[valgrind] 3.9.0-13.svn20140513r13961
Mark Wielaard
mjw at fedoraproject.org
Tue May 13 22:16:43 UTC 2014
commit 8b9a725140c5f65713e5978002f59d2031f5605a
Author: Mark Wielaard <mjw at redhat.com>
Date: Wed May 14 00:01:03 2014 +0200
3.9.0-13.svn20140513r13961
valgrind-3.9.0-msghdr.patch | 41 +++++++++++++++++++++++++++++++++++++++++
valgrind.spec | 15 ++++++++++-----
2 files changed, 51 insertions(+), 5 deletions(-)
---
diff --git a/valgrind-3.9.0-msghdr.patch b/valgrind-3.9.0-msghdr.patch
new file mode 100644
index 0000000..85f18da
--- /dev/null
+++ b/valgrind-3.9.0-msghdr.patch
@@ -0,0 +1,41 @@
+commit d67f20debc80ad98c76b0edb8fc44002ca9ea0cd
+Author: Mark Wielaard <mjw at redhat.com>
+Date: Tue May 13 15:07:52 2014 +0200
+
+ Use safe_to_deref in coregrind syswrap-generic.c (msghdr_foreachfield).
+
+ Call ML_(safe_to_deref) before using msghdr msg_name, msg_iov or msg_control.
+ Fixes bug #334705.
+
+diff --git a/coregrind/m_syswrap/syswrap-generic.c b/coregrind/m_syswrap/syswrap-generic.c
+index cdf64ea..f1207f4 100644
+--- a/coregrind/m_syswrap/syswrap-generic.c
++++ b/coregrind/m_syswrap/syswrap-generic.c
+@@ -951,13 +951,15 @@ void msghdr_foreachfield (
+ if ( recv )
+ foreach_func ( tid, False, fieldName, (Addr)&msg->msg_flags, sizeof( msg->msg_flags ) );
+
+- if ( msg->msg_name ) {
++ if ( ML_(safe_to_deref)(&msg->msg_name, sizeof (void *))
++ && msg->msg_name ) {
+ VG_(sprintf) ( fieldName, "(%s.msg_name)", name );
+ foreach_func ( tid, False, fieldName,
+ (Addr)msg->msg_name, msg->msg_namelen );
+ }
+
+- if ( msg->msg_iov ) {
++ if ( ML_(safe_to_deref)(&msg->msg_iov, sizeof (void *))
++ && msg->msg_iov ) {
+ struct vki_iovec *iov = msg->msg_iov;
+ UInt i;
+
+@@ -975,7 +977,8 @@ void msghdr_foreachfield (
+ }
+ }
+
+- if ( msg->msg_control )
++ if ( ML_(safe_to_deref) (&msg->msg_control, sizeof (void *))
++ && msg->msg_control )
+ {
+ VG_(sprintf) ( fieldName, "(%s.msg_control)", name );
+ foreach_func ( tid, False, fieldName,
diff --git a/valgrind.spec b/valgrind.spec
index 1b6c021..b6d1e57 100644
--- a/valgrind.spec
+++ b/valgrind.spec
@@ -1,12 +1,12 @@
%{?scl:%scl_package valgrind}
-%define svn_date 20140319
-%define svn_rev 13879
+%define svn_date 20140513
+%define svn_rev 13961
Summary: Tool for finding memory management bugs in programs
Name: %{?scl_prefix}valgrind
Version: 3.9.0
-Release: 12.svn%{?svn_date}r%{?svn_rev}%{?dist}
+Release: 13.svn%{?svn_date}r%{?svn_rev}%{?dist}
Epoch: 1
License: GPLv2+
URL: http://www.valgrind.org/
@@ -57,8 +57,8 @@ Patch4: valgrind-3.9.0-ldso-supp.patch
# KDE#327943 - s390x missing index/strchr suppression for ld.so bad backtrace?
Patch5: valgrind-3.9.0-s390x-ld-supp.patch
-# KDE#333666 - No MPX (bndmov) instruction support in VEX
-Patch6: valgrind-3.9.0-mpx.patch
+# KDE#334705 - sendmsg and recvmsg should guard against bogus msghdr fields
+Patch6: valgrind-3.9.0-msghdr.patch
%if %{build_multilib}
# Ensure glibc{,-devel} is installed for both multilib arches
@@ -324,6 +324,11 @@ echo ===============END TESTING===============
%endif
%changelog
+* Tue May 13 2014 Mark Wielaard <mjw at redhat.com> 3.9.0-13.svn20140513r13961
+- Update to upstream svn r13961.
+- Remove valgrind-3.9.0-mpx.patch integrated upstream now.
+- Add valgrind-3.9.0-msghdr.patch
+
* Thu May 8 2014 Mark Wielaard <mjw at redhat.com> 3.9.0-12.svn20140319r13879
- Add valgrind-3.9.0-mpx.patch (#1087933)
More information about the scm-commits
mailing list