Hi Dave, Should I file a bugreport about this on bugzilla? What additional data would be useful to track that issue down? Could this be used as a security whole?
Thanks, Clemens 2009/8/16 Clemens Eisserer <linuxhi...@gmail.com> > Hi Dave, > > > Can you get valgrind traces by any chance? not sure we can tell > > much other than memory got corrupted from this. > > It seems at least for this case, sha1_block_data_order is reading data > from random locations: > > ==17163== Invalid read of size 4 > ==17163== at 0x439E91A: sha1_block_data_order (sx86-elf.s:76) > ==17163== by 0xFA42F463: ??? > ==17163== Address 0x4815360 is 0 bytes after a block of size 4,096 alloc'd > ==17163== at 0x4028D7E: malloc (vg_replace_malloc.c:207) > ==17163== by 0x80AE954: Xalloc (utils.c:1056) > ==17163== by 0x80AA42D: AllocateInputBuffer (io.c:1017) > ==17163== by 0x80A9545: InsertFakeRequest (io.c:498) > > I had a look at the source but I have a pretty hard time figuring out > whats going on there :-/ > The crash appears with a quite large framework I am working on, quite > hard to build your own. I could provide a binary package or wireshark > protocol if that would help? > > The valgrind log is attached, hope it helps a bit. > > Thanks, Clemens > > PS: I've found another problem when uploading multiple glyphs at once > causes a memleak. I've attached a short testcase - fills up my 3GB > pretty quick. > There's a malloc in CreatePicture which is in some cases never freed, > called at render.c : 1147. > But again, I don't understand why it works sometimes and sometimes not :-/ >
_______________________________________________ xorg mailing list xorg@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/xorg