Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix checking for memory allocation errors #192

Merged
merged 1 commit into from
Feb 27, 2025
Merged

Fix checking for memory allocation errors #192

merged 1 commit into from
Feb 27, 2025

Conversation

DemiMarie
Copy link
Contributor

These should never happen, but call exit() if they do. Also avoid freeing an uninitialized PAM handle in such an error case.

I do not consider this a security vulnerability because there is no reasonable way I know of for an attacker to trigger this failure, but this commit should still be backported.

@marmarek
Copy link
Member

This fails to build

@DemiMarie
Fix checking for memory allocation errors
b90eb2c 
These should never happen, but call exit() if they do.  Also avoid
freeing an uninitialized PAM handle in such an error case.

I do not consider this a security vulnerability because there is no
reasonable way I know of for an attacker to trigger this failure, but
this commit should still be backported.
@codecov Codecov
Copy link

codecov bot commented Feb 20, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 0% with 12 lines in your changes missing coverage. Please review.

Project coverage is 78.84%. Comparing base (7e30563) to head (b90eb2c).
Report is 3 commits behind head on main.

Files with missing lines Patch % Lines
agent/qrexec-agent.c 0.00% 12 Missing ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #192   +/-   ##
=======================================
  Coverage   78.84%   78.84%           
=======================================
  Files          55       55           
  Lines       10146    10151    +5     
=======================================
+ Hits         8000     8004    +4     
- Misses       2146     2147    +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

This was referenced Feb 23, 2025
Merged
Merged
Merged
@qubesos-bot
Copy link

qubesos-bot commented Feb 23, 2025
edited
Loading

OpenQA test summary

Complete test suite and dependencies: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.3&build=2025022311-4.3&flavor=pull-requests

Test run included the following:

New failures, excluding unstable

Compared to: https://openqa.qubes-os.org/tests/overview?distri=qubesos&version=4.3&build=2025021804-4.3&flavor=update

  • system_tests_extra

    • TC_00_ImgConverter_whonix-gateway-17: test_000_png (error)
      Cannot process volume group qubes_dom0...

  • system_tests_audio

    • TC_20_AudioVM_Pulse_whonix-workstation-17: test_220_audio_play_pulseaudio (failure)
      AssertionError: too short audio, expected 10s, got 9.13308390022675...

  • system_tests_audio@hw1

  • system_tests_misc

    • TC_06_AppVM_whonix-gateway-17: test_020_custom_persist (failure)
      AssertionError: Calling 'ls -ld /home/user/Downloads &&test $(stat ...

    • TC_06_AppVM_whonix-workstation-17: test_020_custom_persist (failure)
      AssertionError: Calling 'ls -ld /home/user/Downloads &&test $(stat ...

  • system_tests_kde_gui_interactive

    • gui_keyboard_layout: wait_serial (wait serial expected)
      # wait_serial expected: "echo -e '[Layout]\nLayoutList=us,de' | sud...

    • gui_keyboard_layout: Failed (test died)
      # Test died: command 'test "$(cd ~user;ls e1*)" = "$(qvm-run -p wor...

  • system_tests_gui_tools@hw7

    • qui_widgets_devices: unnamed test (unknown)
    • qui_widgets_devices: Failed (test died)
      # Test died: no candidate needle with tag(s) 'qui-devices-dev-opene...

Failed tests

9 failures

  • system_tests_extra

    • TC_00_ImgConverter_whonix-gateway-17: test_000_png (error)
      Cannot process volume group qubes_dom0...

  • system_tests_audio

    • TC_20_AudioVM_Pulse_whonix-workstation-17: test_220_audio_play_pulseaudio (failure)
      AssertionError: too short audio, expected 10s, got 9.13308390022675...

  • system_tests_audio@hw1

  • system_tests_misc

    • TC_06_AppVM_whonix-gateway-17: test_020_custom_persist (failure)
      AssertionError: Calling 'ls -ld /home/user/Downloads &&test $(stat ...

    • TC_06_AppVM_whonix-workstation-17: test_020_custom_persist (failure)
      AssertionError: Calling 'ls -ld /home/user/Downloads &&test $(stat ...

  • system_tests_kde_gui_interactive

    • gui_keyboard_layout: wait_serial (wait serial expected)
      # wait_serial expected: "echo -e '[Layout]\nLayoutList=us,de' | sud...

    • gui_keyboard_layout: Failed (test died)
      # Test died: command 'test "$(cd ~user;ls e1*)" = "$(qvm-run -p wor...

  • system_tests_gui_tools@hw7

    • qui_widgets_devices: unnamed test (unknown)
    • qui_widgets_devices: Failed (test died)
      # Test died: no candidate needle with tag(s) 'qui-devices-dev-opene...

Fixed failures

Compared to: https://openqa.qubes-os.org/tests/129058#dependencies

15 fixed

  • system_tests_whonix

    • whonixcheck: fail (unknown)
      Whonixcheck for sys-whonix failed...

    • whonixcheck: unnamed test (unknown)

  • system_tests_suspend

    • suspend: unnamed test (unknown)
    • suspend: Failed (test died)
      # Test died: no candidate needle with tag(s) 'SUSPEND-FAILED' match...

  • system_tests_qrexec

  • system_tests_audio

  • system_tests_basic_vm_qrexec_gui_btrfs

    • TC_03_QvmRevertTemplateChanges: test_000_revert_linux (error)
      subprocess.CalledProcessError: Command '['sha1sum', '/var/lib/qubes...

  • system_tests_suspend@hw1

    • suspend: unnamed test (unknown)
    • suspend: Failed (test died)
      # Test died: no candidate needle with tag(s) 'SUSPEND-FAILED' match...

  • system_tests_kde_gui_interactive

    • clipboard_and_web: unnamed test (unknown)
    • clipboard_and_web: Failed (test died)
      # Test died: no candidate needle with tag(s) 'clipboard-paste-notif...

  • system_tests_whonix@hw7

    • whonixcheck: fail (unknown)
      Whonixcheck for sys-whonix failed...

    • whonixcheck: unnamed test (unknown)

Unstable tests

Performance Tests

Performance degradation:

15 performance degradations
  • debian-12-xfce_exec: 8.70 :small_red_triangle_up: ( previous job: 7.15, degradation: 121.63%)
  • whonix-workstation-17_exec-data-simplex: 52.77 :small_red_triangle_up: ( previous job: 47.01, degradation: 112.23%)
  • dom0_root_seq1m_q8t1_read 3:read_bandwidth_kb: 401292.00 :small_red_triangle_up: ( previous job: 486352.00, degradation: 82.51%)
  • dom0_root_seq1m_q8t1_write 3:write_bandwidth_kb: 223767.00 :small_red_triangle_up: ( previous job: 276742.00, degradation: 80.86%)
  • dom0_root_seq1m_q1t1_read 3:read_bandwidth_kb: 60803.00 :small_red_triangle_up: ( previous job: 423495.00, degradation: 14.36%)
  • dom0_root_seq1m_q1t1_write 3:write_bandwidth_kb: 28916.00 :small_red_triangle_up: ( previous job: 185030.00, degradation: 15.63%)
  • dom0_root_rnd4k_q32t1_read 3:read_bandwidth_kb: 1518.00 :small_red_triangle_up: ( previous job: 100699.00, degradation: 1.51%)
  • dom0_root_rnd4k_q32t1_write 3:write_bandwidth_kb: 224.00 :small_red_triangle_up: ( previous job: 3277.00, degradation: 6.84%)
  • dom0_varlibqubes_seq1m_q8t1_read 3:read_bandwidth_kb: 183883.00 :small_red_triangle_up: ( previous job: 475329.00, degradation: 38.69%)
  • fedora-41-xfce_root_rnd4k_q32t1_write 3:write_bandwidth_kb: 1725.00 :small_red_triangle_up: ( previous job: 3785.00, degradation: 45.57%)
  • fedora-41-xfce_private_rnd4k_q32t1_read 3:read_bandwidth_kb: 35238.00 :small_red_triangle_up: ( previous job: 87999.00, degradation: 40.04%)
  • fedora-41-xfce_private_rnd4k_q32t1_write 3:write_bandwidth_kb: 1295.00 :small_red_triangle_up: ( previous job: 3885.00, degradation: 33.33%)
  • fedora-41-xfce_private_rnd4k_q1t1_write 3:write_bandwidth_kb: 977.00 :small_red_triangle_up: ( previous job: 1613.00, degradation: 60.57%)
  • fedora-41-xfce_volatile_seq1m_q1t1_write 3:write_bandwidth_kb: 47437.00 :small_red_triangle_up: ( previous job: 78093.00, degradation: 60.74%)
  • fedora-41-xfce_volatile_rnd4k_q1t1_write 3:write_bandwidth_kb: 2361.00 :small_red_triangle_up: ( previous job: 2693.00, degradation: 87.67%)

Remaining performance tests:

57 tests
  • debian-12-xfce_exec-root: 28.22 :small_red_triangle_up: ( previous job: 27.97, degradation: 100.89%)
  • debian-12-xfce_socket: 8.51 :small_red_triangle_up: ( previous job: 8.33, degradation: 102.16%)
  • debian-12-xfce_socket-root: 8.72 :small_red_triangle_up: ( previous job: 8.20, degradation: 106.32%)
  • debian-12-xfce_exec-data-simplex: 46.60 🟢 ( previous job: 48.93, improvement: 95.23%)
  • debian-12-xfce_exec-data-duplex: 46.27 🟢 ( previous job: 50.76, improvement: 91.14%)
  • debian-12-xfce_exec-data-duplex-root: 65.64 :small_red_triangle_up: ( previous job: 64.91, degradation: 101.13%)
  • debian-12-xfce_socket-data-duplex: 82.05 :small_red_triangle_up: ( previous job: 81.49, degradation: 100.69%)
  • fedora-41-xfce_exec: 9.04 🟢 ( previous job: 9.13, improvement: 98.94%)
  • fedora-41-xfce_exec-root: 61.02 🟢 ( previous job: 61.17, improvement: 99.75%)
  • fedora-41-xfce_socket: 9.05 :small_red_triangle_up: ( previous job: 8.66, degradation: 104.54%)
  • fedora-41-xfce_socket-root: 9.09 :small_red_triangle_up: ( previous job: 8.61, degradation: 105.58%)
  • fedora-41-xfce_exec-data-simplex: 45.53 🟢 ( previous job: 49.65, improvement: 91.71%)
  • fedora-41-xfce_exec-data-duplex: 49.50 :small_red_triangle_up: ( previous job: 49.08, degradation: 100.85%)
  • fedora-41-xfce_exec-data-duplex-root: 82.73 :small_red_triangle_up: ( previous job: 81.65, degradation: 101.32%)
  • fedora-41-xfce_socket-data-duplex: 76.93 🟢 ( previous job: 78.62, improvement: 97.85%)
  • whonix-gateway-17_exec: 6.61 🟢 ( previous job: 7.87, improvement: 83.99%)
  • whonix-gateway-17_exec-root: 38.00 🟢 ( previous job: 38.36, improvement: 99.04%)
  • whonix-gateway-17_socket: 6.86 🟢 ( previous job: 7.54, improvement: 90.89%)
  • whonix-gateway-17_socket-root: 7.92 🟢 ( previous job: 8.27, improvement: 95.68%)
  • whonix-gateway-17_exec-data-simplex: 49.84 :small_red_triangle_up: ( previous job: 48.76, degradation: 102.21%)
  • whonix-gateway-17_exec-data-duplex: 47.45 🟢 ( previous job: 48.55, improvement: 97.73%)
  • whonix-gateway-17_exec-data-duplex-root: 72.42 :small_red_triangle_up: ( previous job: 70.13, degradation: 103.27%)
  • whonix-gateway-17_socket-data-duplex: 86.52 :small_red_triangle_up: ( previous job: 82.74, degradation: 104.57%)
  • whonix-workstation-17_exec: 8.12 🟢 ( previous job: 8.23, improvement: 98.66%)
  • whonix-workstation-17_exec-root: 52.48 🟢 ( previous job: 52.56, improvement: 99.83%)
  • whonix-workstation-17_socket: 8.35 :small_red_triangle_up: ( previous job: 8.21, degradation: 101.68%)
  • whonix-workstation-17_socket-root: 8.73 :small_red_triangle_up: ( previous job: 8.20, degradation: 106.52%)
  • whonix-workstation-17_exec-data-duplex: 49.59 :small_red_triangle_up: ( previous job: 49.48, degradation: 100.23%)
  • whonix-workstation-17_exec-data-duplex-root: 78.45 🟢 ( previous job: 79.93, improvement: 98.14%)
  • whonix-workstation-17_socket-data-duplex: 83.20 :small_red_triangle_up: ( previous job: 81.71, degradation: 101.82%)
  • dom0_root_rnd4k_q1t1_read 3:read_bandwidth_kb: 11996.00 :green_circle: ( previous job: 10163.00, improvement: 118.04%)
  • dom0_root_rnd4k_q1t1_write 3:write_bandwidth_kb: 598.00 :green_circle: ( previous job: 282.00, improvement: 212.06%)
  • dom0_varlibqubes_seq1m_q8t1_write 3:write_bandwidth_kb: 104263.00 :green_circle: ( previous job: 95209.00, improvement: 109.51%)
  • dom0_varlibqubes_seq1m_q1t1_read 3:read_bandwidth_kb: 424868.00 :small_red_triangle_up: ( previous job: 433474.00, degradation: 98.01%)
  • dom0_varlibqubes_seq1m_q1t1_write 3:write_bandwidth_kb: 188782.00 :green_circle: ( previous job: 164133.00, improvement: 115.02%)
  • dom0_varlibqubes_rnd4k_q32t1_read 3:read_bandwidth_kb: 108134.00 :green_circle: ( previous job: 99808.00, improvement: 108.34%)
  • dom0_varlibqubes_rnd4k_q32t1_write 3:write_bandwidth_kb: 8848.00 :green_circle: ( previous job: 8767.00, improvement: 100.92%)
  • dom0_varlibqubes_rnd4k_q1t1_read 3:read_bandwidth_kb: 8259.00 :green_circle: ( previous job: 7053.00, improvement: 117.10%)
  • dom0_varlibqubes_rnd4k_q1t1_write 3:write_bandwidth_kb: 4963.00 :green_circle: ( previous job: 3868.00, improvement: 128.31%)
  • fedora-41-xfce_root_seq1m_q8t1_read 3:read_bandwidth_kb: 440208.00 :green_circle: ( previous job: 396586.00, improvement: 111.00%)
  • fedora-41-xfce_root_seq1m_q8t1_write 3:write_bandwidth_kb: 267153.00 :green_circle: ( previous job: 99783.00, improvement: 267.73%)
  • fedora-41-xfce_root_seq1m_q1t1_read 3:read_bandwidth_kb: 340005.00 :small_red_triangle_up: ( previous job: 343795.00, degradation: 98.90%)
  • fedora-41-xfce_root_seq1m_q1t1_write 3:write_bandwidth_kb: 95199.00 :green_circle: ( previous job: 44770.00, improvement: 212.64%)
  • fedora-41-xfce_root_rnd4k_q32t1_read 3:read_bandwidth_kb: 86197.00 :small_red_triangle_up: ( previous job: 86742.00, degradation: 99.37%)
  • fedora-41-xfce_root_rnd4k_q1t1_read 3:read_bandwidth_kb: 9359.00 :green_circle: ( previous job: 8623.00, improvement: 108.54%)
  • fedora-41-xfce_root_rnd4k_q1t1_write 3:write_bandwidth_kb: 1043.00 :small_red_triangle_up: ( previous job: 1126.00, degradation: 92.63%)
  • fedora-41-xfce_private_seq1m_q8t1_read 3:read_bandwidth_kb: 394646.00 :small_red_triangle_up: ( previous job: 401907.00, degradation: 98.19%)
  • fedora-41-xfce_private_seq1m_q8t1_write 3:write_bandwidth_kb: 181608.00 :green_circle: ( previous job: 116848.00, improvement: 155.42%)
  • fedora-41-xfce_private_seq1m_q1t1_read 3:read_bandwidth_kb: 336946.00 :small_red_triangle_up: ( previous job: 357875.00, degradation: 94.15%)
  • fedora-41-xfce_private_seq1m_q1t1_write 3:write_bandwidth_kb: 82823.00 :green_circle: ( previous job: 41375.00, improvement: 200.18%)
  • fedora-41-xfce_private_rnd4k_q1t1_read 3:read_bandwidth_kb: 8301.00 :small_red_triangle_up: ( previous job: 8744.00, degradation: 94.93%)
  • fedora-41-xfce_volatile_seq1m_q8t1_read 3:read_bandwidth_kb: 364595.00 :small_red_triangle_up: ( previous job: 392725.00, degradation: 92.84%)
  • fedora-41-xfce_volatile_seq1m_q8t1_write 3:write_bandwidth_kb: 151182.00 :green_circle: ( previous job: 139933.00, improvement: 108.04%)
  • fedora-41-xfce_volatile_seq1m_q1t1_read 3:read_bandwidth_kb: 322341.00 :green_circle: ( previous job: 294875.00, improvement: 109.31%)
  • fedora-41-xfce_volatile_rnd4k_q32t1_read 3:read_bandwidth_kb: 78584.00 :green_circle: ( previous job: 71108.00, improvement: 110.51%)
  • fedora-41-xfce_volatile_rnd4k_q32t1_write 3:write_bandwidth_kb: 5890.00 :green_circle: ( previous job: 3959.00, improvement: 148.77%)
  • fedora-41-xfce_volatile_rnd4k_q1t1_read 3:read_bandwidth_kb: 8271.00 :small_red_triangle_up: ( previous job: 8408.00, degradation: 98.37%)

This was referenced Feb 23, 2025
Open
Merged
Open
Open
Merged
Merged
Merged
Draft
Merged
Open
Merged
Open
Merged
Open
@marmarek marmarek merged commit c4ecaad into QubesOS:main Feb 27, 2025
3 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marmarek marmarek marmarek approved these changes

Assignees
No one assigned
Labels
openqa-pending
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@DemiMarie @marmarek @qubesos-bot