Bug#337526: jabber: Segmentation fault if compiled with gcc-4.0

Fri, 29 Dec 2006 01:34:17 -0800 

tags 337526 + patch
thanks

Hi!

I seem to find out the cause of the segfault. Sometimes jabberd uses string
representation of time(NULL). And it allocates only 10 chars for it, which
is too few (currently decimal result of time(NULL) is a 10-digit number, but
there should be a trailing '\0' also).

Attached patch fixes this issue and increases buffers in a few other
suspicious places.

--
Sergei Golovan


diff -ruN jabber-1.4.3.orig/debian/changelog jabber-1.4.3/debian/changelog
--- jabber-1.4.3.orig/debian/changelog  2006-12-29 11:55:56.000000000 +0300
+++ jabber-1.4.3/debian/changelog       2006-12-29 11:56:10.000000000 +0300
@@ -1,3 +1,13 @@
+jabber (1.4.3-3.1) unstable; urgency=low
+
+  * non-maintainer upload
+  * added patch, which increases buffers for storing string representation
+    of time (Closes: #337526)
+  * rebuild should change dependency from libpth2 to libpth20 (Closes: 
#404378) 
+  * bumped standards version to 3.7.2
+
+ -- Sergei Golovan <[EMAIL PROTECTED]>  Fri, 29 Dec 2006 11:44:30 +0300
+
 jabber (1.4.3-3) unstable; urgency=low
 
   * added patch to correct libexpat vulnerability (Closes: #272408)
diff -ruN jabber-1.4.3.orig/debian/control jabber-1.4.3/debian/control
--- jabber-1.4.3.orig/debian/control    2006-12-29 11:55:56.000000000 +0300
+++ jabber-1.4.3/debian/control 2006-12-29 11:56:10.000000000 +0300
@@ -2,7 +2,7 @@
 Section: net
 Priority: optional
 Maintainer: Jamin W. Collins <[EMAIL PROTECTED]>
-Standards-Version: 3.6.1.0
+Standards-Version: 3.7.2
 Build-Depends: dpatch, libpth-dev (>=2.0.0), libssl-dev (>=0.9.5), debhelper 
(>=4), libexpat1-dev (>= 1.95.6)
 
 Package: jabber
diff -ruN jabber-1.4.3.orig/debian/patches/00list 
jabber-1.4.3/debian/patches/00list
--- jabber-1.4.3.orig/debian/patches/00list     2006-12-29 11:55:56.000000000 
+0300
+++ jabber-1.4.3/debian/patches/00list  2006-12-29 11:56:10.000000000 +0300
@@ -3,3 +3,4 @@
 base_file
 config
 jabberd-1.4.3-extexpat
+timebuffs.dpatch
diff -ruN jabber-1.4.3.orig/debian/patches/timebuffs.dpatch 
jabber-1.4.3/debian/patches/timebuffs.dpatch
--- jabber-1.4.3.orig/debian/patches/timebuffs.dpatch   1970-01-01 
03:00:00.000000000 +0300
+++ jabber-1.4.3/debian/patches/timebuffs.dpatch        2006-12-29 
11:56:10.000000000 +0300
@@ -0,0 +1,86 @@
+#! /bin/sh -e
+## timebuffs.dpatch by Sergei Golovan <[EMAIL PROTECTED]>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Increases buffer lengths for storing string representation of
+## DP: time(NULL) and character counts.
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch}"
+
+if [ $# -ne 1 ]; then
+    echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+    exit 1
+fi
+case "$1" in
+   -patch) patch $patch_opts -p1 < $0;;
+   -unpatch) patch $patch_opts -Rp1 < $0;;
+   *)
+      echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
+      exit 1;;
+esac
+
+exit 0
+diff -ru jabber-1.4.3.old/jsm/modules/mod_admin.c 
jabber-1.4.3/jsm/modules/mod_admin.c
+--- jabber-1.4.3.old/jsm/modules/mod_admin.c   2002-02-08 10:44:17.000000000 
+0300
++++ jabber-1.4.3/jsm/modules/mod_admin.c       2006-12-29 11:29:51.000000000 
+0300
+@@ -48,7 +48,7 @@
+     session s = js_session_primary(u);
+     spool sp;
+     int t = time(NULL);
+-    char buff[10];
++    char buff[128];
+ 
+     /* make a user generic entry */
+     x = xmlnode_insert_tag(browse,"user");
+@@ -111,7 +111,7 @@
+     session s;
+     xmlnode x;
+     time_t t;
+-    char buff[10];
++    char buff[128];
+ 
+     t = time(NULL);
+ 
+diff -ru jabber-1.4.3.old/jsm/modules/mod_last.c 
jabber-1.4.3/jsm/modules/mod_last.c
+--- jabber-1.4.3.old/jsm/modules/mod_last.c    2002-02-08 10:44:17.000000000 
+0300
++++ jabber-1.4.3/jsm/modules/mod_last.c        2006-12-29 11:32:12.000000000 
+0300
+@@ -43,7 +43,7 @@
+ mreturn mod_last_server(mapi m, void *arg)
+ {
+     time_t start = time(NULL) - *(time_t*)arg;
+-    char str[10];
++    char str[16];
+     xmlnode last;
+ 
+     /* pre-requisites */
+@@ -66,7 +66,7 @@
+ void mod_last_set(mapi m, jid to, char *reason)
+ {
+     xmlnode last;
+-    char str[10];
++    char str[16];
+ 
+     log_debug("mod_last","storing last for user %s",jid_full(to));
+ 
+diff -ru jabber-1.4.3.old/jsm/modules/mod_offline.c 
jabber-1.4.3/jsm/modules/mod_offline.c
+--- jabber-1.4.3.old/jsm/modules/mod_offline.c 2002-12-03 07:30:02.000000000 
+0300
++++ jabber-1.4.3/jsm/modules/mod_offline.c     2006-12-29 11:33:35.000000000 
+0300
+@@ -49,7 +49,7 @@
+ {
+     session top;
+     xmlnode cur = NULL, cur2;
+-    char str[10];
++    char str[16];
+ 
+     /* if there's an existing session, just give it to them */
+     if((top = js_session_primary(m->user)) != NULL)
+@@ -123,7 +123,7 @@
+     xmlnode opts, cur, x;
+     int now = time(NULL);
+     int expire, stored, diff;
+-    char str[10];
++    char str[16];
+ 
+     log_debug("mod_offline","avability established, check for messages");
+

Attachment: signature.asc
Description: Digital signature

Reply via email to