Your message dated Thu, 09 Jul 2020 04:18:30 +0000
with message-id <[email protected]>
and subject line Bug#749613: fixed in bootp 2.4.3-19
has caused the Debian Bug report #749613,
regarding bootp: Conflicting declarations of insert_ip to cause undefined 
behaviour
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
749613: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749613
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: bootp
Version: 2.4.3-18
Usertags: goto-cc

During a rebuild of all Debian packages in a clean sid chroot (using cowbuilder
and pbuilder) the build failed with the following error. Please note that we
use our research compiler tool-chain (using tools from the cbmc package), which
permits extended reporting on type inconsistencies at link time.

[...]
cc -o bootpd bootpd.o dovend.o readfile.o hash.o dumptab.o lookup.o getif.o 
hwaddr.o tzone.o report.o  

error: conflicting function declarations "insert_ip"
old definition in module bootpd file dovend.h line 12
signed int (signed int, struct in_addr_list *, unsigned char **, signed int *)
new definition in module dovend file dovend.c line 292
signed int (unsigned char tag, struct in_addr_list *iplist, unsigned char 
**dest, signed int *bytesleft)
Makefile:145: recipe for target 'bootpd' failed
make[1]: *** [bootpd] Error 64

Observe the type difference on the first parameter - this will result in
undefined behaviour as only one of the bytes of an int will be used. Even if all
values fit into the range of a single byte, at least big endian systems will
pick from the wrong end of the byte range, resulting in arbitrary values being
passed.

Best,
Michael

Attachment: pgpr7g9YqnD9Z.pgp
Description: PGP signature


--- End Message ---
--- Begin Message ---
Source: bootp
Source-Version: 2.4.3-19
Done: Anibal Monsalve Salazar <[email protected]>

We believe that the bug you reported is fixed in the latest version of
bootp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anibal Monsalve Salazar <[email protected]> (supplier of updated bootp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 08 Jul 2020 22:40:44 -0500
Source: bootp
Binary: bootp bootp-dbgsym
Architecture: source amd64
Version: 2.4.3-19
Distribution: unstable
Urgency: medium
Maintainer: Anibal Monsalve Salazar <[email protected]>
Changed-By: Anibal Monsalve Salazar <[email protected]>
Description:
 bootp      - server for the bootp protocol with DHCP support
Closes: 749613
Changes:
 bootp (2.4.3-19) unstable; urgency=medium
 .
   * Source format is 3.0 (quilt)
   * Fix bootp: Conflicting declarations of insert_ip to cause undefined 
behaviour
     Add insert_ip-conflicting-declarations.patch
     Closes: #749613
Checksums-Sha1:
 da116befad7e6462956f5b98bf01d1d2a749f85d 1682 bootp_2.4.3-19.dsc
 98faf8324f16efc8f0907807f7f19e174254c004 22580 bootp_2.4.3-19.debian.tar.xz
 d145147cef611d4ce38c0663c7b426d735387064 123940 bootp-dbgsym_2.4.3-19_amd64.deb
 e3190d177b421a657cae6096c3e96f802f794d03 4807 bootp_2.4.3-19_amd64.buildinfo
 35ab39ceb0ca9def408f04f6ca594159222c4af6 64280 bootp_2.4.3-19_amd64.deb
Checksums-Sha256:
 67e5a934727988795813bcda97646c4ea126781ba09be3f6b628be413f10f9e4 1682 
bootp_2.4.3-19.dsc
 7d34d86e035f6d8a70159f0c4d43a2f9ed9068b302021ea456c3d2407f255a11 22580 
bootp_2.4.3-19.debian.tar.xz
 a431b11c613ffaf41642534e212921a56a9b1722a991e516577fe9415db07270 123940 
bootp-dbgsym_2.4.3-19_amd64.deb
 6d1279fca9d6d3848114dd9884eed60a72a4e8cd1b78925db518d8eaddf365a9 4807 
bootp_2.4.3-19_amd64.buildinfo
 428ed8eec3586bd6eccd72dd9b2b1134714a14ce08d2f92fd7dcc05510a73e91 64280 
bootp_2.4.3-19_amd64.deb
Files:
 0bfea0d64d5cce8edf8ac2ea097ab8dc 1682 net extra bootp_2.4.3-19.dsc
 6ebb55db6b3ce332f2788e1ac5df5afe 22580 net extra bootp_2.4.3-19.debian.tar.xz
 fe754e58bcdd0384d0aa9cdb1948b5aa 123940 debug optional 
bootp-dbgsym_2.4.3-19_amd64.deb
 8e5ce954fc63c8fa599ca360ad5ce8e1 4807 net extra bootp_2.4.3-19_amd64.buildinfo
 32e69c3a2f89a430005fc2b33523f987 64280 net extra bootp_2.4.3-19_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJfBpWeAAoJEHxWrP6UeJfYG8UP/2zGIXwlft7+6e3JEQv3IZQG
cI0/FvaNTjXV80Zpzb9c8lkeqkV9uiOQvfgTQVdn7ek9xjVT0kfbsiz9aJyEiKyG
xkvoCZLVPZIufp7yBGTAE09Ap1gU7vzx+JyXeMI9XRqxYZd4hW60HLN4wzKOqdBo
r5Tpt6v9zjXZooLhLMVLNyIYoU+t1shX8Nbw2ZBuKcpYPOFKT/aZFZya1jf/FvGZ
2MmYrGd/Cs1mIYHywtGOn06yj2HfHpHwAy04wUi96uumbzirhAE1eDkb6Um8/RaW
zE2erTAbFfCqw2sUuvZFoiGGLYjjIri+vPElXk71Bbo15zoRix4BiQtHyye6U157
lYMqdHkjUkSsRpJZqSsgwaYtYa1tDFNRBmupLnmti7KpfYuZ6unZrIZLB0+5bMA8
r2viJvcrT0c6Mh/iL9kNEA1FG5kF5XAZNmxpPrGswvYMPc1Mien5HDDAjj8EPAb3
wAzYZWkxWfyctaNOtLVstjzbKT2928DRW4cPVTbgOCpzdyv1N7P3ioMg6GCTokYH
mUZlJ2yGyaobdwj+BE3bjCUjN7S/Jn3QBR2ZA2DFRJ4g5ZEGV2XR39krVmIqKh1K
2cppkbweYUu4I5r/xEiFxP84wm6R62wygplH6FWBVrmyRGD4zFfiuZx8GLlvPiRn
kluxMYUnH4ytyCqtu1UC
=ruRy
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to