Your message dated Sat, 14 Jan 2006 18:02:09 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#340016: fixed in dchroot 0.12
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 20 Nov 2005 12:14:28 +0000
>From [EMAIL PROTECTED] Sun Nov 20 04:14:28 2005
Return-path: <[EMAIL PROTECTED]>
Received: from siesta.hirune.net ([210.188.204.54])
by spohr.debian.org with smtp (Exim 4.50)
id 1Edo5U-0007IJ-2R
for [EMAIL PROTECTED]; Sun, 20 Nov 2005 04:14:28 -0800
Received: (qmail 18495 invoked from network); 20 Nov 2005 21:14:25 +0900
Received: from unknown (HELO nk) ([EMAIL PROTECTED])
by siesta.hirune.net with SMTP; 20 Nov 2005 21:14:25 +0900
Date: Sun, 20 Nov 2005 21:14:25 +0900
From: Yasuhiro Hayase <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: dchroot accesses out of bound
Message-Id: <[EMAIL PROTECTED]>
X-Mailer: Sylpheed version 2.1.6 (GTK+ 2.6.4; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: multipart/mixed;
boundary="Multipart=_Sun__20_Nov_2005_21_14_25_+0900_+G7w2=+fCFRWQNO="
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
This is a multi-part message in MIME format.
--Multipart=_Sun__20_Nov_2005_21_14_25_+0900_+G7w2=+fCFRWQNO=
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Package: dchroot
Version: 0.11
Tags: patch
dchroot contains following statemet.
dchroot_printf("Unknown option '-%c%c'.\n",
argv[index][1], argv[index][2]);
However, it is not assured that strlen(argv[index])>=2 in the statement.
So it accesses out of the bound of the string.
% dchroot - foo | head -1 | od -c
0000000 d c h r o o t : U n k n o w n
0000020 o p t i o n ' - \0 f ' . \n
^ argv[2][0]
% dchroot - | head -1 | od -c
0000000 d c h r o o t : U n k n o w n
0000020 o p t i o n ' - \0 S ' . \n
^?? the value of next
addr in stack
--Multipart=_Sun__20_Nov_2005_21_14_25_+0900_+G7w2=+fCFRWQNO=
Content-Type: text/plain;
name="dchroot_0.11.diff"
Content-Disposition: attachment;
filename="dchroot_0.11.diff"
Content-Transfer-Encoding: 7bit
--- dchroot-0.11.orig/dchroot.c
+++ dchroot-0.11/dchroot.c
@@ -376,8 +376,8 @@
while (argv[index] && argv[index][0] == '-') {
if (argv[index][1] == '\0' || argv[index][2] != '\0') {
- dchroot_printf("Unknown option '-%c%c'.\n",
- argv[index][1], argv[index][2]);
+ dchroot_printf("Unknown option '%.2s'.\n",
+ argv[index]);
usage(argv[0]);
exit(EXIT_FAILURE);
}
--Multipart=_Sun__20_Nov_2005_21_14_25_+0900_+G7w2=+fCFRWQNO=--
---------------------------------------
Received: (at 340016-close) by bugs.debian.org; 15 Jan 2006 02:11:38 +0000
>From [EMAIL PROTECTED] Sat Jan 14 18:11:38 2006
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1ExxDd-0001c9-4R; Sat, 14 Jan 2006 18:02:09 -0800
From: David Kimdon <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.65 $
Subject: Bug#340016: fixed in dchroot 0.12
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sat, 14 Jan 2006 18:02:09 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: dchroot
Source-Version: 0.12
We believe that the bug you reported is fixed in the latest version of
dchroot, which is due to be installed in the Debian FTP archive:
dchroot_0.12.dsc
to pool/main/d/dchroot/dchroot_0.12.dsc
dchroot_0.12.tar.gz
to pool/main/d/dchroot/dchroot_0.12.tar.gz
dchroot_0.12_powerpc.deb
to pool/main/d/dchroot/dchroot_0.12_powerpc.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
David Kimdon <[EMAIL PROTECTED]> (supplier of updated dchroot package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 14 Jan 2006 15:51:16 -0800
Source: dchroot
Binary: dchroot
Architecture: source powerpc
Version: 0.12
Distribution: unstable
Urgency: low
Maintainer: David Kimdon <[EMAIL PROTECTED]>
Changed-By: David Kimdon <[EMAIL PROTECTED]>
Description:
dchroot - Execute commands under different root filesystems
Closes: 312387 313084 313085 340016
Changes:
dchroot (0.12) unstable; urgency=low
.
* Exit with an error if /etc/dchroot.conf is writable by all.
(closes: #313085)
* Use getopt() for argument processing (closes: #340016, #313084)
* Add option to query availability of a chroot (closes: #312387)
* Update to non-deprecated debhelper compatability 4 (DH_COMPAT).
Files:
27a915997ec4f79cd8e4957d41bd4ce5 498 admin optional dchroot_0.12.dsc
ea6b76c6bea7a0f219046a06752e79d7 20098 admin optional dchroot_0.12.tar.gz
fab8ef68e60da6ca4baa08f9c61800ff 10558 admin optional dchroot_0.12_powerpc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDyarLST1m+6jv1gMRAs9DAKCYEiB6k8sbNldpH8ijW6HpTO3jHwCglJCk
RMbisqh9JhIfAj25YvnJ6Gs=
=v+6Y
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
