** Changed in: snapd-glib (Ubuntu Bionic)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to snapd-glib in Ubuntu.
https://bugs.launchpad.net/bugs/1740865
Title:
gnome-software (5) g_realloc → g_array_maybe_expand → g_array_set_size
→ g_byte_array_set_size → read_cb
Status in snapd-glib package in Ubuntu:
Fix Committed
Status in snapd-glib source package in Bionic:
Fix Committed
Status in snapd-glib source package in Cosmic:
Fix Committed
Bug description:
[Impact]
snapd-glib can do an invalid memory access when parsing HTTP chunked data.
Found doing code inspection and testing based on crash reports.
[Test Case]
No specific trigger - just look for reduced reports on errors.ubuntu.com.
[Regression Potential]
Some risk of further breaking HTTP handling in snapd-glib. Updated algorithm
tested in a test program run through valgrind to give confidence in the changes.
Error reports:
https://errors.ubuntu.com/problem/d94c431d27115bab216f9e1ea756f876e7cd933b
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd-glib/+bug/1740865/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
