Bug#749905: nss: Conflicting declarations of function FREEBL_InitStubs may have undefined behaviour

Michael Tautschnig mt at debian.org
Fri May 30 13:55:02 UTC 2014 

Package: nss
Version: 2:3.16-1
Usertags: goto-cc

During a rebuild of all Debian packages in a clean sid chroot (using cowbuilder
and pbuilder) the build failed with the following error. Please note that we
use our research compiler tool-chain (using tools from the cbmc package), which
permits extended reporting on type inconsistencies at link time.

[...]
gcc -shared -Wl,-z,relro -m64 -Wl,-z,defs -Wl,-soname -Wl,libfreebl3.so  -Wl,--version-script,Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/freebl.def -Wl,-Bsymbolic -o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/libfreebl3.so Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/freeblver.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ldvector.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/sysrand.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/sha_fast.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/md2.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/md5.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/sha512.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/alghmac.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/rawhash.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/alg2268.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/arcfour.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/arcfive.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/desblapi.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/des.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/drbg.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/cts.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ctr.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/gcm.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/hmacct.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/rijndael.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/aeskeywrap.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/camellia.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/dh.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ec.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/pqg.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/dsa.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/rsa.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/rsapkcs.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/shvfy.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/tlsprfalg.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/seed.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/jpake.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mpprime.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mpmontg.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mplogic.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mpi.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mp_gf2m.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mpi_amd64.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mp_comba.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mpcpucache.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecl.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecl_curve.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecl_mult.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecl_gf.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecp_aff.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecp_jac.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecp_mont.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ec_naf.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecp_jm.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecp_256.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecp_384.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecp_521.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/ecp_256_32.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/stubs.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/nsslowhash.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/intel-gcm-wrap.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/arcfour-amd64-gas.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/mpi_amd64_gas.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/intel-aes.o Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/intel-gcm.o      -ldl -lc

error: conflicting function declarations "FREEBL_InitStubs"
old definition in module ldvector file ldvector.c line 9
signed int (void)
new definition in module stubs file stubs.c line 602
SECStatus ()
../../coreconf/rules.mk:285: recipe for target 'Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/libfreebl3.so' failed
make[5]: *** [Linux3.2_x86_64_glibc_PTH_64_OPT.OBJ/Linux_SINGLE_SHLIB/libfreebl3.so] Error 64
make[5]: Leaving directory '/srv/jenkins-slave/workspace/sid-goto-cc-nss/nss-3.16/nss/lib/freebl'
Makefile:544: recipe for target 'libs' failed
make[4]: *** [libs] Error 2

Note that SECStatus is an enum type, hence the choice of the bit-level type is
implementation defined (according to the C standard). If the compiler uses a
type that is different from int, such as char, the return value will have
several bytes left undefined. Thus the test following the call here

http://sources.debian.net/src/nss/2:3.16-1/nss/lib/freebl/nsslowhash.c?hl=294#L294

would produce an arbitrary result. It seems the declarations here

http://sources.debian.net/src/nss/2:3.16-1/nss/lib/freebl/ldvector.c?hl=9#L9

and here

http://sources.debian.net/src/nss/2:3.16-1/nss/lib/freebl/stubs.h?hl=60#L60

should be amended.

Best,
Michael

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 859 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20140530/424e8f71/attachment.sig>

More information about the pkg-mozilla-maintainers mailing list