Bug#881231: [Pkg-nlp-ja-devel] Bug#881231: chasen-dictutils: writes uninitialized memory to .dat files
On Thu, 09 Nov 2017 16:12:32 +0900, Vagrant Cascadian wrote: > > The attached patch initializes memory written to .dat files. > > Once applied, ipadic can be built reproducibly in our current > > experimental framework. > > I can confirm that the patch fixed the issue when building on Debian > Stretch. I'm guessing sid or buster would work as well. I'll apply the patch.
Bug#881231: chasen-dictutils: writes uninitialized memory to .dat files
On 2017-11-08, Bernhard M. Wiedemann wrote: > While working on the “reproducible builds” effort [1] for openSUSE, > we have noticed that ipadic could not be built reproducibly [2] > and the same is the case for Debian [3]. > > The attached patch initializes memory written to .dat files. > Once applied, ipadic can be built reproducibly in our current > experimental framework. I can confirm that the patch fixed the issue when building on Debian Stretch. I'm guessing sid or buster would work as well. live well, vagrant > Index: chasen-2.4.4/mkchadic/dumpdic.c > === > --- chasen-2.4.4.orig/mkchadic/dumpdic.c > +++ chasen-2.4.4/mkchadic/dumpdic.c > @@ -45,6 +45,7 @@ dump_dat(lexicon_t *lex, FILE *datfile, > long index; > da_dat_t dat; > > +memset(&dat, 0, sizeof(dat)); > index = ftell(datfile); > dat.stem_len = lex->stem_len; > dat.reading_len = lex->reading_len; > @@ -137,6 +138,7 @@ dump_dic(lexicon_t *entries, FILE *outpu > da_lex_t lex; > long compound = NO_COMPOUND; > > +memset(&lex, 0, sizeof(lex)); > if (entries[1].pos) > compound = dump_compound(entries, lexfile, datfile); signature.asc Description: PGP signature
Bug#881231: chasen-dictutils: writes uninitialized memory to .dat files
Package: chasen-dictutils Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: toolchain randomness ASLR padding Dear Maintainer, While working on the “reproducible builds” effort [1] for openSUSE, we have noticed that ipadic could not be built reproducibly [2] and the same is the case for Debian [3]. The attached patch initializes memory written to .dat files. Once applied, ipadic can be built reproducibly in our current experimental framework. [1]: https://wiki.debian.org/ReproducibleBuilds [2]: https://bugzilla.opensuse.org/show_bug.cgi?id=1067269 [3]: https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/ipadic.html Author: Bernhard M. Wiedemann Date: 2017-11-08 Problem: when building the ipadic package it differed for every build because its chadic.dat contains uninitialized memory from the da_dat_t structure's padding bytes Solution: initilize memory (including padding added by compilers) before use Index: chasen-2.4.4/mkchadic/dumpdic.c === --- chasen-2.4.4.orig/mkchadic/dumpdic.c +++ chasen-2.4.4/mkchadic/dumpdic.c @@ -45,6 +45,7 @@ dump_dat(lexicon_t *lex, FILE *datfile, long index; da_dat_t dat; +memset(&dat, 0, sizeof(dat)); index = ftell(datfile); dat.stem_len = lex->stem_len; dat.reading_len = lex->reading_len; @@ -137,6 +138,7 @@ dump_dic(lexicon_t *entries, FILE *outpu da_lex_t lex; long compound = NO_COMPOUND; +memset(&lex, 0, sizeof(lex)); if (entries[1].pos) compound = dump_compound(entries, lexfile, datfile);
