Control: reassign -1 libgif7 5.1.2-0.1 Control: forwarded -1 http://sourceforge.net/p/giflib/bugs/81/ Control: retitle -1 libgif7: DGifOpen() broken because it uses unallocated memory Control: tag -1 upstream patch
On Thu, Jan 21, 2016 at 06:37:30PM +1100, Tony Cook wrote: > On Wed, Jan 20, 2016 at 10:38:27PM +0200, Niko Tyni wrote: > > On Wed, Jan 20, 2016 at 02:42:04PM +0100, Chris Lamb wrote: > > > Source: libimager-perl > > > Version: 1.004+dfsg-1 > > > Severity: serious > > > Justification: fails to build from source > > > User: reproducible-bui...@lists.alioth.debian.org > > > Usertags: ftbfs > > > X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org > > > > > libimager-perl fails to build from source in unstable/amd64: > > > > It broke with src:giflib 5.1.2-0.1 -> 5.1.1-0.2. Don't know > > why yet. > > > > % perl -MImager -e 'Imager->new->read(type => "gif", file => > > "GIF/testimg/expected.gif") or die' > > > > dies with the new giflib but not the old one. > > > > Cc'ing Matthias Klose as a heads-up, he uploaded 5.1.1-0.2. > > The read failures are caused by a bug present in both 5.1.1 and 5.1.2, > partly fixed in giflib git at commit > ef0cb9b4be572262b49fbc26fb2348683f44a517. > > A similar fix is required to DGifOpen() for Imager's GIF support to > work (reliably), reported upstream as > https://sourceforge.net/p/giflib/bugs/81/ Thanks! I can confirm that libimager-perl builds and works again for me with the attached patch to giflib. Reassigning. -- Niko Tyni nt...@debian.org
>From 60d124d3e829635b5b868f5dd6de6b7421ce03b5 Mon Sep 17 00:00:00 2001 From: Niko Tyni <nt...@debian.org> Date: Thu, 21 Jan 2016 18:56:49 +0200 Subject: [PATCH] Initialize memory in DGifOpen() too Commit ef0cb9b4be572262b49fbc26fb2348683f44a517 fixed this for DGifOpenFileHandle(), but missed the other code path. Bug: http://sourceforge.net/p/giflib/bugs/81/ Bug-Debian: https://bugs.debian.org/812093 --- lib/dgif_lib.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/dgif_lib.c b/lib/dgif_lib.c index 667e939..2f8ac8b 100644 --- a/lib/dgif_lib.c +++ b/lib/dgif_lib.c @@ -166,6 +166,7 @@ DGifOpen(void *userData, InputFunc readFunc, int *Error) *Error = D_GIF_ERR_NOT_ENOUGH_MEM; return NULL; } + /*@i1@*/memset(GifFile, '\0', sizeof(GifFileType)); memset(GifFile, '\0', sizeof(GifFileType)); @@ -180,6 +181,7 @@ DGifOpen(void *userData, InputFunc readFunc, int *Error) free((char *)GifFile); return NULL; } + /*@i1@*/memset(Private, '\0', sizeof(GifFilePrivateType)); GifFile->Private = (void *)Private; Private->FileHandle = 0; -- 2.7.0.rc3
