslib-5.1/Fortran/tfitshdr+0x<address>)
+
+Address 0x<address> is located in stack of thread T0 at offset 864 in frame
+    #0 0x<address> in tfitshdr test/tfitshdr.f:28
+
+  This frame has 22 object(s):
+    [32, 36) 'ctrl'
+    [96, 100) 'i'
+    [160, 164) 'ierr'
+    [224, 228) 'keyno'
+    [288, 292) 'keytyp'
+    [352, 356) 'nc'
+    [416, 420) 'nkeyid'
+    [480, 484) 'nkeyrc'
+    [544, 548) 'nreject'
+    [608, 612) 'nwcs'
+    [672, 676) 'relax'
+    [736, 740) 'status'
+    [800, 804) 'ulen'
+    [864, 868) 'wcsp' <== Memory access at offset 864 partially overflows this variable
+    [928, 936) 'keys'
+    [992, 1004) 'keywrd'
+    [1056, 1072) 'fval'
+    [1120, 1152) 'ival'
+    [1184, 1256) 'cval'
+    [1312, 1392) 'keyrec'
+    [1440, 1524) 'text'
+    [1568, 1760) 'keyids'
+--- a/Fortran/test/tfitshdr.f
++++ b/Fortran/test/tfitshdr.f
+@@ -43,7 +43,7 @@
+       LOGICAL   GOTEND
+       INTEGER   CTRL, I, IERR, IVAL(8), J, K, KEYNO, KEYS(2), KEYTYP,
+      :          KTYP, NC, NKEYRC, NKEYID, NREJECT, NWCS, RELAX, STATUS,
+-     :          ULEN, WCSP
++     :          ULEN, WCSP(2)
+       DOUBLE PRECISION FVAL(2)
+       CHARACTER KEYREC*80, CVAL*72, HEADER*288001, KEYWRD*12, INFILE*12,
+      :          TEXT*84
diff --git a/debian/patches/fix_test_twcsfix_f.patch b/debian/patches/fix_test_twcsfix_f.patch
new file mode 100644
index 0000000..c6ffcb7
--- /dev/null
+++ b/debian/patches/fix_test_twcsfix_f.patch
@@ -0,0 +1,29 @@
+ERROR: AddressSanitizer: stack-buffer-overflow on address 0x<address> at pc 0x<address> bp 0x<address> sp 0x<address>
+WRITE of size 1 at 0x<address> thread T0
+    #0 0x<address> in spctrne /tmp/buildd/wcslib-5.1/C/spc.c:1288
+    #1 0x<address> in wcssptr /tmp/buildd/wcslib-5.1/C/wcs.c:3572
+    #2 0x<address> in wcssptr_ /tmp/buildd/wcslib-5.1/Fortran/wcs_f.c:802
+    #3 0x<address> in twcsfix test/twcsfix.f:124
+    #4 0x<address> in main test/twcsfix.f:143
+    #5 0x<address> in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x<address>)
+    #6 0x<address> (/tmp/buildd/wcslib-5.1/Fortran/twcsfix+0x<address>)
+
+Address 0x<address> is located in stack of thread T0 at offset 168 in frame
+    #0 0x<address> in twcsfix test/twcsfix.f:28
+
+  This frame has 4 object(s):
+    [32, 36) 'i'
+    [96, 100) 'status'
+    [160, 168) 'ctypes' <== Memory access at offset 168 overflows this variable
+    [224, 248) 'stat'
+--- a/Fortran/test/twcsfix.f
++++ b/Fortran/test/twcsfix.f
+@@ -59,7 +59,7 @@
+       INCLUDE 'wcs.inc'
+       INCLUDE 'wcsfix.inc'
+       INTEGER   STAT(WCSFIX_NWCS), STATUS
+-      CHARACTER CTYPES*8
++      CHARACTER CTYPES*9
+       INTEGER   WCS(WCSLEN)
+       DOUBLE PRECISION DUMMY
+       EQUIVALENCE (WCS,DUMMY)
diff --git a/debian/patches/series b/debian/patches/series
index 2ffb5c6..3a2d51e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,6 @@
 increase_tspx_test_tol.patch
 disable_Ftspx_test.patch
+fix_test_tdis1_c.patch
+fix_test_tdis1_f.patch
+fix_test_tfitshdr_f.patch
+fix_test_twcsfix_f.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-astro/packages/wcslib.git

More information about the debian-science-commits mailing list