This is evident from the test failure: $ ./tests/run_tests.sh tests/UNIT/cunit/system_socket_test_002.sh --==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==-- Running test tests/UNIT/cunit/system_socket_test_002.sh (18:13:58) --==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==-- ================================================== Running "system_socket_test tcp 192.168.1.25:445 192.168.2.75:54321 0 0 0" -------------------------------------------------- Output (Exit status: 0): -------------------------------------------------- 000000 45 00 00 08 00 00 00 00 ff 06 00 00 c0 a8 01 19 000010 c0 a8 02 4b 01 bd d4 31 00 00 00 00 00 00 00 00 000020 50 10 04 d2 d5 14 00 00 000028 -------------------------------------------------- Required output (Exit status: 0): -------------------------------------------------- 000000 45 00 00 08 00 00 00 00 ff 06 00 00 c0 a8 01 19 000010 c0 a8 02 4b 01 bd d4 31 00 00 00 00 00 00 00 00 000020 50 10 04 d2 50 5f 00 00 000028 FAILED ========================================================================== TEST FAILED: tests/UNIT/cunit/system_socket_test_002.sh (status 1) (duration: 0s) ========================================================================== *FAILED* tests/UNIT/cunit/system_socket_test_002.sh
This bug was referenced in samba master: 6aa396b0cd1f83f45cb76a4f3123d99135e8dd8c
Created attachment 16315 [details] Patch for v4-13, v4-12 and v4-11
Hi Karolin, This is ready for 4.13 and 4.12. It also applies to 4.11. We understand that 4.11 is security only. This is an annoying bug because it is only exposed by the most recent versions of gcc. If anyone compiles with these versions then the previously working code will silently generate incorrect packets that might be dropped, causing unexpected results. However, if security-only is security-only then we understand. :-) Thanks...
(In reply to Martin Schwenke from comment #3) Pushed to autobuild-v4-{13,12}-test. Thinking of another 4.11 release. Maybe others would like to comment?
This bug was referenced in samba v4-13-test: 6521b0ff5e23dea526f3c0cf9c5843bbb07adcec
This bug was referenced in samba v4-12-test: 7e955ca5cf91a3cfdc53132c362de0b6c4ffa64b
(In reply to Karolin Seeger from comment #4) If a compiler version can generate wrong code (for whatever reason), then it definitely needs fixing in the currently supported releases. It's actually worse than a security issue because correctness of the program is affected. I think this patch must be added to 4.11 as long as it's a supported release.
(In reply to Amitay Isaacs from comment #7) Hi Amitay, ok, thanks for clarifying! There will be a 4.11 bugfix release asap.
Pushed to autobuild-v4-11-test.
This bug was referenced in samba v4-11-test: 4352c99b18ff4d89de53927a8f07634f3abd94cf
This bug was referenced in samba v4-13-stable (Release samba-4.13.2): 6521b0ff5e23dea526f3c0cf9c5843bbb07adcec
Is there a good reason this is embargoed, particularly now it is shipped? Otherwise we should remove the samba-team and vendors only restriction.
This bug was referenced in samba v4-11-stable (Release samba-4.11.16): 4352c99b18ff4d89de53927a8f07634f3abd94cf
This bug was referenced in samba v4-12-stable (Release samba-4.12.10): 7e955ca5cf91a3cfdc53132c362de0b6c4ffa64b
(In reply to Andrew Bartlett from comment #12) Re-assigning to Amitay to answer this question.
(In reply to Karolin Seeger from comment #15) There is no reason for embargo on this one as this is not a security issue. We can definitely remove the samba-team and vendor restrictions. People definitely need to know about this defect to avoid non-working ctdb if compiled with gcc 10.
Hi Karolin, Re-assigning this to you, so you can close it when the backport process is complete. Thanks. Amitay.