control: tag -1 +pending
On 2022-08-09 09:31, Aurelien Jarno wrote:
> control: severity 1016560 serious
>
> On 2022-08-03 00:01, Aurelien Jarno wrote:
> > Source: scalpel
> > Version: 1.60-9
> > Severity: important
> > Tags: upstream patch
> > User: debian-gl...@lists.debian.org
> > Usertags: glibc2.34
> >
> > Dear maintainer,
> >
> > The autopkgtest of scalpel fails in sid on amd64 when that autopkgtest is
> > run with the binary packages of glibc from experimental. It passes when
> > run with only packages from sid. In tabular form:
> >
> > passfail
> > glibcfrom sid2.34-0experimental5
> > scalpel from sid1.60-9
> > all others from sidfrom sid
> >
> > Here is the relevant part of the test log:
> >
> > autopkgtest [10:36:40]: test command1: scalpel -c debian/tests/scalpel.conf
> > debian/tests/lua.img
> > autopkgtest [10:36:40]: test command1: [---
> >
> > Opening target
> > "/tmp/autopkgtest-lxc.93yq46zi/downtmp/build.fXk/src/debian/tests/lua.img"
> >
> > bash: line 1: 1961 Segmentation fault bash -ec 'scalpel -c
> > debian/tests/scalpel.conf debian/tests/lua.img' 2> >(tee -a
> > /tmp/autopkgtest-lxc.93yq46zi/downtmp/command1-stderr >&2) > >(tee -a
> > /tmp/autopkgtest-lxc.93yq46zi/downtmp/command1-stdout)
> >
> > The full test log is available there:
> > https://ci.debian.net/data/autopkgtest/unstable/amd64/s/scalpel/24235565/log.gz
> >
> > After some debugging, I have found the issue to be a duplicate use of a
> > va_list without using va_copy. Please find attached a patch to fix that.
> >
> > Regards
> > Aurelien
>
> > --- scalpel-1.60.orig/helpers.c
> > +++ scalpel-1.60/helpers.c
> > @@ -70,12 +70,14 @@ void setProgramName(char *s) {
> > // write entry to both the screen and the audit file
> > void scalpelLog(struct scalpelState *state, char *format, ...) {
> >
> > - va_list argp;
> > + va_list argp, argp2;
> >
> >va_start(argp,format);
> > + va_copy(argp2, argp);
> >vfprintf (stderr,format,argp);
> > - vfprintf (state->auditFile,format,argp);
> >va_end(argp);
> > + vfprintf (state->auditFile,format,argp2);
> > + va_end(argp2);
> > }
> >
> > // determine if two characters match, with optional case
>
> glibc 2.34 is now in unstable, upgrading the severity.
I have uploaded a NMU fixing this issue to DELAYED/2. Please find the
corresponding debdiff attached. Also please feel free to ask me to delay
or cancel this NMU.
Regards
Aurelien
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://www.aurel32.net
diff -Nru scalpel-1.60/debian/changelog scalpel-1.60/debian/changelog
--- scalpel-1.60/debian/changelog 2020-04-21 02:01:23.0 +
+++ scalpel-1.60/debian/changelog 2022-08-11 13:45:53.0 +
@@ -1,3 +1,11 @@
+scalpel (1.60-9+nmu1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * debian/patches/60_va_copy.patch: fix the va_list usage in
+setProgramName(). (Closes: #1016560).
+
+ -- Aurelien Jarno Thu, 11 Aug 2022 15:45:53 +0200
+
scalpel (1.60-9) unstable; urgency=medium
* Team upload.
diff -Nru scalpel-1.60/debian/patches/60_va_copy.patch
scalpel-1.60/debian/patches/60_va_copy.patch
--- scalpel-1.60/debian/patches/60_va_copy.patch1970-01-01
00:00:00.0 +
+++ scalpel-1.60/debian/patches/60_va_copy.patch2022-08-11
13:44:57.0 +
@@ -0,0 +1,23 @@
+Description: Fix the va_list usage in setProgramName(). (Closes: #1016560).
+Author: Aurelien Jarno
+Last-Update: 2022-08-11
+
+--- scalpel-1.60.orig/helpers.c
scalpel-1.60/helpers.c
+@@ -70,12 +70,14 @@ void setProgramName(char *s) {
+ // write entry to both the screen and the audit file
+ void scalpelLog(struct scalpelState *state, char *format, ...) {
+
+- va_list argp;
++ va_list argp, argp2;
+
+ va_start(argp,format);
++ va_copy(argp2, argp);
+ vfprintf (stderr,format,argp);
+- vfprintf (state->auditFile,format,argp);
+ va_end(argp);
++ vfprintf (state->auditFile,format,argp2);
++ va_end(argp2);
+ }
+
+ // determine if two characters match, with optional case
diff -Nru scalpel-1.60/debian/patches/series scalpel-1.60/debian/patches/series
--- scalpel-1.60/debian/patches/series 2020-04-21 01:59:40.0 +
+++ scalpel-1.60/debian/patches/series 2022-08-11 13:45:53.0 +
@@ -3,3 +3,4 @@
30_improve-error-message.patch
40_fix-spelling.patch
50_fix-jpg-remove-spaces.patch
+60_va_copy.patch