From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 631 invoked by alias); 27 Jun 2019 21:33:36 -0000 Mailing-List: contact bzip2-devel-help@sourceware.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Subscribe: List-Id: Sender: bzip2-devel-owner@sourceware.org Received: (qmail 558 invoked by uid 89); 27 Jun 2019 21:33:36 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Checked: by ClamAV 0.100.3 on sourceware.org X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.1 spammy=intervention, political X-Spam-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on sourceware.org X-Spam-Level: X-HELO: mail-io1-f46.google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc; bh=dg6BcwBKnAYjJhfry9iZy0xRZWtGf1nyAV/RRL8zY6c=; b=h+eCA3JofesLN+0fne/Dg/Aeb33lLackR4D6Onyrn90LDVTj0OiWFuAwegZ6JOwU/T qQoptwW+P4TGLs8dXLeJnW8Ern2vbPRNkYMp2tyG5xc2NMXxYcTzdMGAp6YXzY4GK/0p O6kV5BOhjupth8+8TYhoTA0TUOgG3Foy72hZLxFPKOcYnzWCbdgBzTaDVD/As2jOOqsP OybE9v5Bytt7AYmofcw5rRhlc6r5LXQB7vrY+J0oGZvw4QVbS3F59EvSkK+ZDsol7kSK 87G8l39BNDRXFMY2aEBdrU6JezCSlrUmOStslqXBrT/VE3XPWUAsWHg2u+jlWGZ0D0gp iCRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=dg6BcwBKnAYjJhfry9iZy0xRZWtGf1nyAV/RRL8zY6c=; b=GWCRFEiEL65OZOvyiEMGlWtxQU3H6itNGwwmDB/ZcynAiThR573QCAnry/g2kNjxEc ANVjQ76UIGBbnRglQoTNbVo8baVrAeqZWFzCbtMAZKSishSqYKumIPTIoAo8CVlKterD Qv+x++YRdA3cZMV8OraScazpL4JrcTzN8eGDbaaenEBGNTNUFuGOGyIMmIwchJxner+S TC9E8qjxrQRh6ZtW5ms9tn5sH80q1WSy0I50PM9ugOa3bzKhBxQicUQpm1e7jQ6uGPaI szqyY7In6Wc6J5He7T3T3JMSlNY2w8X7p5MFYGmcxGd+fbnLa7QNEDSSRudTYBf+rEwz ACrA== X-Gm-Message-State: APjAAAUracDCVhl5gh2zeD5kH/1ZAbRpGjkkXGrj/FRRawx1bBq0t/EK lCF723754R7f4aDDs/oe7iBQfpYYXAFxKhoRnyqY5Q== X-Google-Smtp-Source: APXvYqyJXaokSSimxwwOeGBKTDJNox30C4toN0UPnCfMrHO5A2GQ5We/nU7bTfWGggH6NzSL7mtG6acTq5wA9E+lTcE= X-Received: by 2002:a6b:5a17:: with SMTP id o23mr7048724iob.41.1561671212617; Thu, 27 Jun 2019 14:33:32 -0700 (PDT) MIME-Version: 1.0 References: <20190627205837.GD9273@wildebeest.org> In-Reply-To: <20190627205837.GD9273@wildebeest.org> Reply-To: noloader@gmail.com From: Jeffrey Walton Date: Tue, 01 Jan 2019 00:00:00 -0000 Message-ID: Subject: Re: bzip2 1.0.7 released To: Mark Wielaard Cc: bzip2-devel@sourceware.org, Julian Seward Content-Type: text/plain; charset="UTF-8" X-SW-Source: 2019-q2/txt/msg00025.txt.bz2 On Thu, Jun 27, 2019 at 4:58 PM Mark Wielaard wrote: > > On Thu, Jun 27, 2019 at 08:54:08PM +0200, Mark Wielaard wrote: > > * Make sure nSelectors is not out of range (CVE-2019-12900) > > Well, that was quick... There is already a regression report about > this fix. See https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494 > ... > > -#define BZ_MAX_SELECTORS (2 + (900000 / BZ_G_SIZE)) > +#define BZ_MAX_SELECTORS (7 + (900000 / BZ_G_SIZE)) > > But of course I cannot tell why increasing the max with 5 is correct. > It might well be that the file is invalid. Before the fix bunzip2 > would overwrite some memory after the selectorMtf array. So it might > be the file decompressed by accident in the past. > > I'll look a but deeper, but if people have a clue what exactly is > going on that would be appreciated. Hi Mark. At this point, I think you should perform the root cause analysis. I think you are having trouble identifying the the problem(s) because the code is not instrumented, and it does not debug itself. It requires manual intervention and time under the debugger. Time under a debugger is mostly a waste of time in my opinion. You have better things to do with your time. If this were my module, then I would fill the program with ASSERT's so the module debugs itself in non-release builds. Then, run all the malformed test data you can find. The good thing about instrumenting with asserts is, it is monkey work. You can task an intern with it, and not waste a senior dev's time with it. Even better, the intern can then identify the problems so you don't waste your time with it. I know assert's are not preferred in the Unix world. Many Unix dev's prefer to cling to the old K&R way of writing code from the 1970's. But there are a lot better ways to develop nowadays, and self debugging code is one of them. (This is really a policies and procedures problem. The development process has gaps. The fix is to require completely instrumented code. But to do that, you have to deal with the political problem of people clinging to ancient K&R patterns). Jeff