After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 758194 - Memory corruption with g_strerror after a setlocale
Memory corruption with g_strerror after a setlocale
Status: RESOLVED FIXED
Product: glib
Classification: Platform
Component: general
2.46.x
Other Mac OS
: Normal critical
: ---
Assigned To: gtkdev
gtkdev
Depends on:
Blocks:
 
 
Reported: 2015-11-16 20:24 UTC by Egmont Koblinger
Modified: 2017-06-21 14:13 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
test program (597 bytes, text/x-csrc)
2015-11-16 20:24 UTC, Egmont Koblinger 		  Details
Fix g_strerror() on non-glibc (844 bytes, patch)
2015-11-16 22:00 UTC, Dan Winship 		committed Details | Review

Description Egmont Koblinger 2015-11-16 20:24:29 UTC 
Created attachment 315707 [details]
test program

Compile the attached test program (according to the command in its first row) and run it.

Expected output: The error message "Permission denied" printed 8 times, with various pointer values before them.

Actual output: garbage:
0x7fff5d47e4f0 
0x7fff5d47e4f0 �
0x0 (null)
0x7fff5d47e4f0 �

0x7fff5d47e4f0 
0x7fff5d47e4f0 �����
0x7fe10ac17dc0 
0x7fff5d47e4f0 �����

The very first invocation of g_strerror() already returns an incorrect (empty) string. Next, a call to g_locale_from_utf8() which should not modify this string (it's a const gchar*) mangles it.

According to g_strerror()'s doc, "the pointer is guaranteed to remain valid for the lifetime of the process".

---

Works fine on Linux.

Works fine without the setlocale() call.

OS X Yosemite 10.10.5; Apple LLVM version 7.0.0 (clang-700.0.72)

LANG=en_US.UTF-8; no LC_* variable set.

glib-2.46.2 from mac ports.

I just ran "port selfupdate; port upgrade outdated" today shortly before discovering this bug, so it might have sneaked in with this version.

Originally discovered bug reported at http://www.midnight-commander.org/ticket/3558
Comment 1 Egmont Koblinger 2015-11-16 20:40:55 UTC 
Note: On Linux I tried with 2.46.1 (Wily), not with 2.46.2.
Comment 2 Egmont Koblinger 2015-11-16 21:40:47 UTC 
Can't reproduce on Linux with glib-2.46.2 either. So it has probably something to do with the different GNU vs. BSD strerror_r().
Comment 3 Dan Winship 2015-11-16 21:53:38 UTC 
(In reply to Egmont Koblinger from comment #2)
> Can't reproduce on Linux with glib-2.46.2 either. So it has probably
> something to do with the different GNU vs. BSD strerror_r().

nope, has to do with a totally stupid bug in g_strerror() in the non-GNU strerror_r case :)
Comment 4 Dan Winship 2015-11-16 22:00:17 UTC 
Created attachment 315709 [details] [review]
Fix g_strerror() on non-glibc

When using one of the codepaths that copies the error string into buf,
make sure the string gets strdup() afterward.

======

Does this fix the problem?
Comment 5 Egmont Koblinger 2015-11-16 22:55:33 UTC 
Yes, it does fix the problem, thanks a lot!
Comment 6 Egmont Koblinger 2015-11-16 23:13:52 UTC 
2.44 had a different g_strerror() implementation and is not affected. The 2.46 series is buggy.

I think this might have a negative effect on many other apps as well, not just Midnight Commander, and I'm not sure, but perhaps might lead to a crash as well. Could you please consider releasing a 2.46.3 tarball with this fix in the foreseeable future?

Thanks again!
Comment 7 Philip Withnall 2017-06-21 14:13:34 UTC 
The patch was pushed as commit f87e002313d566dcce71a9aba040d22ddb5c1e80 and is present in all releases from 2.47.2 onwards (inclusive).

(In reply to Egmont Koblinger from comment #6)
> Could you please consider releasing a 2.46.3 tarball with this fix
> in the foreseeable future?

A 2.46.3 release is not going to happen at this point, since that release series is too old to care about.

Looks like this is all resolved.