Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173646
Summary: Selinux denials for spamd
Product: Fedora Core
Version: fc4
Platform: i686
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: spamassassin
AssignedTo: wtogami(a)redhat.com
ReportedBy: gc1111(a)optonline.net
CC: fedora-perl-devel-
list@redhat.com,felicity@kluge.net,jm@jmason.org,parkerm
@pobox.com,reg+redhat@sidney.com,wtogami@redhat.com
>From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7
Description of problem:
SeLinux denies access to spamd many times.
Version-Release number of selected component (if applicable):
spamassassin-3.0.4-2.fc4
How reproducible:
Always
Steps to Reproduce:
1. Use Selinux in enforcing/targeted mode
2. Set evolution to filter mail using spamassassin
3. Read mail
4. Look at audit logs
Actual Results: Many denials as per Additional Information
Expected Results: No Selinux denials
Additional info:
Extract from /var/log/audit/audit.log:
type=AVC msg=audit(1132324042.516:8455): avc: denied { write } for pid=1862 comm="spamd" name="log" dev=tmpfs ino=4750 scontext=system_u:system_r:spamd_t tcontext=system_u:object_r:device_t tclass=sock_file
type=SYSCALL msg=audit(1132324042.516:8455): arch=40000003 syscall=102 success=no exit=-13 a0=3 a1=bfb60480 a2=862bc0 a3=6e items=1 pid=1862 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="spamd" exe="/usr/bin/perl"
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193818
Summary: spamd should start before sendmail
Product: Fedora Core
Version: devel
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: spamassassin
AssignedTo: wtogami(a)redhat.com
ReportedBy: oliva(a)lsd.ic.unicamp.br
CC: fedora-perl-devel-
list@redhat.com,felicity@kluge.net,jm@jmason.org,parkerm
@pobox.com,reg+redhat@sidney.com,wtogami@redhat.com
Description of problem:
Users that rely on spamc/spamd for mail delivery might face silent mail delivery
failure if spamd is not running when sendmail attempts to deliver them e-mail.
Starting spamd before sendmail would reduce the probability of such a problem.
Version-Release number of selected component (if applicable):
sendmail-8.13.6-1
spamassassin-3.1.2-1.fc6
How reproducible:
Every time
Steps to Reproduce:
1.Boot up
Actual results:
spamd starts after sendmail
Expected results:
It should start before
Additional info:
both are S80, which causes sendmail to start first since it sorts alphabetically
before spamd.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175439
Summary: [FC4 Regression]: spamc doesn't use localhost by default
Product: Fedora Core
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: spamassassin
AssignedTo: wtogami(a)redhat.com
ReportedBy: hongjiu.lu(a)intel.com
CC: fedora-perl-devel-
list@redhat.com,felicity@kluge.net,jm@jmason.org,parkerm
@pobox.com,reg+redhat@sidney.com,wtogami@redhat.com
I have
:0fw
| /usr/bin/spamc
in /etc/procmailrc. It worked with FC3. But after upgrading to FC4, I got
Dec 10 08:38:45 ocean spamd[27833]: unauthorized connection from
gate.in.lucon.org [192.168.10.1] at port 32823
My machine has
eth0 Link encap:Ethernet HWaddr 00:07:E9:9C:3E:3E
inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::207:e9ff:fe9c:3e3e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5662 errors:0 dropped:0 overruns:0 frame:0
TX packets:5908 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1160392 (1.1 MiB) TX bytes:2571450 (2.4 MiB)
It looks like spamc is connecting to 192.168.10.1 instead of 127.0.0.1.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191416
Summary: h2ph generates incorrect code for '#if defined A ||
defined B'
Product: Fedora Core
Version: devel
Platform: All
URL: http://rt.perl.org/rt3/Ticket/Display.html?id=39130
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: jvdias(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list@redhat.com,prockai@redhat.com
+++ This bug was initially created as a clone of Bug #191409 +++
Description of problem:
This is perlbug #39130 - see URL .
For cpp statements like :
#if defined A || defined B
h2ph would generate the code :
if(defined (defined(&A) ? &A : 0) || defined (defined(&B) ? &B : 0)) {
which is tautologous, as defined(0) is always true .
This turns out to cause real problems on the Linux ppc64 platform,
where "endian-ness" is selectable in the compiler; every inclusion
of "endian.ph", which includes "bits/endian.ph", generates an error:
$ perl -e 'require "sys/socket.ph";'
Both BIG_ENDIAN and LITTLE_ENDIAN defined! at
/usr/lib/perl5/5.8.8/ppc-linux-thread-multi/bits/endian.ph line 10.
Compilation failed in require at...
Because h2ph generated this code in ../bits/endian.ph:
if(defined (defined(&__BIG_ENDIAN__) ? &__BIG_ENDIAN__ : 0) || defined
(defined(&_BIG_ENDIAN) ? &_BIG_ENDIAN : 0)) {
if(defined (defined(&__LITTLE_ENDIAN__) ? &__LITTLE_ENDIAN__ : 0) || defined
(defined(&_LITTLE_ENDIAN) ? &_LITTLE_ENDIAN : 0)) {
die("Both\ BIG_ENDIAN\ and\ LITTLE_ENDIAN\ defined\!");
}
For the cpp code in /usr/include/bits/endian.h:
#if defined __BIG_ENDIAN__ || defined _BIG_ENDIAN
# if defined __LITTLE_ENDIAN__ || defined _LITTLE_ENDIAN
# error Both BIG_ENDIAN and LITTLE_ENDIAN defined!
...
The problem does not happen if the 'defined..' conditions are in parentheses -
ie.
#if defined(A) || defined(B)
produces correct code:
if( defined(&A) || defined(&B) )
A trivial fix for this is to simply replace the ': 0' with ': undef' in
h2ph.PL line 517, as with this patch:
--- perl-5.8.8/utils/h2ph.PL~ 2006-01-12 17:55:04.000000000 -0500
+++ perl-5.8.8/utils/h2ph.PL 2006-05-11 13:50:04.000000000 -0400
@@ -514,7 +514,7 @@
}
} else {
if ($inif && $new !~ /defined\s*\($/) {
- $new .= '(defined(&' . $id . ') ? &' . $id . ' : 0)';
+ $new .= '(defined(&' . $id . ') ? &' . $id . ' : undef)';
} elsif (/^\[/) {
$new .= " \$$id";
} else {
Version-Release number of selected component (if applicable):
ALL
How reproducible:
100%
Steps to Reproduce:
On a ppc64 platform with select-able endian-ness:
# perl -e 'require "sys/socket.ph";'
Actual results:
Both BIG_ENDIAN and LITTLE_ENDIAN defined! at
/usr/lib/perl5/5.8.8/ppc-linux-thread-multi/bits/endian.ph line 10.
Compilation failed in require at...
Expected results:
no error
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=185406
Summary: h2ph problem with gcc internal defines
Product: Red Hat Enterprise Linux
Version: 4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: jvdias(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list@redhat.com,prockai@redhat.com
+++ This bug was initially created as a clone of Bug #178343 +++
Description of problem:
> Subject: h2ph problem
> From: George Michaelson <ggm(a)apnic.net>
> To: jvdias(a)redhat.com
> Date: 2006-01-17 19:54
>
> We just got bitten by 32bit vs 64bit logic in the .ph files generated
> from socket.h/stddef.h/limits.h -bits/socket.ph to be exact.
>
> Undefined subroutine &main::__LONG_MAX__ called at (eval 436) line 1.
> Compilation failed in require at
> /usr/lib/perl5/5.8.5/i386-linux-thread-multi/sy s/socket.ph line 11.
> Compilation failed in require at
> /usr/lib/perl5/site_perl/5.8.5/i386-linux-threa d-multi/netinet/in.ph line
> 9.
>
>
> By removing some if/then/else logic, to make it just eval() the 32-bit
> case, the problem went away.
>
> this was after applying an up2date on EL4 for perl 5.8.5:
>
> [ggm@curry log]$ uname -a
> Linux curry.apnic.net 2.6.9-22.0.1.ELsmp #1 SMP Tue Oct 18 18:39:27 EDT
> 2005 i686 i686 i386 GNU/Linux [ggm@curry log]$ rpmquery -a | grep perl
> newt-perl-1.08-7
> mod_perl-1.99_16-4
> perl-Net-DNS-0.48-1
> perl-Time-HiRes-1.55-3
> perl-5.8.5-24.RHEL4
> perl-Filter-1.30-6
> perl-URI-1.30-4
> perl-Digest-SHA1-2.07-5
> perl-Digest-HMAC-1.01-13
> [ggm@curry log]$
>
> the RPM errata lists
>
> > * Tue Nov 01 2005 Jason Vas Dias <jvdias(a)redhat.com> - 3:5.8.5-17.RHEL4
> > - fix bug 170088: broken h2ph fixed with h2ph from 5.8.7
> > - fix bug 171111 / upstream bug 37535: IOCPARM_LEN should be _IOC_SIZE
> > - fix bug 172236: make h2ph pick up gcc built-in include directory
>
> Is it possible you haven't tested enough of the outcomes here? Without
> this, the perl just doesn't work.
>
> -George
>
> --- socket.ph.dist 2006-01-17 16:44:41.000000000 +1000
> +++ socket.ph 2006-01-17 16:44:49.000000000 +1000
> @@ -90,11 +90,7 @@
> eval 'sub SOL_IRDA () {266;}' unless defined(&SOL_IRDA);
> eval 'sub SOMAXCONN () {128;}' unless defined(&SOMAXCONN);
> require 'bits/sockaddr.ph';
> - if((defined(&ULONG_MAX) ? &ULONG_MAX : 0) > 0xffffffff) {
> - eval 'sub __ss_aligntype () { &__uint64_t;}' unless
> defined(&__ss_aligntype); - } else {
> eval 'sub __ss_aligntype () { &__uint32_t;}' unless
> defined(&__ss_aligntype); - }
> eval 'sub _SS_SIZE () {128;}' unless defined(&_SS_SIZE);
> eval 'sub _SS_PADSIZE () {( &_SS_SIZE - (2* $sizeof{
> &__ss_aligntype}));}' unless defined(&_SS_PADSIZE); eval("sub MSG_OOB () {
> 0x01; }") unless defined(&MSG_OOB);
Version-Release number of selected component (if applicable):
ALL - including RHEL-4 perl-5.8.5-*
not a problem with RHEL-3 perl-5.8.0, because gcc-3.2.3's limits.h #defines
things like __LONG_MAX__
How reproducible:
100%
Steps to Reproduce:
$ perl -e 'require "sys/socket.ph";'
Actual results:
Undefined subroutine &main::__LONG_MAX__ called at (eval 256) line 1.
Compilation failed in require at
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/sys/socket.ph line 11.
Compilation failed in require at -e line 1.
Expected results:
no errors
-- Additional comment from jvdias(a)redhat.com on 2006-01-19 12:20 EST --
Now that h2ph correctly picks up the gcc C standard includes, such as limits.h,
from the gcc internal include directory (ie. /usr/lib/gcc/*.../include),
which it was not doing before, due to bug 172236, some perl .ph files cannot be
included because they refer to the newer gcc versions 'internal definitions' such
as __INT_MAX__ / __LONG_MAX__ , which are no longer #define'd in any header file,
but are 'built-in' to the newer gcc compilers, in the same way as __FILE__ or
__LINE__ :
$ echo 'int main(int argc, char **argv, char **envp)
{ long l=__LONG_MAX__; printf( "%ld\n",l); };' >tlm.c
( NOTE: no files are #include-ed )
$ gcc -o tlm tlm.c$ gcc -o tlm tlm.c
tlm.c: In function ‘main’:
tlm.c:1: warning: incompatible implicit declaration of built-in function ‘printf’
$ ./tlm
2147483647
gcc's C standard headers define constants such as LONG_MAX / INT_MAX in terms
of these internal definitions:
$ egrep 'define\ (INT|LONG)_MAX' limits.h
#define INT_MAX __INT_MAX__
#define LONG_MAX __LONG_MAX__
During the generation of the perl platform h2ph includes, we should create a
file included by limits.ph that includes definitions for all the gcc
'internal definitions' such as __LONG_MAX__ that might be referenced .
-- Additional comment from jvdias(a)redhat.com on 2006-01-19 12:57 EST --
Created an attachment (id=123451)
--> (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=123451&action=view)
Program to produce perl header for C built-in definitions
Something like the output of this program needs to be prepended to limits.ph
during the build of the perl h2ph platform headers .
-- Additional comment from rc040203(a)freenet.de on 2006-01-19 13:15 EST --
I must be missing something, but why do you try to extract GCC proprietary,
internals?
#include <limits.h> and printing the corresponding POSIX defines would be portable.
C.f. http://www.opengroup.org/onlinepubs/009695399/basedefs/limits.h.html
-- Additional comment from jvdias(a)redhat.com on 2006-01-19 15:54 EST --
RE: Comment #3:
/usr/include/limits.h just #includes' gcc's limits.h, unless '__GNUC__ < 2',
and gcc's limits.h would in any case be found first in by a
'#include <limits.h>' .
The whole issue of h2ph and perl's platform includes needs a major revamp, which
it will get once perl-5.8.8 comes out (soon, I hope).
-- Additional comment from jvdias(a)redhat.com on 2006-01-31 13:07 EST --
OK, it wasn't fixed in 5.8.8. I've now raised upstream perl bug
#38385 : http://rt.perl.org/rt3/Ticket/Display.html?id=38385
on this issue, which includes a patch to fix it.
This will be fixed in the next perl releases for RHEL-4, FC-4, and FC-5
(RHEL-3 is unaffected).
-- Additional comment from jvdias(a)redhat.com on 2006-02-02 18:15 EST --
Created an attachment (id=124075)
--> (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=124075&action=view)
Program to include cpp internal built-in macros in system _h2ph_pre.ph
-- Additional comment from jvdias(a)redhat.com on 2006-02-02 18:21 EST --
This problem is fixed with perl-5.8.8-1 in FC-5, with the patch sent upstream,
which checks for the existence of cpp internal built-ins in Configure, and
writes them to $Config{cppsymbols} so they are correctly written to _h2ph_pre.pl.
This patch will be applied to subsequent perl releases for FC-4 and RHEL-4 ,
but this problem probably does not warrant a complete perl respin just to fix it.
Meanwhile, simply run the 'patch_h2ph_pre.pl' script attached above, as root,
and the system _h2ph_pre.ph (which gets included by every perl header file) will
be patched to define cpp built-ins it does not already define .
-- Additional comment from updates(a)fedora.redhat.com on 2006-03-13 17:12 EST --
>From User-Agent: XML-RPC
perl-5.8.6-24 has been pushed for FC4, which should resolve this issue. If
these problems are still present in this version, then please make note of it in
this bug report.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178343
Summary: h2ph problem with gcc internal defines
Product: Fedora Core
Version: devel
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: jvdias(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list(a)redhat.com
Description of problem:
> Subject: h2ph problem
> From: George Michaelson <ggm(a)apnic.net>
> To: jvdias(a)redhat.com
> Date: 2006-01-17 19:54
>
> We just got bitten by 32bit vs 64bit logic in the .ph files generated
> from socket.h/stddef.h/limits.h -bits/socket.ph to be exact.
>
> Undefined subroutine &main::__LONG_MAX__ called at (eval 436) line 1.
> Compilation failed in require at
> /usr/lib/perl5/5.8.5/i386-linux-thread-multi/sy s/socket.ph line 11.
> Compilation failed in require at
> /usr/lib/perl5/site_perl/5.8.5/i386-linux-threa d-multi/netinet/in.ph line
> 9.
>
>
> By removing some if/then/else logic, to make it just eval() the 32-bit
> case, the problem went away.
>
> this was after applying an up2date on EL4 for perl 5.8.5:
>
> [ggm@curry log]$ uname -a
> Linux curry.apnic.net 2.6.9-22.0.1.ELsmp #1 SMP Tue Oct 18 18:39:27 EDT
> 2005 i686 i686 i386 GNU/Linux [ggm@curry log]$ rpmquery -a | grep perl
> newt-perl-1.08-7
> mod_perl-1.99_16-4
> perl-Net-DNS-0.48-1
> perl-Time-HiRes-1.55-3
> perl-5.8.5-24.RHEL4
> perl-Filter-1.30-6
> perl-URI-1.30-4
> perl-Digest-SHA1-2.07-5
> perl-Digest-HMAC-1.01-13
> [ggm@curry log]$
>
> the RPM errata lists
>
> > * Tue Nov 01 2005 Jason Vas Dias <jvdias(a)redhat.com> - 3:5.8.5-17.RHEL4
> > - fix bug 170088: broken h2ph fixed with h2ph from 5.8.7
> > - fix bug 171111 / upstream bug 37535: IOCPARM_LEN should be _IOC_SIZE
> > - fix bug 172236: make h2ph pick up gcc built-in include directory
>
> Is it possible you haven't tested enough of the outcomes here? Without
> this, the perl just doesn't work.
>
> -George
>
> --- socket.ph.dist 2006-01-17 16:44:41.000000000 +1000
> +++ socket.ph 2006-01-17 16:44:49.000000000 +1000
> @@ -90,11 +90,7 @@
> eval 'sub SOL_IRDA () {266;}' unless defined(&SOL_IRDA);
> eval 'sub SOMAXCONN () {128;}' unless defined(&SOMAXCONN);
> require 'bits/sockaddr.ph';
> - if((defined(&ULONG_MAX) ? &ULONG_MAX : 0) > 0xffffffff) {
> - eval 'sub __ss_aligntype () { &__uint64_t;}' unless
> defined(&__ss_aligntype); - } else {
> eval 'sub __ss_aligntype () { &__uint32_t;}' unless
> defined(&__ss_aligntype); - }
> eval 'sub _SS_SIZE () {128;}' unless defined(&_SS_SIZE);
> eval 'sub _SS_PADSIZE () {( &_SS_SIZE - (2* $sizeof{
> &__ss_aligntype}));}' unless defined(&_SS_PADSIZE); eval("sub MSG_OOB () {
> 0x01; }") unless defined(&MSG_OOB);
Version-Release number of selected component (if applicable):
ALL - including RHEL-4 perl-5.8.5-*
not a problem with RHEL-3 perl-5.8.0, because gcc-3.2.3's limits.h #defines
things like __LONG_MAX__
How reproducible:
100%
Steps to Reproduce:
$ perl -e 'require "sys/socket.ph";'
Actual results:
Undefined subroutine &main::__LONG_MAX__ called at (eval 256) line 1.
Compilation failed in require at
/usr/lib/perl5/5.8.6/i386-linux-thread-multi/sys/socket.ph line 11.
Compilation failed in require at -e line 1.
Expected results:
no errors
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188441
Summary: url(-relative=>1) is broken in CGI.pm
Product: Fedora Core
Version: fc5
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: bruno(a)wolff.to
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list(a)redhat.com
Description of problem:
url(-relative) no longer returns the original relative path before rewrites.
This used to work in FC4.
Version-Release number of selected component (if applicable):
perl-5.8.8-4
How reproducible:
100%
Steps to Reproduce:
1. Set up a redirect in your .htaccess file such as:
RewriteEngine On
RewriteBase /
RewriteRule ^testabc.cgi$ test.cgi
2. Create a test perl script, test.cgi such as:
#!/usr/bin/perl
use CGI qw/:standard -no_xhtml/;
print "Content-type: text/plain\n\n";
print url(-relative=>1), "\n";
print url(-absolute=>1), "\n";
3. Look at the web page /testabc.cgi
Actual results:
test.cgi
/testabc.cgi
Expected results:
testabc.cgi
/testabc.cgi
Additional info:
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172739
Summary: Deep recursion in CGI::Carp::warn
Product: Fedora Core
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: jorris(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list(a)redhat.com
Description of problem:
CGI::Carp::Warn experiences deep recursion when hit, followed by a segmentation
fault. This can make developing any web applications using CGI::Carp::Warn
difficult, as any trivial warning will cause pages of log output followed by a
crash.
See https://rt.perl.org/rt3/Ticket/Display.html?id=36521 for details and
possible patches.
Version-Release number of selected component (if applicable):
perl-5.8.6-15
How reproducible:
Always
Steps to Reproduce:
Execute script:
#!/usr/bin/perl
use CGI::Carp qw(fatalsToBrowser);
use diagnostics;
warn "foo";
Results:
Deeply nested warning message followed by segfault.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194077
Summary: upstream perl bugs fixed since 5.8.8 was released
Product: Fedora Core
Version: devel
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: jvdias(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list(a)redhat.com
Description of problem:
These upstream perl bugs / issue have beed fixed in the upstream
5.8.x maintenance release of perl since perl-5.8.8 was released:
o 38454 - 'rindex corrects for $[ on bytes rather than UTF-8'
http://rt.perl.org/rt3/index.html?q=38454
apply upstream patch #27116
o 24816 - 'Magic vars seem unsure if they are purely numeric'
http://rt.perl.org/rt3/index.html?q=24816
( perl -wle 'print $? = $? ^ "3"' -> 'Argument "^C" isn't numeric' )
apply upstream patch #27391
o Avoid writing over the input string in the case 'F' in moreswitches.
apply upstream patch #27426
o 34925 - 'overload and rebless'
http://rt.perl.org/rt3/index.html?q=34925
apply upstream patches #27509, #27512
o 3038 - '$qr = qr/^a$/m; $x =~ $qr; fails'
http://rt.perl.org/rt3/index.html?q=3038
apply upstream patch #27604
o apply upstream patch #27605 - 'Fix off-by-one in $0 set magic.'
o 23141 - '($_) = () fails to set $_ to undef'
http://rt.perl.org/rt3/index.html?q=23141
apply upstream patch #27914
o 38619 - 'Bug in lc and uc (interaction between UTF-8, substr, and lc/uc)'
http://rt.perl.org/rt3/index.html?q=38619
apply upstream patch #27329
Version-Release number of selected component (if applicable):
perl-5.8.8-4
How reproducible:
100%
Steps to Reproduce:
See upstream bug reports and the new RHTS test cases in CVS perl/perl-tests/FC6 .
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=185242
Summary: ioctl default minimum argument length of 256 should be
restored
Product: Fedora Core
Version: fc4
Platform: All
URL: http://rt.perl.org/rt3/Ticket/Display.html?id=38223
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: perl
AssignedTo: jvdias(a)redhat.com
ReportedBy: jvdias(a)redhat.com
QAContact: dkl(a)redhat.com
CC: fedora-perl-devel-list@redhat.com,prockai@redhat.com
+++ This bug was initially created as a clone of Bug #185240 +++
Description of problem:
This is perl bug request ticket 38223 .
Owing to the fix for bug 171111, where the length bitfield of the ioctl
number argument, which specifies the length of the optional RD ioctl output
third argument, was not being extracted correctly, and perl used 256 as the
minimum length of the third argument in all cases, perl now does not ascribe
any minimum length to the third argument unless the length bitfield is
specified.
This has the result that unless the length bitfield of the ioctl number is
specified, a third argument of a buffer with insufficient length for the
ioctl output will be overflowed, and perl will suffer a buffer overflow
and a potential memory access violation or memory corruption,
as generated by the following code (from perlbug RT# 38223):
#!/usr/bin/perl
require 'sys/ioctl.ph';
die "no TIOCGWINSZ " unless defined &TIOCGWINSZ;
open(TTY, "+</dev/tty") or die "No tty: $!";
unless (ioctl(TTY, &TIOCGWINSZ, $winsize='')) {
die sprintf "$0: ioctl TIOCGWINSZ (%08x: $!)\n", &TIOCGWINSZ;
}
($row, $col, $xpixel, $ypixel) = unpack('S4', $winsize);
print "(row,col) = ($row,$col)";
print " (xpixel,ypixel) = ($xpixel,$ypixel)" if $xpixel || $ypixel;
print "\n";
Perl now correctly detects the buffer overflow:
Possible memory corruption: ioctl overflowed 3rd argument at ./bug38223.pl
line 5.
This would not have occurred with perl versions before perl-5.8.6-18,
because the length of all the ioctl third output arguments was made a
minimum of 256 bytes.
The overflow would not have occurred if the ioctl call had been :
ioctl(TTY, &TIOCGWINSZ, $winsize='x'x16)
or
ioctl(TTY, &TIOCGWINSZ | (16 << &_IOC_SIZESHIFT), $winsize='')
The default size of 256 has been restored in the latest upstream patch for
this issue:
==== //depot/perl/perl.h#657 (text) ====
Index: perl/perl.h
--- perl/perl.h.~1~ Fri Jan 13 04:10:49 2006
+++ perl/perl.h Fri Jan 13 04:10:49 2006
@@ -2977,8 +2977,8 @@
# define IOCPARM_LEN(x) (((x) >> 16) & \ # IOCPARM_MASK)
# else
# if defined(_IOC_SIZE) && defined(__GLIBC__)
- /* on Linux systems we're safe */
-# define IOCPARM_LEN(x) _IOC_SIZE(x)
+ /* on Linux systems we're safe; except when we're not [perl #38223] */
+# define IOCPARM_LEN(x) (_IOC_SIZE(x) < 256 ? 256 : \ _IOC_SIZE(x))
# else
/* otherwise guess at what's safe */
# define IOCPARM_LEN(x) 256
End of Patch.
Version-Release number of selected component (if applicable):
perl-5.8.6-22
How reproducible:
100%
Steps to Reproduce:
Invoke a READ ioctl with a 0 length bitfield and and output buffer
third argument of insufficient length to hold the potential ioctl output.
Actual results:
Perl exits with error:
Possible memory corruption: ioctl overflowed 3rd argument
Expected results:
Perl should enforce a minimum length of 256 bytes for the ioctl output buffer.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.