Your message dated Tue, 29 Mar 2016 21:50:40 +0000
with message-id <[email protected]>
and subject line Bug#819410: fixed in garmin-forerunner-tools 0.10repacked-8
has caused the Debian Bug report #819410,
regarding garmin-forerunner-tools: missing prototypes will cause segfaults on
64-bit archs
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
819410: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819410
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: garmin-forerunner-tools
Version: 0.10repacked-7
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu xenial ubuntu-patch
Hi folks,
The Ubuntu autobuilders have detected a problem with your package on 64-bit
architectures. The code is using various standard C functions without
including the headers necessary to declare them. Implicit declarations are
treated as returning an int, which means for any of these functions that
return a pointer the return value will be truncated on 64-bit architectures,
typically resulting in a segfault.
The attached patch fixes the various missing function declarations, which
should eliminate various bugs - including segfaults on 64-bit architectures
- and allow the package to build in Ubuntu, where this is treated as a build
failure.
In the process, I've also identified some issues in debian/rules that
prevent the package from cleanly building in place more than once. Please
find the patch for all of these issues attached. It has been uploaded to
Ubuntu with the following changelog:
* debian/patches/missing-prototypes: include missing headers to ensure
proper declarations.
* fix debian/rules dependencies to not make config.status depend on
'configure' target, a file that will be removed in debian/rules clean.
* fix clean target to not fail.
As an aside, I had a brief look at bug #816314 to see if it was related. It
wasn't; the crashing function was unaffected by this bug, and the crash was
reported on i386, a 32-bit architecture. But what I saw of the code in the
process leaves me concerned about the overall code quality in this package.
In particular, this construction in garmin_open():
if ( garmin->usb.handle == NULL ) {
if ( ctx == NULL ) {
[...]
if ( err ) {
[...]
return ( garmin->usb.handle != NULL );
}
}
[...]
}
So obviously, garmin->usb.handle is NULL at this point...?
The build log also reports that libgarmintools is not linked against the
libusb library that it depends on, which could cause bugs later if libusb
ever started using symbol versioning.
Hopefully this patch will help with this package's utility, but it looks to
me like some deeper maintenance might be in order.
Thanks for considering,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
[email protected] [email protected]
diff -Nru garmin-forerunner-tools-0.10repacked/debian/patches/missing-prototypes garmin-forerunner-tools-0.10repacked/debian/patches/missing-prototypes
--- garmin-forerunner-tools-0.10repacked/debian/patches/missing-prototypes 1969-12-31 16:00:00.000000000 -0800
+++ garmin-forerunner-tools-0.10repacked/debian/patches/missing-prototypes 2016-03-27 22:55:23.000000000 -0700
@@ -0,0 +1,106 @@
+Description: include missing headers to ensure proper declarations
+ garmin-forerunner-tools uses several standard C functions without including
+ the proper headers needed to pick up their declarations. Some of these
+ functions return pointers. Failure to include the headers means the
+ return type is assumed to be an int, which means the pointer is implicitly
+ cast to an int, losing data on 64-bit architectures.
+Author: Steve Langasek <[email protected]>
+
+Index: garmin-forerunner-tools-0.10repacked/src/usb_comm.c
+===================================================================
+--- garmin-forerunner-tools-0.10repacked.orig/src/usb_comm.c
++++ garmin-forerunner-tools-0.10repacked/src/usb_comm.c
+@@ -21,6 +21,7 @@
+ #include <stdio.h>
+ #include <string.h>
+ #include <ctype.h>
++#include <stdlib.h>
+ #include <libusb.h>
+ #include "garmin.h"
+
+Index: garmin-forerunner-tools-0.10repacked/src/unpack.c
+===================================================================
+--- garmin-forerunner-tools-0.10repacked.orig/src/unpack.c
++++ garmin-forerunner-tools-0.10repacked/src/unpack.c
+@@ -22,6 +22,7 @@
+ #include <sys/stat.h>
+ #include <fcntl.h>
+ #include <unistd.h>
++#include <stdlib.h>
+ #include <string.h>
+ #include <errno.h>
+ #include "garmin.h"
+Index: garmin-forerunner-tools-0.10repacked/src/pack.c
+===================================================================
+--- garmin-forerunner-tools-0.10repacked.orig/src/pack.c
++++ garmin-forerunner-tools-0.10repacked/src/pack.c
+@@ -23,6 +23,8 @@
+ #include <fcntl.h>
+ #include <errno.h>
+ #include <string.h>
++#include <stdlib.h>
++#include <unistd.h>
+ #include "garmin.h"
+
+
+Index: garmin-forerunner-tools-0.10repacked/src/run.c
+===================================================================
+--- garmin-forerunner-tools-0.10repacked.orig/src/run.c
++++ garmin-forerunner-tools-0.10repacked/src/run.c
+@@ -18,6 +18,8 @@
+ */
+
+ #include "config.h"
++#include <stdlib.h>
++#include <unistd.h>
+ #include <time.h>
+ #include <string.h>
+ #include <errno.h>
+Index: garmin-forerunner-tools-0.10repacked/src/garmin_get_info.c
+===================================================================
+--- garmin-forerunner-tools-0.10repacked.orig/src/garmin_get_info.c
++++ garmin-forerunner-tools-0.10repacked/src/garmin_get_info.c
+@@ -19,6 +19,7 @@
+
+ #include "config.h"
+ #include <stdio.h>
++#include <unistd.h>
+ #include "garmin.h"
+
+
+Index: garmin-forerunner-tools-0.10repacked/src/garmin_gmap.c
+===================================================================
+--- garmin-forerunner-tools-0.10repacked.orig/src/garmin_gmap.c
++++ garmin-forerunner-tools-0.10repacked/src/garmin_gmap.c
+@@ -20,6 +20,7 @@
+ #include "config.h"
+ #include <math.h>
+ #include <stdio.h>
++#include <stdlib.h>
+ #include "garmin.h"
+
+
+Index: garmin-forerunner-tools-0.10repacked/src/garmin_gchart.c
+===================================================================
+--- garmin-forerunner-tools-0.10repacked.orig/src/garmin_gchart.c
++++ garmin-forerunner-tools-0.10repacked/src/garmin_gchart.c
+@@ -2,6 +2,7 @@
+ #include <math.h>
+ #include <float.h>
+ #include <stdio.h>
++#include <stdlib.h>
+ #include <string.h>
+ #include "garmin.h"
+
+Index: garmin-forerunner-tools-0.10repacked/src/garmin_gpx.c
+===================================================================
+--- garmin-forerunner-tools-0.10repacked.orig/src/garmin_gpx.c
++++ garmin-forerunner-tools-0.10repacked/src/garmin_gpx.c
+@@ -20,6 +20,7 @@
+ #include "config.h"
+ #include <math.h>
+ #include <stdio.h>
++#include <stdlib.h>
+ #include <string.h>
+ #include <time.h>
+ #include "garmin.h"
diff -Nru garmin-forerunner-tools-0.10repacked/debian/patches/series garmin-forerunner-tools-0.10repacked/debian/patches/series
--- garmin-forerunner-tools-0.10repacked/debian/patches/series 2016-02-13 09:51:26.000000000 -0800
+++ garmin-forerunner-tools-0.10repacked/debian/patches/series 2016-03-27 22:39:34.000000000 -0700
@@ -4,3 +4,4 @@
gcc4.8
python_dir_from_upstream.patch
libusb-1.0.patch
+missing-prototypes
diff -Nru garmin-forerunner-tools-0.10repacked/debian/rules garmin-forerunner-tools-0.10repacked/debian/rules
--- garmin-forerunner-tools-0.10repacked/debian/rules 2014-09-20 00:27:33.000000000 -0700
+++ garmin-forerunner-tools-0.10repacked/debian/rules 2016-03-27 23:00:37.000000000 -0700
@@ -15,7 +15,7 @@
INSTALLDIR = $(CURDIR)/debian/garmin-forerunner-tools
-config.status: configure
+config.status:
dh_testdir
dh_autoreconf
./configure --host=$(DEB_HOST_GNU_TYPE) \
@@ -39,7 +39,7 @@
rm -f build-stamp
[ ! -e Makefile ] || $(MAKE) distclean
dh_autoreconf_clean
- -rm config.status config.log Makefile
+ rm -f config.status config.log Makefile
dh_clean
install: build
--- End Message ---
--- Begin Message ---
Source: garmin-forerunner-tools
Source-Version: 0.10repacked-8
We believe that the bug you reported is fixed in the latest version of
garmin-forerunner-tools, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Christian Perrier <[email protected]> (supplier of updated
garmin-forerunner-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 29 Mar 2016 21:28:19 +0200
Source: garmin-forerunner-tools
Binary: garmin-forerunner-tools
Architecture: source i386
Version: 0.10repacked-8
Distribution: unstable
Urgency: medium
Maintainer: Debian running develpment group
<[email protected]>
Changed-By: Christian Perrier <[email protected]>
Description:
garmin-forerunner-tools - retrieve data from Garmin Forerunner/Edge GPS devices
Closes: 819410
Changes:
garmin-forerunner-tools (0.10repacked-8) unstable; urgency=medium
.
* Include Ubuntu patches to avoid segfaults on 64-bit architectures
Thanks to Steve Langasek. Closes: #819410
* debian/patches/missing-prototypes: include missing headers to ensure
proper declarations.
* fix debian/rules dependencies to not make config.status depend on
'configure' target, a file that will be removed in debian/rules
clean.
* fix clean target to not fail.*
* Add gbp.conf to specify gz as upstream tarball compression type
* Bump debhelper compatibility to 9
* Drop "dh_clean -k" call in favor of dh_prep
* Bump Standards to 3.9.7 (checked)
* Update upstream URL to github location
* Drop obsolete debian/watch file. There are no releases on github so
we cannot point there.
Checksums-Sha1:
373ac0e97293c3645e0540c5a8f4c1943abd3ef5 2254
garmin-forerunner-tools_0.10repacked-8.dsc
5ec35c8c06146ef69761bc407ac9de90ebe47153 15964
garmin-forerunner-tools_0.10repacked-8.debian.tar.xz
83716ed8b5087b0389b13d162bee5c5f78d738bf 193442
garmin-forerunner-tools-dbgsym_0.10repacked-8_i386.deb
7d57d81bf7a283353731af52a695239fbcfb7cf1 118878
garmin-forerunner-tools_0.10repacked-8_i386.deb
Checksums-Sha256:
52285af5e13eefeceac6099cd767b309a54eb6f3470a7a39603cb37e46cbc9c4 2254
garmin-forerunner-tools_0.10repacked-8.dsc
565abb119232dc11afe1eb0c95fb594d7b9b552dc911999359f281aa6db8419f 15964
garmin-forerunner-tools_0.10repacked-8.debian.tar.xz
a51cb60a46ce32a42ae46a63f8600656f2959d2cfaac694090885464a1da81a5 193442
garmin-forerunner-tools-dbgsym_0.10repacked-8_i386.deb
17ec15a9a8cb944d77fd3bedf4fce78b122303a991ed66b89f09ca76399b50b5 118878
garmin-forerunner-tools_0.10repacked-8_i386.deb
Files:
e83063f860d2f7b1b8c773bbc30f856d 2254 utils extra
garmin-forerunner-tools_0.10repacked-8.dsc
e224920a944b11a6525acd29f53d067a 15964 utils extra
garmin-forerunner-tools_0.10repacked-8.debian.tar.xz
e840bf0886ab99d3dd20e00ff68a3e3a 193442 debug extra
garmin-forerunner-tools-dbgsym_0.10repacked-8_i386.deb
6ccb3a72ee2284ca92dc1d14aad94486 118878 utils extra
garmin-forerunner-tools_0.10repacked-8_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJW+uMHAAoJEIcvcCxNbiWoyk0P/0JpFYYxFTVVzheP9QPZPdyd
6tKAwLIKr0mjkADebmHh292e4PxRLmJtTAUJ7TXutZMIPzyN6lmi1LdBtQaqaP5R
LqQ6KZEoARUhWWeZZcH+igjqkvld9+HYy6/qrxMIU5kxWxNR8QkhyZ89wDGB4WU8
SKA9DxsJm8JNY3TZ2nzldT32eSf6Rw3LfCxbYl+JCIXMZ4yUMBJIdxAqwRcD8bI1
86MSd3uJPn34Z5I48hAHLIS83jCC+gzjI2CNos6Mb0AAK0lPicxT4RXHl7eoPN0d
23lu7ruAwRG6s7Q3w4/xa9apMz3OKS5MTxPlS/yVDd1HW8AC5fAGES4cRN7dY5Tw
gDYSqaTyQyYxGuQ7eQ0MFkKDVx2Ld94QgHtIHJNBAoRhLPCpXVhzbtPz5HhRftEc
QRN1ZBwKmME8A2cpygajTwu6zBjz2wmOWWKcGMr7FbpjT93E7s0w08Ht/Zyva+bI
KKDHE4N6Rj1j9swsP2USGaiIf/1sgr1x15WIIlpSR7oVVLw3CsREoGZpNBrSVbBX
BGfkWWPy6xYtJldm1tMSWsD5g0BZ6KTR4UxrVwF1fqk4dDOOmugweZeKVPGB6BqG
O8v2F1sjim3jqpVwUUKuvh9CsFCT1dRBim+oTZJZqeRIdoOHaxuMUP1WzPY3cbIE
qw2xHhZRappy2qzRVwuL
=pxUp
-----END PGP SIGNATURE-----
--- End Message ---
