Swift 3.1 contained a bug in Data which causes memory corruption when using
opened 04:20PM - 30 Mar 17 UTC
closed 08:45AM - 02 May 17 UTC
bug
Foundation
Linux
| | |
|------------------|-----------------|…
|Previous ID | SR-4435 |
|Radar | None |
|Original Reporter | kallner (JIRA User) |
|Type | Bug |
|Status | Resolved |
|Resolution | Done |
<details>
<summary>Additional Detail from JIRA</summary>
| | |
|------------------|-----------------|
|Votes | 4 |
|Component/s | Foundation |
|Labels | Bug, Linux |
|Assignee | None |
|Priority | Medium |
md5: 890348ccbfdc98261dc31a7e76ba8816
</details>
**Issue Description:**
When one uses NSData.base64EncodedString to convert the contents of an NSData to a base 64 encoded String, memory gets corrupted. The same thing happens if one uses Data.base64EncodedString, as under the covers it invokes NSData.base64EncodedString. This memory corruption can lead to SIGSEGV's and malloc/free related problems.
The following simple program demonstrates the issue:
``` java
import Foundation
var bytes: [UInt8] = [0xb4, 0xda, 0x5b, 0x80, 0x2f, 0x19, 0x40, 0x33, 0x9c, 0x4a,
0x41, 0xc0, 0x5a, 0x8a, 0x4a, 0xcd, 0x08, 0xc9, 0xd6, 0x12]
let data = NSData(bytes: &bytes, length: bytes.count)
print(data.base64EncodedString(options: .lineLength64Characters))
```
Compiling it simply with swiftc and running valgrind against it gets the following output:
==10746== Memcheck, a memory error detector
==10746== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==10746== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==10746== Command: ./main
==10746==
==10746== Invalid write of size 8
==10746== at 0x56917F9: _TTSf4g_n_d___TZFC10Foundation6NSDataP33_6A2A18DBA81B32BFAF1406C41D05FDF517base64EncodeBytesfTGSaVs5UInt8_7optionsVS0_21Base64EncodingOptions_GSaS1__ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x568AAAA: _TFC10Foundation6NSData19base64EncodedStringfT7optionsVS0_21Base64EncodingOptions_SS (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x401A72: main (in /home/kallner/bugs/base64EncodedString/main)
==10746== Address 0xec21020 is 16 bytes inside a block of size 56 free'd
==10746== at 0x4C2EDEB: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==10746== by 0x568E0C2: _TTSf4n_n_n_d_n___TTSg5GVs22_ContiguousArrayBufferVs5UInt8_GS_S0__s20_ArrayBufferProtocols_GVs14_IgnorePointerS0__GS2_S0__s16_PointerFunctions___TFEsPs20_ArrayBufferProtocol22_arrayOutOfPlaceUpdateuRd__s16_PointerFunctionwd__7Elementzwx7ElementrfTRGVs22_ContiguousArrayBufferwxS2__SiSiqd___T_ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x568CDFF: _TTSgq5Vs4Int8___TFVs15ContiguousArray16_copyToNewBufferfT8oldCountSi_T__merged (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x56914A7: _TTSf4g_n_d___TZFC10Foundation6NSDataP33_6A2A18DBA81B32BFAF1406C41D05FDF517base64EncodeBytesfTGSaVs5UInt8_7optionsVS0_21Base64EncodingOptions_GSaS1__ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x568AAAA: _TFC10Foundation6NSData19base64EncodedStringfT7optionsVS0_21Base64EncodingOptions_SS (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x401A72: main (in /home/kallner/bugs/base64EncodedString/main)
==10746== Block was alloc'd at
==10746== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==10746== by 0x5147AB5: swift_slowAlloc (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libswiftCore.so)
==10746== by 0x5147AEE: _swift_allocObject_ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libswiftCore.so)
==10746== by 0x568F2A5: _TTSf4n_n_d___TTSg5Vs5UInt8___TFVs22_ContiguousArrayBufferCfT19_uninitializedCountSi15minimumCapacitySi_GS_x__merged (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x56913EB: _TTSf4g_n_d___TZFC10Foundation6NSDataP33_6A2A18DBA81B32BFAF1406C41D05FDF517base64EncodeBytesfTGSaVs5UInt8_7optionsVS0_21Base64EncodingOptions_GSaS1__ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x568AAAA: _TFC10Foundation6NSData19base64EncodedStringfT7optionsVS0_21Base64EncodingOptions_SS (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x401A72: main (in /home/kallner/bugs/base64EncodedString/main)
==10746==
==10746== Invalid write of size 1
==10746== at 0x56917FD: _TTSf4g_n_d___TZFC10Foundation6NSDataP33_6A2A18DBA81B32BFAF1406C41D05FDF517base64EncodeBytesfTGSaVs5UInt8_7optionsVS0_21Base64EncodingOptions_GSaS1__ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x568AAAA: _TFC10Foundation6NSData19base64EncodedStringfT7optionsVS0_21Base64EncodingOptions_SS (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x401A72: main (in /home/kallner/bugs/base64EncodedString/main)
==10746== Address 0xec21048 is 0 bytes after a block of size 56 free'd
==10746== at 0x4C2EDEB: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==10746== by 0x568E0C2: _TTSf4n_n_n_d_n___TTSg5GVs22_ContiguousArrayBufferVs5UInt8_GS_S0__s20_ArrayBufferProtocols_GVs14_IgnorePointerS0__GS2_S0__s16_PointerFunctions___TFEsPs20_ArrayBufferProtocol22_arrayOutOfPlaceUpdateuRd__s16_PointerFunctionwd__7Elementzwx7ElementrfTRGVs22_ContiguousArrayBufferwxS2__SiSiqd___T_ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x568CDFF: _TTSgq5Vs4Int8___TFVs15ContiguousArray16_copyToNewBufferfT8oldCountSi_T__merged (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x56914A7: _TTSf4g_n_d___TZFC10Foundation6NSDataP33_6A2A18DBA81B32BFAF1406C41D05FDF517base64EncodeBytesfTGSaVs5UInt8_7optionsVS0_21Base64EncodingOptions_GSaS1__ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x568AAAA: _TFC10Foundation6NSData19base64EncodedStringfT7optionsVS0_21Base64EncodingOptions_SS (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x401A72: main (in /home/kallner/bugs/base64EncodedString/main)
==10746== Block was alloc'd at
==10746== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==10746== by 0x5147AB5: swift_slowAlloc (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libswiftCore.so)
==10746== by 0x5147AEE: _swift_allocObject_ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libswiftCore.so)
==10746== by 0x568F2A5: _TTSf4n_n_d___TTSg5Vs5UInt8___TFVs22_ContiguousArrayBufferCfT19_uninitializedCountSi15minimumCapacitySi_GS_x__merged (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x56913EB: _TTSf4g_n_d___TZFC10Foundation6NSDataP33_6A2A18DBA81B32BFAF1406C41D05FDF517base64EncodeBytesfTGSaVs5UInt8_7optionsVS0_21Base64EncodingOptions_GSaS1__ (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x568AAAA: _TFC10Foundation6NSData19base64EncodedStringfT7optionsVS0_21Base64EncodingOptions_SS (in /home/kallner/swift/swift-3.1-RELEASE-ubuntu16.04/usr/lib/swift/linux/libFoundation.so)
==10746== by 0x401A72: main (in /home/kallner/bugs/base64EncodedString/main)
==10746==
tNpbgC8ZQDOcSkHAWopKzQjJhI=
==10746==
==10746== HEAP SUMMARY:
==10746== in use at exit: 79,989 bytes in 44 blocks
==10746== total heap usage: 1,457 allocs, 1,413 frees, 275,270 bytes allocated
==10746==
==10746== LEAK SUMMARY:
==10746== definitely lost: 0 bytes in 0 blocks
==10746== indirectly lost: 0 bytes in 0 blocks
==10746== possibly lost: 1,808 bytes in 9 blocks
==10746== still reachable: 78,181 bytes in 35 blocks
==10746== suppressed: 0 bytes in 0 blocks
==10746== Rerun with --leak-check=full to see details of leaked memory
==10746==
==10746== For counts of detected and suppressed errors, rerun with: -v
==10746== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)
Will there be a 3.1.1 release for Linux soon? I see a release tag but I
- Bridger Maxwell
Proyb_P
April 24, 2017, 4:21pm
2
There is an official release (April 21 2017) for 3.1.1 for Ubuntu on
···
On Monday, 24 April 2017, Bridger Maxwell via swift-users < swift-users@swift.org> wrote:
Swift 3.1 contained a bug in Data which causes memory corruption whenhttps://bugs.swift .
Will there be a 3.1.1 release for Linux soon? I see a release tag but Ihttps://github.com/
- Bridger Maxwell
Do you know if that will include a backend for grandcentral to support
I wish swift supported fedora directly instead of all the hacks i have to
···
On Tue, Apr 25, 2017, 00:21 Proyb P via swift-users <swift-users@swift.org> wrote:
There is an official release (April 21 2017) for 3.1.1 for Ubuntu on
On Monday, 24 April 2017, Bridger Maxwell via swift-users < > swift-users@swift.org> wrote:
Swift 3.1 contained a bug in Data which causes memory corruption when[SR-4435] Memory corruption when using NSData.base64EncodedString · Issue #4536 · apple/swift-corelibs-foundation · GitHub
Will there be a 3.1.1 release for Linux soon? I see a release tag but IRelease swift-3.1.1-RELEASE · apple/swift · GitHub
- Bridger Maxwell
_______________________________________________https://lists.swift.org/mailman/listinfo/swift-users