Your message dated Mon, 06 Mar 2006 15:17:04 -0800 with message-id <[EMAIL PROTECTED]> and subject line Bug#355596: fixed in canlock 2b-4 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: libcanlock2 Version: 2b-3 Severity: important valgrind trace (revalant parts): ==3583== ==3583== Conditional jump or move depends on uninitialised value(s) ==3583== at 0x401E7C9: strcpy (mac_replace_strmem.c:269) ==3583== by 0x4058DA8: lock_strip_alpha (canlock.c:84) ==3583== by 0x4058F36: sha_lock (canlock.c:147) ==3583== by 0x808DB4D: build_canlock (post.c:4652) ==3583== by 0x806A44D: submit_inews (inews.c:273) ==3583== by 0x806ADAD: submit_news_file (inews.c:409) ==3583== by 0x8091595: post_loop (post.c:1564) ==3583== by 0x809552A: post_response (post.c:2720) ==3583== by 0x8087751: show_page (page.c:780) ==3583== by 0x80A96AE: enter_pager (thread.c:1442) ==3583== by 0x80AA221: thread_page (thread.c:578) ==3583== by 0x8065447: enter_thread (group.c:1554) ==3583== ==3583== Conditional jump or move depends on uninitialised value(s) ==3583== at 0x401E7C9: strcpy (mac_replace_strmem.c:269) ==3583== by 0x4058DA8: lock_strip_alpha (canlock.c:84) ==3583== by 0x4058F36: sha_lock (canlock.c:147) ==3583== by 0x808DBC0: build_cankey (post.c:4676) ==3583== ==3583== Conditional jump or move depends on uninitialised value(s) ==3583== at 0x401E7C9: strcpy (mac_replace_strmem.c:269) ==3583== by 0x4058DA8: lock_strip_alpha (canlock.c:84) ==3583== by 0x4058F36: sha_lock (canlock.c:147) ==3583== by 0x808CCC0: join_references (post.c:2324) ==3583== ==3583== Conditional jump or move depends on uninitialised value(s) ==3583== at 0x401E7C9: strcpy (mac_replace_strmem.c:269) ==3583== by 0x4058DA8: lock_strip_alpha (canlock.c:84) ==3583== by 0x4058F36: sha_lock (canlock.c:147) ==3583== by 0x8C1CCC0: ??? ==3583== ==3583== Conditional jump or move depends on uninitialised value(s) ==3583== at 0x401E7C9: strcpy (mac_replace_strmem.c:269) ==3583== by 0x4058DA8: lock_strip_alpha (canlock.c:84) ==3583== by 0x4058F36: sha_lock (canlock.c:147) ==3583== by 0x3FC1CCC0: ??? ==3583== ==3583== Conditional jump or move depends on uninitialised value(s) ==3583== at 0x4058DD6: lock_strip_alpha (canlock.c:85) ==3583== by 0x4058F36: sha_lock (canlock.c:147) ==3583== by 0x3FC1CCC0: ??? ==3583== ==3583== Conditional jump or move depends on uninitialised value(s) ==3583== at 0x40FB9DC: tolower (in /lib/tls/libc-2.3.6.so) ==3583== by 0x4058DC1: lock_strip_alpha (canlock.c:86) ==3583== by 0x4058F36: sha_lock (canlock.c:147) ==3583== by 0x3FC1CCC0: ??? ==3583== ==3583== Use of uninitialised value of size 4 ==3583== at 0x40FB9EC: tolower (in /lib/tls/libc-2.3.6.so) ==3583== by 0x4058DC1: lock_strip_alpha (canlock.c:86) ==3583== by 0x4058F36: sha_lock (canlock.c:147) ==3583== by 0x3FC1CCC0: ??? ==3583== ==3583== Jump to the invalid address stated on the next line ==3583== at 0x3FC1CCC1: ??? ==3583== Address 0x3FC1CCC1 is not stack'd, malloc'd or (recently) free'd ==3583== ==3583== Process terminating with default action of signal 6 (SIGABRT) ==3583== at 0x41027C7: raise (in /lib/tls/libc-2.3.6.so) ==3583== by 0x410406A: abort (in /lib/tls/libc-2.3.6.so) ==3583== by 0x80A4F3E: signal_handler (signal.c:448) ==3583== by 0x4102867: (within /lib/tls/libc-2.3.6.so) Attached patch fix this problem. --- src/canlock.c.old 2006-03-06 18:53:50.000000000 +0300 +++ src/canlock.c 2006-03-06 19:18:44.000000000 +0300 @@ -51,41 +51,16 @@ char * lock_strip_alpha(const char *key, char *type) { - char - *c, - *typetext, - *mykey = (char *)key; - size_t - ttpos = 0, - ttlen = 256; - - typetext = (char *) malloc(ttlen); - if (!typetext) - return NULL; - *typetext = 0; - while (*mykey && *mykey != ':') { - if (ttpos >= ttlen) { - ttlen += 256; - typetext = (char *) realloc( (void *)typetext, ttlen); - if (!typetext) - return NULL; - } - typetext[ttpos++] = *mykey++; - } - if (! *mykey) - type = NULL; - else { - mykey++; - for (c = mykey; *c; c++) { - if (*c == ':') - *c = '\0'; - } - strcpy(type, typetext); - for (c = type; *c; ++c) - *c = tolower(*c); - } - return (mykey); + do { + *type = tolower(*key); + type++; + key++; + } while (*key && *key != ':'); + + *type = '\0'; + key++; + return strdup(key); } -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-rc6 Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R) Versions of packages libcanlock2 depends on: ii libc6 2.3.6-3 GNU C Library: Shared libraries an libcanlock2 recommends no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: canlock Source-Version: 2b-4 We believe that the bug you reported is fixed in the latest version of canlock, which is due to be installed in the Debian FTP archive: canlock_2b-4.diff.gz to pool/main/c/canlock/canlock_2b-4.diff.gz canlock_2b-4.dsc to pool/main/c/canlock/canlock_2b-4.dsc libcanlock2-dev_2b-4_i386.deb to pool/main/c/canlock/libcanlock2-dev_2b-4_i386.deb libcanlock2_2b-4_i386.deb to pool/main/c/canlock/libcanlock2_2b-4_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laurent Fousse <[EMAIL PROTECTED]> (supplier of updated canlock package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 6 Mar 2006 23:37:19 +0100 Source: canlock Binary: libcanlock2 libcanlock2-dev Architecture: source i386 Version: 2b-4 Distribution: unstable Urgency: low Maintainer: Laurent Fousse <[EMAIL PROTECTED]> Changed-By: Laurent Fousse <[EMAIL PROTECTED]> Description: libcanlock2 - library for creating and verifying Usenet cancel locks libcanlock2-dev - development files for Usenet cancel lock library Closes: 355596 Changes: canlock (2b-4) unstable; urgency=low . * Fix insecure buffer usage, could cause stack corruption. Thanks Andrey Melnikov for the patch (closes: #355596). * Code cleanup: included string.h in sha1.c, no more warning. Files: aabfe1d718e49d729a6b50ea4f79b675 574 news optional canlock_2b-4.dsc 52344c0fcae0d7a9e5bbb622db48870c 7648 news optional canlock_2b-4.diff.gz 07f83647d7dd174c550c1d60917b43e9 10470 libdevel optional libcanlock2-dev_2b-4_i386.deb 0d0296953c53fe8fca6f8b56e8bf691b 9104 libs optional libcanlock2_2b-4_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFEDL+6RoAVF6FpbSsRAtBxAKCjd9V3o94l89jh1j1TpCjf40DHwQCfbfuj s5PuHY699VyuRx9fyvJsMUg= =Q04K -----END PGP SIGNATURE-----
--- End Message ---
