Bug#904749: make: patch of arscan.c fails dependency testing

Fri, 27 Jul 2018 06:39:30 -0700 

Package: make
Version: 4.2.1-1.1
Severity: important

Dear Maintainer,

we are using dependency files when static linking .a file build with ar -U.

I noticed that some libraries failed with "no rule to make target xxx.a(yyy.o)"
which would change when I moved the o-files around within the lib.

It did not happen with the upstream make-4.2.1 tar-ball

By bisecting the patches applied I found a patch to arscan.c to be the culprit.

Around line 669 of the patched arscan.c file it reads:

              int name_off = atoi (name + 1);
              if (name_off < 1 || name_off > ARNAME_MAX)
                goto invalid;

              name = namemap + name_off;

I recon name_off is a pointer index which is added to the namemap pointer.
In this case, the check for name length violation does/should not apply here, 
or must
be safeguarded differently.

Removing the if let us compile again.


-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), 
(500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.17.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages make depends on:
ii  libc6  2.27-5

make recommends no packages.

Versions of packages make suggests:
pn  make-doc  <none>

-- no debconf information
--------------------------------------------------------------------------------------------------------------------------------------------
 Philipp Wolski - KISTERS AG - Haselriege 13 - 26125 Oldenburg - Germany
Handelsregister Aachen, HRB-Nr. 7838 | Vorstand: Klaus Kisters, Hanns Kisters | 
Aufsichtsratsvorsitzender: Dr. Thomas Klevers
Phone: +49 441 93602 -158 | Fax: +49 441 93602 -222 | E-Mail: 
philipp.wol...@kisters.de | WWW: http://www.kisters.de
--------------------------------------------------------------------------------------------------------------------------------------------
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. 
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten 
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. 
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht 
gestattet. 
This e-mail may contain confidential and/or privileged information. If you are 
not the intended recipient (or have received this e-mail in error) please 
notify the sender immediately and destroy this e-mail. Any unauthorised 
copying, disclosure or distribution of the material in this e-mail is strictly 
forbidden.

Reply via email to