Bug#797227: segfault - gst_memory_unmap, libgstreamer
Vincent Lefevre
vincent at vinc17.net
Tue Sep 1 08:25:21 UTC 2015
On 2015-09-01 11:07:28 +0300, Sebastian Dröge wrote:
> The gcc 5 transition might've broken something related to iceweasel,
> which is written in C++ and depends a lot on C++ libraries. Which then
> might result in the invalid memory accesses mentioned above.
>
> But GStreamer and dependencies in use here are plain C, so are
> unaffected by that transition. Same for GTK.
No, GStreamer is linked against libpcre:
$ ldd /usr/lib/x86_64-linux-gnu/libgstreamer-1.0.so.0
linux-vdso.so.1 (0x00007ffda81d1000)
libgobject-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0 (0x00007f92e9c3d000)
libgmodule-2.0.so.0 => /usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0 (0x00007f92e9a39000)
libglib-2.0.so.0 => /lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x00007f92e9729000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f92e9428000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f92e9224000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f92e9006000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f92e8c5d000)
libffi.so.6 => /usr/lib/x86_64-linux-gnu/libffi.so.6 (0x00007f92e8a54000)
libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007f92e87e5000)
/lib64/ld-linux-x86-64.so.2 (0x000055a49616f000)
and libpcre was affected by the GCC 5 transition, according to its
changelog:
pcre3 (2:8.35-7.1) unstable; urgency=medium
* Rename libpcrecpp0 to libpcrecpp0v5. Addresses: #791236.
* Add Conflict/Replaces to the old library.
* Add libpcrecpp0v5 symbols file for GCC 5.
-- Matthias Klose <doko at debian.org> Tue, 04 Aug 2015 20:23:03 +0200
> I think there are problems somewhere in iceweasel in the way it is
> using GTK, which is independent of the gcc 5 transition. And which
> might or might not be the reason for the crash.
I would tend to say that the effects of these GTK problems are only
local. If they yield more global memory corruption due to specific
remote contents (e.g. a video), then this is an important security
issue.
--
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
More information about the pkg-gstreamer-maintainers
mailing list