** Description changed: - The Ubuntu Error Tracker has been receiving reports about a problem regarding gnome-software. This problem was most recently seen with package version 3.26.3-2ubuntu1, the problem page at https://errors.ubuntu.com/problem/d94c431d27115bab216f9e1ea756f876e7cd933b contains more details, including versions of packages affected, stacktrace or traceback, and individual crash reports. - If you do not have access to the Ubuntu Error Tracker and are a software developer, you can request it at http://forms.canonical.com/reports/. + [Impact] + snapd-glib can do an invalid memory access when parsing HTTP chunked data. Found doing code inspection and testing based on crash reports. + + [Test Case] + No specific trigger - just look for reduced reports on errors.ubuntu.com. + + [Regression Potential] + Some risk of further breaking HTTP handling in snapd-glib. Updated algorithm tested in a test program run through valgrind to give confidence in the changes. + + Error reports: + + https://errors.ubuntu.com/problem/d94c431d27115bab216f9e1ea756f876e7cd933b
** Changed in: snapd-glib (Ubuntu Bionic) Assignee: (unassigned) => Robert Ancell (robert-ancell) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1740865 Title: gnome-software (5) g_realloc → g_array_maybe_expand → g_array_set_size → g_byte_array_set_size → read_cb To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd-glib/+bug/1740865/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs