Your message dated Sun, 01 Nov 2009 09:43:45 +0000
with message-id <[email protected]>
and subject line Bug#335206: fixed in makeztxt 1.62-1
has caused the Debian Bug report #335206,
regarding makeztxt -a 2 segfaults
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
335206: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335206
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: makeztxt
Version: 1.60-5
Severity: important
Tags: patch
There's an off-by-one error in makeztxt that causes it to segfault on my
system.
Upstream bug report:
http://sourceforge.net/tracker/index.php?func=detail&aid=1334937&group_id=9595&atid=109595
Patch to fix the bug is attached (I hope the BTS will cope; if not I'll
resend it inline).
(I'm using Ubuntu Breezy, BTW, but makeztxt has no Ubuntu-specific
changes.)
P.S. Hi, Rolandas!
Marius Gedminas
--
Include me out.
makeztxt 1.60 may segfault if you run it with -a 2 on a text file that
has a line of text longer than 255 characters.
The bug:
reformat_ztxt allocates a 255-byte buffer on the stack, then calls
getline_nocr and specifies outsize == 255. getline_nocr tries
to guard against buffer overflows by comparing (i < outsize - 1).
What happens when i == outsize - 2? We step into the loop, do i++,
then see that i == outsize - 1, break outside the loop, do i++ again (now i
== outsize), then do out[i] = '\0' which steps outside the array and
overwrites a different variable on the caller's stack.
The fix:
--- libztxt/ztxt_process.c.orig 2005-10-22 18:33:28.000000000 +0300
+++ libztxt/ztxt_process.c 2005-10-22 18:33:29.000000000 +0300
@@ -478,7 +478,7 @@
if (*offset >= insize - 1)
return NULL;
- while ((buf[i] != '\n') && (*offset < insize-1) && (i < outsize-1))
+ while ((buf[i] != '\n') && (*offset < insize-1) && (i < outsize-2))
{
i++;
(*offset)++;
--- End Message ---
--- Begin Message ---
Source: makeztxt
Source-Version: 1.62-1
We believe that the bug you reported is fixed in the latest version of
makeztxt, which is due to be installed in the Debian FTP archive:
makeztxt_1.62-1.diff.gz
to main/m/makeztxt/makeztxt_1.62-1.diff.gz
makeztxt_1.62-1.dsc
to main/m/makeztxt/makeztxt_1.62-1.dsc
makeztxt_1.62-1_i386.deb
to main/m/makeztxt/makeztxt_1.62-1_i386.deb
makeztxt_1.62.orig.tar.gz
to main/m/makeztxt/makeztxt_1.62.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Barry deFreese <[email protected]> (supplier of updated makeztxt package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 31 Oct 2009 10:44:44 -0400
Source: makeztxt
Binary: makeztxt
Architecture: source i386
Version: 1.62-1
Distribution: unstable
Urgency: low
Maintainer: Debian QA Group <[email protected]>
Changed-By: Barry deFreese <[email protected]>
Description:
makeztxt - Create zTXT databases from ASCII files to read them in a Palm
Closes: 335206 417241 450228 526559 552793
Changes:
makeztxt (1.62-1) unstable; urgency=low
.
* QA upload.
+ Set maintainer to Debian QA Group <[email protected]>.
* Acknowledge NMUs. (Closes: #552793).
* New upstream release. Packaging taken from Ubuntu.
+ Patch on file ztxt_process split into two logically
separate patches.
+ debian/watch: updated for current URL (Closes: #450228)
- libztxt/ztxt_process.c: fix has off-by-one (Closes: #335206)
+ define __USE_GNU for process_regex in ztxt_process so it will build
+ debian/control:
+ updated to include quilt patching
+ clean target should not ignore return value
+ debian/rules:
+ updated to include quilt patching
* 05-regs_storage_size.patch - Add _GNU_SOURCE. (Closes: #526559).
+ Thanks to Peter Green for the patch!
* 06-amd64_pdb.patch - Fix datatypes on amd64. (Closes: #417241).
+ Thanks to Matija Nalis for the fix.
* Add README.source for quilt patch system.
* Bump debhelper build-dep and compat to 5.
* Bump Standards Version to 3.8.3. (No changes needed).
Checksums-Sha1:
d08cef5b2e82caefe4a0c300cc4d3fe147aeb470 970 makeztxt_1.62-1.dsc
115f4b02f9a7a8d2a2fc012e1b901eab7e478711 39971 makeztxt_1.62.orig.tar.gz
39587eed8060e2a73aa07aa3626305ec7e77a99e 5349 makeztxt_1.62-1.diff.gz
e5e3fd951bcac5ab4ae92c8518ad3642166535e4 26934 makeztxt_1.62-1_i386.deb
Checksums-Sha256:
2ee69b35cf5984bb40d9feb23c667d330b8afdec5cc04548a780eb21a984b742 970
makeztxt_1.62-1.dsc
72404f0c1ea037038937884a79f75061d2c0347de0d9cd09b91b8f3139cd9567 39971
makeztxt_1.62.orig.tar.gz
10a54b8ae8b794fa6ab5ca33c48ea10ac88817d8ea8385273b4e54b3c3b04976 5349
makeztxt_1.62-1.diff.gz
6eaf2b4f11354d80925fb4773288f6ae21cf9e81849515aaec0a1d9a545ca399 26934
makeztxt_1.62-1_i386.deb
Files:
2be2e177f5396bb23b80a767673618ac 970 otherosfs optional makeztxt_1.62-1.dsc
81b44b72894248b7e579592e650f1da4 39971 otherosfs optional
makeztxt_1.62.orig.tar.gz
6a68bff7b8c2b5c303a8f13869fd641f 5349 otherosfs optional
makeztxt_1.62-1.diff.gz
1318887038be057fcff3fe122be69f3f 26934 otherosfs optional
makeztxt_1.62-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkrs0pMACgkQ5ItltUs5T35zTgCfSFrO6ovkVPQufKCn2oBM6/xk
EBcAn3JUxo72knZ+cehf+Mk/Ig0spWsy
=DMLI
-----END PGP SIGNATURE-----
--- End Message ---
