Uninitialized use with glibc version <= 2.28

Bug #1841403 reported by Bowen Wang
This bug affects 1 person
Affects Status Importance Assigned to Milestone
glibc (Ubuntu)
Fix Released
Fix Released

Bug Description

This bug is found in Ubuntu 18.10 and 18.04.

I am not sure if it has been fixed or not, so I think I should report it first.

In 18.10 or 18.04, if you updated all the software to newest version, then execute:
valgrind objdump -d test-input.

The output of valgrind on Ubuntu 18.10:
==30071== Memcheck, a memory error detector
==30071== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==30071== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==30071== Command: objdump -d input.12602
==30071== Parent PID: 21664
==30071== Conditional jump or move depends on uninitialised value(s)
==30071== at 0x524DF47: __wmemchr_avx2 (memchr-avx2.S:260)
==30071== by 0x51AD4C2: internal_fnwmatch (fnmatch_loop.c:168)
==30071== by 0x51B0868: fnmatch@@GLIBC_2.2.5 (fnmatch.c:434)
==30071== by 0x4E3B646: ??? (in /usr/lib/x86_64-linux-gnu/libbfd-2.31.1-multiarch.so)
==30071== by 0x4E3B738: bfd_set_default_target (in /usr/lib/x86_64-linux-gnu/libbfd-2.31.1-multiarch.so)
==30071== by 0x14017C: ??? (in /usr/bin/x86_64-linux-gnu-objdump)
==30071== by 0x10F97A: ??? (in /usr/bin/x86_64-linux-gnu-objdump)
==30071== by 0x50ED09A: (below main) (libc-start.c:308)
==30071== HEAP SUMMARY:
==30071== in use at exit: 0 bytes in 0 blocks
==30071== total heap usage: 768 allocs, 768 frees, 342,516 bytes allocated
==30071== All heap blocks were freed -- no leaks are possible
==30071== For counts of detected and suppressed errors, rerun with: -v
==30071== Use --track-origins=yes to see where uninitialised values come from
==30071== ERROR SUMMARY: 6 errors from 1 contexts (suppressed: 0 from 0)

The test input is attached.

Revision history for this message
Bowen Wang (bowenwang) wrote :
Balint Reczey (rbalint)
Changed in glibc (Ubuntu Bionic):
status: New → Confirmed
Changed in glibc (Ubuntu Focal):
status: New → Fix Released
Changed in glibc (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.