Patch-ID# 115698-03


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security mtmalloc abort libmtmalloc oversize pointer
Synopsis: SunOS 5.9_x86: /usr/lib/libmtmalloc.so.1 Patch
Date: Jul/08/2013


Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reconfigure reboot is performed. Unless otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reconfigure reboot is performed.

Solaris Release: 9_x86

SunOS Release: 5.9_x86

Unbundled Product:

Unbundled Release:

Xref: This patch available for SPARC as patch 115697

Topic: SunOS 5.9_x86: /usr/lib/libmtmalloc.so.1 Patch

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #
702660215702160
712658615763886
446408015066193
478240115134515
483196815150569
484623115155028
484836815155638
485133415156458
485695515158234
487314615162617
487315415162622
496217115187672


Changes incorporated in this version: 15702160 15763886

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

/usr/lib/abi/abi_libmtmalloc.so.1
/usr/lib/libmtmalloc.so.1
/usr/lib/llib-lmtmalloc.ln

Problem Description:

15702160 problem with libc
15763886 problem with libc
 
(from 115698-02)
 
4464080 libmtmalloc's realloc() can return an already freed pointer
4962171 libmtmalloc does not export calloc()
 
(from 115698-01)
 
4831968 mtmalloc doesn't abort() when freeing a freed oversize pointer
4848368 mallocctl() enters endless loop in reinit_cpu_list()
4846231 MTDEBUGPATTERN can work incorrectly for oversize allocations
4851334 using MTDOUBLEFREE with libmtmalloc fails with blocks <= 64K on double free()
4782401 mtmalloc: reinit in reinit_cpu_list() should be reset when oversize_list is NULL
4856955 mallocctl() does not set MTCHUNKSIZE as per the mtmalloc(3MALLOC) man page
4873146 typo in mtmalloc.c
4873154 mtmalloc_impl.h needs tidying up


Patch Installation Instructions:
--------------------------------
 
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
 
The following example installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/123456-07
 
The following example removes a patch from a standalone system:
 
       example# patchrm 123456-07
 
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.


Special Install Instructions:
-----------------------------
 
NOTE 1:  To get the complete fix for 15702160 (problem with libc) and 15763886
         (problem with libc), please also install the following patches:
 
         122301-68 (or greater)  Kernel Patch
         114427-06 (or greater)  libumem.so.1 patch
         150194-01 (or greater)  libbsdmalloc Patch
         150196-01 (or greater)  libmalloc Patch
         150198-01 (or greater)  libmapmalloc Patch
         150505-01 (or greater)  watchmalloc Patch
 
         The fixes for 15702160 and 15763886 just change the affected
         libraries in the same way.  Applying each patch will completely
         fix 15702160 and 15763886 for those libraries that it covers.


README -- Last modified date: Monday, July 8, 2013