you attach a failing sources.list file?
It has been fixed upstream, I believe.
--
-- Joshua Rogers
signature.asc
Description: OpenPGP digital signature
.)
--
-- Joshua Rogers https://internot.info/
signature.asc
Description: OpenPGP digital signature
'last_mtime', it does not
initialize the internals, for libresolv to be used by the likes of
getaddrinfo, gethostbyname, res_query, etc. etc..
Thanks,
--
-- Joshua Rogers https://internot.info/
signature.asc
Description: OpenPGP digital signature
On 07/01/15 11:44, NIIBE Yutaka wrote:
On 12/19/2014 05:47 PM, Joshua Rogers wrote:
Package: gnupg2
Version: 2.1.1
Severity: normal
in app-nks.c on line 1242, data is assigned the memory of 'datalen',
which is calculated using oldpinlen + newpinlen.
The problem is, it doesn't account
Were these ever handled?
Thanks,
--
-- Joshua Rogers https://internot.info/
signature.asc
Description: OpenPGP digital signature
--
If something in the keyserver_line failed, parse_keyserver_line would free
'server', but then return it afterwards, leading to a use-after-free.
sm/gpgsm.c, in the function main() correctly checks whether the return of
parse_keyserver_line is false.
---
sm/gpgsm.c | 1 +
1 file changed, 1
--
If something inside the ldapserver_parse_one function failed, 'server' would be
freed, then returned, leading to a use-after-free.
This code is likely copied from sm/gpgsm.c, which was also susceptible to this
bug.
---
dirmngr/ldapserver.c | 1 +
1 file changed, 1 insertion(+)
diff --git
.)
Thanks
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
.
If argc is 398, it will pass that check.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: gnupg2
Version: 2.1.1
Severity: normal
in gpgsm.c on line 861-867, there is an explicit use-after-free, if 'fail' is
true.
keyserver_list_free does not return the function, leaving it to then return the
freed value.
Thanks,
--
-- Joshua Rogers https://internot.info
Package: gnupg2
Version: 2.1.1
Severity: normal
In ks-engine-hkp.c on line 509 'reftbl' is freed, but it is then used on line
511. I'm guessing this is a missing return;.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ
Sorry, I already reported this before:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773473
Please close.
Thanks,
--
-- Joshua Rogers https://internot.info/
Package: gnupg2
Version: 2.1.1
Severity: normal
on line 253 of ecdh.c, memset is called with a 0 fill value, which will do
nothing. what's the point?
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject
Package: gnupg2
Version: 2.1.1
Severity: normal
In ldapserver.c on line 127, 'server' is freed, but it is then returned on line
130.
This code looks like a copy and paste from gpgsm.c (see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773473)
Thanks,
--
-- Joshua Rogers https
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
On line 204 of crlfetch.c 'hd' is run through http_get_status_code, but it is
possible for 'hd' not to be set, if opt.disable_http is true.(see lines 192-202)
Thanks
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email
--
Inside the get_public_key function, 'fp' was opened using popen, but
incorrectly closed using fclose.
From pclose(2):
The return value from popen() is a normal standard I/O stream in
all respects save that it must be closed with pclose() rather
than fclose(3).
---
Closing.
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
, TSYNC_REF_LOCAL, TSYNC_REF_LEN);
354strncpy((char *)pp-refid, TSYNC_REF_LOCAL, TSYNC_REF_LEN);
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
In dotlock.c on line 682 and 721, there is a double close of 'fd'.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
In stringhelp.c, line 525-526, no check is made to see if home_buffer is not
NULL, like it is checked if xmode is false, on line 530.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ
Package: gnupg2
Version: 2.1.1
Severity: normal
in signal.c on line 105, 'raise(sig);' is run, but later on, on line 127, sig
is checked to be within 0-9. either it should be checked on 105, or the
check at 127 for 0 should be removed.
Thanks,
--
-- Joshua Rogers https
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
On line 1492 and 1493 of iobuf.c, 'len' is used to define the 'ret_len' in the
file_filter, but len is never actually defined, leaving it open to strange
interpretations in different enviroments.
Thanks,
--
-- Joshua Rogers https
to be freed beforehand. (In reality, it shouldn't be freed before it is
sent to failure;)
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
); return rc;
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
the line.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
In sm/gpgsm.c, on line 864, 'server' is freed, but then on line 867 it is
returned.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
In app-openpgp.c on line 1462, 'popen' is used to open command.
Later on, on line 1472, fclose is used instead of pclose.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
in curl-shim.c, on line 167, the function is returned, but va_end is never run.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe
Package: bsd-mailx
Version: 8.1.2-0.20131005cvs-1
Severity: normal
Hi,
In fio.c on line 592, cp = expand(buf); is run, which returns that
argument.
Below it on line 594, return(cp); is run, but it points to an
out-of-scope 'buf' variable.
Thanks,
--
-- Joshua Rogers https://internot.info
Sorry, it's actually heirloom-mailx, not bsd-mailx.
Can this be reassigned?
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On 19/12/14 07:38, Joshua Rogers wrote:
Sorry, it's actually heirloom-mailx, not bsd-mailx.
Can this be reassigned?
Thanks,
Nope! I'm wrong!
It _is_ bsd-mailx.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
. I didn't really have a good look
though, so I may have missed other activity.
Anyways, if you could do the patch generation and fowarding, that would
be great. I really can't be bothered doing it myself, to be honest, lol.
They're all mostly one-liner fixes.
Thanks,
--
-- Joshua Rogers https
I messed up the line numbers on this.
The first pwbuf is freed on line 2438, then the failure part is at 2509.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
Package: gnupg2
Version: 2.1.1
Severity: normal
in keyedit.c, on line 2478, 'prefs' is used as an array, but it's actually a
singleton.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe
Package: gnupg2
Version: 2.1.1
Severity: normal
In dotlock.c on line 682-683, close(fd) is attempted. If it succeeds, goto
write_failed is executed.
write_failed explicitly closes fd, leading to a double-close of fd.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
In 'iobuf.c' on lines 1131-1133, there is a use-after-free if DBG_IOBUF
is enabled.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
In gpgkey2ssh.c, in the function key_to_blob on line 210, va_end is never
called.
Thanks,
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe
,
str_quote_meta(old), str_quote_meta(new),
command_get_pager());
In command_get_pager(void):
pager = getenv(PAGER);
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject
On 17/12/14 04:08, Joshua Rogers wrote:
I sent that email a bit too early.
I found this using Coverity.
Ugh, I'm too tired for this. I just realized it obviously cannot
overlow, since %.250s is used.
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ
I sent that email a bit too early.
I found this using Coverity.
--
-- Joshua Rogers https://internot.info/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
if '#' is inside []. for (I
= Buffer; *I != 0 *I != '#'; I++) if (*I == '[') I = strchr(I + 1,
']'); *I = 0;
Thanks,
--
-- Joshua Rogers https://internot.info/
signature.asc
Description: OpenPGP digital signature
d
'grep set to automatically installed.' should never be outputted.
-- -- Joshua Rogers https://internot.info/
signature.asc
Description: OpenPGP digital signature
decompress_filter(decompressor, p1[0], p2_out,
_(decompressing archive member));
which calls
varbuf_vprintf(desc, desc_fmt, args);
which calls
varbuf_grow(v, needed + 1);
WHICH CALLS
v-buf = m_realloc(v-buf, v-size);
is never freed.
Thanks,
--
-- Joshua Rogers https
And just one more before I'm done...
dpkg-deb/build.c
m= m_malloc(strlen(dir) + sizeof(DEBEXT));
m is never freed.
Thanks,
--
-- Joshua Rogers https://internot.info/
signature.asc
Description: OpenPGP digital signature
in filesdb.c(again):
void filesdbinit(void) { struct filenamenode *fnn; int i;
pkgadmindir_init(); for (i=0; iBINS; i++) for (fnn= bins[i]; fnn;
fnn= fnn-next) { fnn-flags= 0; fnn-oldhash = NULL; fnn-filestat =
NULL; } }
Anyways, point is, pathname is never freed.
Thanks,
--
-- Joshua Rogers
?
Thanks,
--
-- Joshua Rogers https://internot.info/
signature.asc
Description: OpenPGP digital signature
On 14/11/14 08:57, Joshua Rogers wrote:
Any suggestions?
Ehh, I got it kind of working.
I'll do further testing when I wake up.
Thanks,
--
-- Joshua Rogers https://internot.info/
signature.asc
Description: OpenPGP digital signature
not contain a % symbol.
This is just the format string issue reported before, it affects only
the Package and Architecture fields. The problem here is that the
parser is matching partial strings against field names, so that's
wrong, and I'm fixing this separately.
Great, thanks!
--
-- Joshua
, rtld_fini=optimised out, stack_end=0x7fffe148) at
libc-start.c:226
#11 0x00402ac5 in _start ()
A quick guess is that because the
: 1
part of the file does not have a 'name', it trys to call a NULL.
Somebody should check if I'm right, though.
Thanks,
--
-- Joshua Rogers https
--
-- Joshua Rogers https://internot.info/
signature.asc
Description: OpenPGP digital signature
It looks like download_item.c:99 has the same code, just FYI.
-- Joshua Rogers https://internot.info/
On 01/11/14 07:03, Manuel A. Fernandez Montecelo wrote:
Source: aptitude
Version: 0.6.11-1
2014-10-30 11:23 Joshua Rogers:
Hi guys,
I was looking at the Aptitude source code, and came
51 matches
Mail list logo
