Package: qemu Version: 0.9.0-1netsweng2 Severity: normal Tags: patch
NB: this is against the package in experimental. Change in linux-user/syscall.c since 0.8.2 have introduced a crash. It looks like a simple cut&patse sort of problem. When allocating space for a sockaddr in do_getpeername()/do_getsockname(), what appears to be an address is used instead of the value (normally 16). The patch fixes the calls to alloca() to be consistant with the other calls to alloca() in other socket functions. -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-3-amd64 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages qemu depends on: ii bochsbios 2.3-2 BIOS for the Bochs emulator ii openhackware 0.4.1-2 OpenFirmware emulator for PowerPC ii proll 18-2 JavaStation PROM 2.x compatible re ii vgabios 0.6a-1 VGA BIOS software for the Bochs an Versions of packages qemu recommends: ii debootstrap 0.3.3.1 Bootstrap a basic Debian system ii sharutils 1:4.2.1-15 shar, unshar, uuencode, uudecode pn vde2 <none> (no description available) -- no debconf information
#DPATCHLEVEL=0 --- linux-user/syscall.c.orig 2007-02-21 10:40:20.000000000 -0500 +++ linux-user/syscall.c 2007-02-21 10:40:52.000000000 -0500 @@ -977,7 +977,7 @@ target_ulong target_addrlen) { socklen_t addrlen = tget32(target_addrlen); - void *addr = alloca(target_addrlen); + void *addr = alloca(addrlen); long ret; ret = get_errno(getpeername(fd, addr, &addrlen)); @@ -992,7 +992,7 @@ target_ulong target_addrlen) { socklen_t addrlen = tget32(target_addrlen); - void *addr = alloca(target_addrlen); + void *addr = alloca(addrlen); long ret; ret = get_errno(getsockname(fd, addr, &addrlen));