Hi On 2025-06-14 08:33:10 +0200, Paul Gevers wrote: > Hi Joe, > > Your email address bounced. This is a courtesy message to let you know your > bug report had follow up. > > Paul > > On 09-06-2025 15:27, Mail Delivery System wrote: > > This message was created automatically by mail delivery software. > > > > A message that you sent could not be delivered to one or more of its > > recipients. This is a permanent error. The following address(es) failed: > > > > [email protected] > > host skippy.nahmias.net [162.243.209.86] > > retry timeout exceeded >
As we got no reply on the unblock bug and the full freeze started, I have uploaded the attached debdiff to tpu to fix #1104758 in trixie. Cheers -- Sebastian Ramacher
diff -Nru freetds-1.3.17+ds/debian/changelog freetds-1.3.17+ds/debian/changelog --- freetds-1.3.17+ds/debian/changelog 2023-01-27 01:59:14.000000000 +0100 +++ freetds-1.3.17+ds/debian/changelog 2025-07-27 10:08:11.000000000 +0200 @@ -1,3 +1,10 @@ +freetds (1.3.17+ds-2+deb13u1) trixie; urgency=medium + + * debian/patches: Add upstream patch to fix float -> uint conversion bounds + check (Closes: #1104758) + + -- Sebastian Ramacher <[email protected]> Sun, 27 Jul 2025 10:08:11 +0200 + freetds (1.3.17+ds-2) unstable; urgency=medium * source-only upload to enable bookwork testing migration. diff -Nru freetds-1.3.17+ds/debian/patches/bts_1104758.patch freetds-1.3.17+ds/debian/patches/bts_1104758.patch --- freetds-1.3.17+ds/debian/patches/bts_1104758.patch 1970-01-01 01:00:00.000000000 +0100 +++ freetds-1.3.17+ds/debian/patches/bts_1104758.patch 2025-07-27 09:58:49.000000000 +0200 @@ -0,0 +1,105 @@ +From a381342bbfccafc0aa9ed2376e38470907d53225 Mon Sep 17 00:00:00 2001 +From: Frediano Ziglio <[email protected]> +Date: Sat, 31 May 2025 17:02:34 +0100 +Subject: [PATCH] tds: Fix bound check conversion (float -> uint) + +Converting from floating point to unsigned int the bound check +was incorrect resulting in invalid conversions if the input +value was not in range. + +Signed-off-by: Frediano Ziglio <[email protected]> +--- + src/tds/convert.c | 19 ++++++++++--------- + 1 file changed, 10 insertions(+), 9 deletions(-) + +--- a/src/tds/convert.c ++++ b/src/tds/convert.c +@@ -89,7 +89,6 @@ + + /* + * Macros for integer number checks. +- * IS_UINT works for both integers and floating point values. + * + * f77: I don't write -2147483648, some compiler seem to have some problem + * with this constant although is a valid 32bit value +@@ -98,7 +97,7 @@ + #define TDS_INT_MAX 2147483647 + #define INT_IS_INT(x) (TDS_INT_MIN <= (x) && (x) <= TDS_INT_MAX) + #define TDS_UINT_MAX 4294967295u +-#define IS_UINT(x) (-1 < (TDS_INT8)(x) && (x) < (TDS_INT8) TDS_UINT_MAX + 1) ++#define INT_IS_UINT(x) (0 <= (x) && (x) <= (TDS_INT8) TDS_UINT_MAX) + #define TDS_INT8_MIN (-(((TDS_INT8)1)<<62) -(((TDS_INT8)1)<<62)) + #define TDS_INT8_MAX ((((TDS_INT8) 0x7fffffff) << 32) + (TDS_INT8) 0xffffffffu) + +@@ -110,6 +109,8 @@ + */ + #define TDS_INT_UPPER_FLOAT 2147483648.0f + #define FLOAT_IS_INT(x) (TDS_INT_MIN - (x) < 1.0f && (x) < TDS_INT_UPPER_FLOAT) ++#define TDS_UINT_UPPER_FLOAT 4294967296.0f ++#define FLOAT_IS_UINT(x) (-1.0f < (x) && (x) < TDS_UINT_UPPER_FLOAT) + #define TDS_INT8_MIN_FLOAT (-9223372036854775808.0f) + #define TDS_INT8_UPPER_FLOAT 9223372036854775808.0f + #define FLOAT_IS_INT8(x) (TDS_INT8_MIN_FLOAT - (x) < 1.0f && (x) < TDS_INT8_UPPER_FLOAT) +@@ -407,7 +408,7 @@ + case SYBUINT4: + if ((rc = string_to_int8(src, src + srclen, &tds_i8)) < 0) + return rc; +- if (!IS_UINT(tds_i8)) ++ if (!INT_IS_UINT(tds_i8)) + return TDS_CONVERT_OVERFLOW; + cr->ui = (TDS_UINT) tds_i8; + return sizeof(TDS_UINT); +@@ -748,7 +749,7 @@ + return TDS_CONVERT_OVERFLOW; + break; + case SYBUINT4: +- if (!IS_UINT(buf)) ++ if (!INT_IS_UINT(buf)) + return TDS_CONVERT_OVERFLOW; + cr->ui = (TDS_UINT) buf; + return sizeof(TDS_UINT); +@@ -826,7 +827,7 @@ + return TDS_CONVERT_OVERFLOW; + break; + case SYBUINT4: +- if (!IS_UINT(buf)) ++ if (!INT_IS_UINT(buf)) + return TDS_CONVERT_OVERFLOW; + cr->ui = (TDS_UINT) buf; + return sizeof(TDS_UINT); +@@ -1119,7 +1120,7 @@ + break; + case SYBUINT4: + dollars = mny.mny4 / 10000; +- if (!IS_UINT(dollars)) ++ if (!INT_IS_UINT(dollars)) + return TDS_CONVERT_OVERFLOW; + cr->ui = dollars; + return sizeof(TDS_UINT); +@@ -1219,7 +1220,7 @@ + break; + case SYBUINT4: + dollars = mymoney / 10000; +- if (!IS_UINT(dollars)) ++ if (!INT_IS_UINT(dollars)) + return TDS_CONVERT_OVERFLOW; + cr->ui = (TDS_UINT) dollars; + return sizeof(TDS_UINT); +@@ -1549,7 +1550,7 @@ + return sizeof(TDS_INT); + break; + case SYBUINT4: +- if (!IS_UINT(the_value)) ++ if (!FLOAT_IS_UINT(the_value)) + return TDS_CONVERT_OVERFLOW; + cr->ui = (TDS_UINT) the_value; + return sizeof(TDS_UINT); +@@ -1658,7 +1659,7 @@ + return sizeof(TDS_INT); + break; + case SYBUINT4: +- if (!IS_UINT(the_value)) ++ if (!FLOAT_IS_UINT(the_value)) + return TDS_CONVERT_OVERFLOW; + cr->ui = (TDS_UINT) the_value; + return sizeof(TDS_UINT); diff -Nru freetds-1.3.17+ds/debian/patches/series freetds-1.3.17+ds/debian/patches/series --- freetds-1.3.17+ds/debian/patches/series 2023-01-25 20:45:38.000000000 +0100 +++ freetds-1.3.17+ds/debian/patches/series 2025-07-27 09:56:37.000000000 +0200 @@ -1,2 +1,3 @@ drop-obsolete-AC_LTDL_DLLIB.patch drop-w3c-validation-badge.patch +bts_1104758.patch
