From nobody Mon Jan 24 13:14:45 2022 X-Original-To: dev-commits-ports-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 29A8E197BC57; Mon, 24 Jan 2022 13:14:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jj9SQ0QzBz4Vpt; Mon, 24 Jan 2022 13:14:46 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643030086; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vhdpe7i8hUbcSrITqGZdEcsJR0O5W7DIDmsES+SXq5E=; b=eKSJUJk3gm1ih76ARSxt3H25JXVTf9UN+e+IjeTd+pfU/3ehwd3bW6KMXRMV2RlEeVoE0w Z4lEO/tbV/Gbv7/Li46QRHyUzdI2zGFP9XrZOQTE9RqW4Y7MnrsT//fQa8+q4KRpIniOb9 kpxjhWU+Pu8wDvS8lp6WdoDY4kSqwRor0rZ0zU7UCusWVCv3KTGgS0YVrDxFQw8ESNh+m7 cmrZPuJegxv2fy0vH3e/8wiWbl72r13NE4k/4VU5Hg7VPxYMGKV6NUIbJfZjrJewf+2iRV SSqigi1MJYDwOLNZCPy4Jb/ZsugSLDpPVWzB1gY9a3HofTM+ZUxoMTR0CgToAA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DFBD9168FC; Mon, 24 Jan 2022 13:14:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20ODEjvJ053518; Mon, 24 Jan 2022 13:14:45 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20ODEjd7053517; Mon, 24 Jan 2022 13:14:45 GMT (envelope-from git) Date: Mon, 24 Jan 2022 13:14:45 GMT Message-Id: <202201241314.20ODEjd7053517@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Adriaan de Groot Subject: git: 017b38ede362 - 2022Q1 - net/kldap: fix crash because of UB List-Id: Commits to the quarterly branches of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-branches@freebsd.org X-BeenThere: dev-commits-ports-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: adridg X-Git-Repository: ports X-Git-Refname: refs/heads/2022Q1 X-Git-Reftype: branch X-Git-Commit: 017b38ede362a0ce60b109b4756f6924572df820 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643030086; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vhdpe7i8hUbcSrITqGZdEcsJR0O5W7DIDmsES+SXq5E=; b=bIDOUM33Tna6hGeyKJUNBrgenHxEy60cNevFVDW4Q7UCzy3lvzARC5lgp7XS1f1j8Qv7B6 17Dd1aihgE9gmEJMHtk9ZwVA5QQgAKpssa9S2qnwQZ5ahQP7gYg0XCX6wY0NFN25GqbHFL 4oi14S5awS14oi3swbD1z+iGKp+fX6jwU36MCDaXkXs/uF17kCahCV9dce8CqkykV4t/0x UjbtKE57JnDVyVmW7k8+KuCYLZyIsHlzgItdWfWm2kRdCjWxRdcw0iNH5fMQPDjnD42moe xp7gSlcnsMHWJx5Hw1VQvauUZf2HtGA2tjLxnaBXhFFh4+yrI1YeHpAqJ5IcTw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643030086; a=rsa-sha256; cv=none; b=pLtR3I4hDRwJSN5vuj2INtYIHc/tEiZOT6UDCqfK6UL4+quE8W4tgdZaY88SPwxPWGv860 P9RUhsmSJXp47EzXiUELjwb5arEWKzM1ub7ht2NWIwlQAL+fSvpL2kDZkkWTevw8aLLlDw mlPlBOroytigJYzK/wd8Mg8abGp7lg5ARcza/1uN3SrRzPLXvLulcHBrXDZ2GC5ShRpj/E lruBeLTe2t2pHtiAl8AP5RZ1HZKt/Jd6s4tNtSg/WXGp6phUFOUurm5syoYIxxcF/ozVyT urSNKf3pkARTftVzpSOkBOi4/cuY4aCLGqPTIG5UN2pWLshXplfNV1jmTvDRAA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch 2022Q1 has been updated by adridg: URL: https://cgit.FreeBSD.org/ports/commit/?id=017b38ede362a0ce60b109b4756f6924572df820 commit 017b38ede362a0ce60b109b4756f6924572df820 Author: Adriaan de Groot AuthorDate: 2022-01-24 11:02:08 +0000 Commit: Adriaan de Groot CommitDate: 2022-01-24 13:14:27 +0000 net/kldap: fix crash because of UB Patch submitted upstream. PR: 261069 (cherry picked from commit acbc052765d87af0a436f10b4c5a35880eaa14d2) --- net/kldap/Makefile | 1 + net/kldap/files/patch-UB.diff | 68 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+) diff --git a/net/kldap/Makefile b/net/kldap/Makefile index 4bbd45d60e18..ee58c745a78f 100644 --- a/net/kldap/Makefile +++ b/net/kldap/Makefile @@ -1,5 +1,6 @@ PORTNAME= kldap DISTVERSION= ${KDE_APPLICATIONS_VERSION} +PORTREVISION= 1 CATEGORIES= net kde kde-applications MAINTAINER= kde@FreeBSD.org diff --git a/net/kldap/files/patch-UB.diff b/net/kldap/files/patch-UB.diff new file mode 100644 index 000000000000..6a8c2057156f --- /dev/null +++ b/net/kldap/files/patch-UB.diff @@ -0,0 +1,68 @@ +commit 1683a9d0749550b81ba3fd7ddeba4fc0884acb47 +Author: Adriaan de Groot +Date: Mon Jan 24 11:27:29 2022 +0100 + + Fix crash in destructor when using libcxx (Clang STL, FreeBSD) + + This code crashes in the destructor of LdapClient on FreeBSD. + The crash is visible to uses who + - start KOrganizer + - click the "New Event" button + + The underlying issue is a lot like the one described in + https://blogs.kde.org/2021/02/20/uniqueptr-difference-between-libstdc-and-libc-crashes-your-application + There is a convoluted call-chain on destruction of LdapClient: + - ~LdapClient + - ~std::unique_ptr + - ~LdapClientPrivate + - LdapClient::cancelQuery + - (accesses to members of LdapClientPrivate `d`) + + With libcxx, the pointer in `d` is already set to nullptr and + SEGV happens. I'm not sure it isn't UB, anyway, since the + destructor body for LdapClient has already run. + + The fix moves the implementation of `cancelQuery()` into + the private class. This means that the LdapClient class does + a little less poking-and-prodding in the private class, + but also cuts out the call-from-private-back-to-destroyed- + owning-LdapClient, fixing the SEGV and possible UB. +diff --git src/widgets/ldapclient.cpp src/widgets/ldapclient.cpp +index cf94ea9..012b3a7 100644 +--- src/widgets/ldapclient.cpp ++++ src/widgets/ldapclient.cpp +@@ -31,9 +31,11 @@ public: + + ~LdapClientPrivate() + { +- q->cancelQuery(); ++ cancelQuery(); + } + ++ void cancelQuery(); ++ + void startParseLDIF(); + void parseLDIF(const QByteArray &data); + void endParseLDIF(); +@@ -133,12 +135,17 @@ void LdapClient::startQuery(const QString &filter) + + void LdapClient::cancelQuery() + { +- if (d->mJob) { +- d->mJob->kill(); +- d->mJob = nullptr; ++ d->cancelQuery(); ++} ++ ++void LdapClient::LdapClientPrivate::cancelQuery() ++{ ++ if (mJob) { ++ mJob->kill(); ++ mJob = nullptr; + } + +- d->mActive = false; ++ mActive = false; + } + + void LdapClient::LdapClientPrivate::slotData(KIO::Job *, const QByteArray &data)