On 2019-12-25 11:28:20, Jeremie Courreges-Anglas <j...@wxcvbn.org> wrote: > On Tue, Dec 24 2019, Bryan Linton <b...@shoshoni.info> wrote: > > On 2019-12-22 09:05:42, Frederic Cambus <fcam...@openbsd.org> wrote: > >> CVSROOT: /cvs > >> Module name: ports > >> Changes by: fcam...@cvs.openbsd.org 2019/12/22 09:05:42 > >> > >> Modified files: > >> productivity/ledger: Makefile distinfo > >> productivity/ledger/patches: patch-src_CMakeLists_txt > >> productivity/ledger/pkg: PLIST > >> Removed files: > >> productivity/ledger/patches: patch-src_item_h > >> > >> Log message: > >> Update ledger to 3.1.3. > >> > >> This fixes CVE-2017-2807, CVE-2017-2808, CVE-2017-12481, CVE-2017-12482. > >> > >> OK jca@, Sergey Bronnikov (MAINTAINER) > >> > > > > This update causes ledger to segfault when processing commodities. > > > > I can reproduce this with a file consisting of the following > > snippet from ledger's manual. > > > > ---------8<---------- > > > > 9/29 Get some stuff at the Inn > > Places:Black's Tavern -3 Apples > > Places:Black's Tavern -5 Steaks > > EverQuest:Inventory > > > > ---------8<---------- > > > > To reproduce, simply copy the above 4 lines to a file and run > > ledger. E.g. "ledger --file test.txt balance" > > > > If I remove the commodities from my (much longer) journal, ledger > > works fine when dealing with cash transactions so the bug must be > > specific to commodities. > > > > Can anyone else reproduce this? > > Using your testcase, nope: > > --8<-- > ritchie ~/tmp$ ledger -f testcase balance; echo "status: $?"; ledger > --version | head -n1 > 3 Apples > 5 Steaks EverQuest:Inventory > -3 Apples > -5 Steaks Places:Black's Tavern > -------------------- > 0 > status: 0 > Ledger 3.1.3-20190331, the command-line accounting tool > -->8-- >
It must have been a hiccup with my system then. I updated packages again, removed old .libs-* packages, and rebuilt ledger and now I can no longer reproduce it either. Apologies for the false alarm. And many thanks to the maintainers of ledger for keeping it up to date! -- Bryan