Masu haɓaka tsarin aiki na wayar hannu ta Aurora (cokali mai yatsa na Sailfish OS wanda kamfanin Open Mobile Platform ya haɓaka) sun ba da labari mai ban sha'awa game da kawar da su. () a cikin Glibc, wanda ke bayyana kawai akan dandalin ARMv7. An bayyana bayanan game da raunin a cikin watan Mayu, amma har zuwa 'yan kwanakin nan, ba a sami gyare-gyare ba, duk da cewa raunin da ya faru. babban matakin haɗari kuma akwai samfurin aiki na amfani wanda ke ba ku damar tsara aiwatar da code lokacin sarrafa bayanan da aka tsara ta wata hanya a cikin ayyukan memcpy () da memmove(). Kunshin gyara don и Har yanzu ba a sake su ba kuma raunin ya kasance ba a daidaita shi ba kusan watanni biyu daga lokacin bayyana jama'a da watanni biyar daga lokacin da aka sanar da masu haɓaka Glibc.
Lalacewar ta bayyana kanta a cikin aiwatar da memcpy () da memmove () a cikin yaren taro don ARMv7 kuma an haifar da shi ta hanyar sarrafa mummunan ƙimar ma'aunin da ba daidai ba wanda ke ƙayyade girman yankin da aka kwafi. Matsaloli tare da haɓaka facin sun fara ne lokacin da kamfanoni и sun sanar da cewa matsalar ba ta shafi dandamalin su ba, tunda ba su gina tsarin 32-bit ARMv7 ba, kuma ba su shiga cikin ƙirƙirar gyara ba. Masu haɓaka rarrabuwa da yawa da aka haɗa da alama sun dogara ga ƙungiyar Glibc, kuma ba su da hannu sosai wajen shirya gyaran.
Zaɓi Don toshe matsalar, kusan nan da nan Huawei ya ba da shawarar cewa ya yi ƙoƙarin maye gurbin umarnin taro da ke aiki tare da operands da aka sa hannu (bge da blt) tare da analogues marasa sa hannu (blo da bhs). Masu kula da Glibc sun haɓaka saitin gwaje-gwaje don bincika yanayin kuskure daban-daban, bayan haka ya nuna cewa facin Huawei bai dace ba kuma bai aiwatar da duk yuwuwar haɗa bayanan shigarwa ba.
Tun da Aurora OS yana da ginin 32-bit don ARM, masu haɓakawa sun yanke shawarar rufe raunin da kansu kuma suna ba da mafita ga al'umma. Wahalar ita ce ya zama dole a rubuta ingantaccen harshe taro aiwatar da aikin da la'akari da zaɓuɓɓuka daban-daban don shigar da mahawara. An sake rubuta aiwatarwa ta amfani da umarnin da ba a sanya hannu ba. Ya juya ya zama ƙarami, amma babbar matsalar ita ce kiyaye saurin aiwatarwa da kuma guje wa lalata ayyukan memcpy da memmove, yayin da yake kiyaye dacewa tare da duk haɗakar ƙimar shigarwa.
A farkon watan Yuni, an shirya nau'ikan gyara guda biyu, suna wucewa da tsarin gwajin masu kula da Glibc da ɗakin gwajin ciki na Aurora. A ranar 3 ga Yuni, an zaɓi ɗaya daga cikin zaɓuɓɓuka kuma zuwa Glibc jerin aikawasiku. Bayan mako guda
ya kasance wani faci mai kama da tsarin, wanda ya gyara matsala a cikin aiwatar da multiarch, wanda Huawei ya yi ƙoƙarin gyarawa a baya. Gwaji ya ɗauki wata guda kuma saboda mahimmancin facin.
8 ga Yuli gyara zuwa babban reshe na fitowar glibc 2.32 mai zuwa. Ayyukan aiwatarwa sun haɗa da faci guda biyu - don aiwatar da multiarch na memcpy don ARMv7, da don aiwatar da yaren taron gama gari na memcpy () da memmove() don ARM.
Matsalar tana shafar miliyoyin na'urorin ARMv7 da ke aiki da Linux, kuma ba tare da sabuntawar da suka dace ba, masu mallakar suna cikin haɗari lokacin haɗa su zuwa cibiyar sadarwar (ayyukan da ke da damar hanyar sadarwa da aikace-aikacen da ke karɓar bayanan shigarwa ba tare da ƙuntatawa girman girman za a iya kaiwa hari ba). Misali, cin gajiyar da masu binciken suka yi wanda suka gano raunin ya nuna yadda ake kai hari kan uwar garken HTTP da aka gina a cikin tsarin bayanan mota ta hanyar aika buƙatun GET mai girma da samun tushen tushen tsarin.
source: budenet.ru