date:20170512

Bug#770369: bug fix for i386

2017-05-12 Thread Santiago Vila

On Fri, May 12, 2017 at 07:38:30PM +0300, Adrian Bunk wrote:
> On Sun, Jan 29, 2017 at 07:12:58PM +0100, Santiago Vila wrote:
> >...
> > BTW: I don't use Eterm myself. Can you compile the version in unstable
> > under jessie and confirm that it also fixes the 100% CPU problem
> > reported here?
> >...
> 
> What happened with this?
> Should I prepare a package for jessie-pu?

I forgot. Yes, please, feel free.

Thanks.

Bug#770369: bug fix for i386

2017-05-12 Thread Adrian Bunk

On Sun, Jan 29, 2017 at 07:12:58PM +0100, Santiago Vila wrote:
>...
> BTW: I don't use Eterm myself. Can you compile the version in unstable
> under jessie and confirm that it also fixes the 100% CPU problem
> reported here?
>...

What happened with this?
Should I prepare a package for jessie-pu?

> Thanks.

Thanks
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#858389: marked as done (Memcpy parameter overlap in docbook-to-man)

2017-05-12 Thread Debian Bug Tracking System

Your message dated Fri, 12 May 2017 09:18:33 +
with message-id 
and subject line Bug#858389: fixed in docbook-to-man 1:2.0.0-36
has caused the Debian Bug report #858389,
regarding Memcpy parameter overlap in docbook-to-man
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
858389: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858389
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: docbook-to-man
Version: 1:2.0.0-34

Hi,

ReadESIS function in Instant/main.c triggers undefined behavior via
memcpy's source and destination buffers overlap:

  memcpy([1], [2], strlen(buf)-1);

As far as I can see, the issue is still present in 1:2.0.0-35. The
simplest fix is probly to replace with memmove.

The issue was found by Valgrind when testing flac package in
debian_pkg_test framework (https://github.com/yugr/debian_pkg_test).

Valgrind report:

==7111== Memcheck, a memory error detector
==7111== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==7111== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==7111== Command: /usr/bin/instant -croff.cmap -sroff.sdata
-tdocbook-to-man.ts -d
==7111== Parent PID: 7109
==7111==
==7111== Source and destination overlap in memcpy_chk(0x586f051, 0x586f052, 5)
==7111==at 0x4C353D7: __memcpy_chk (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==7111==by 0x10B2EF: ??? (in /usr/bin/instant)
==7111==by 0x10B157: ??? (in /usr/bin/instant)
==7111==by 0x10B157: ??? (in /usr/bin/instant)
==7111==by 0x10A796: ??? (in /usr/bin/instant)
==7111==by 0x526C82F: (below main)
(/build/glibc-t3gR2i/glibc-2.23/csu/../csu/libc-start.c:291)

-Yuri
--- End Message ---
--- Begin Message ---
Source: docbook-to-man
Source-Version: 1:2.0.0-36

We believe that the bug you reported is fixed in the latest version of
docbook-to-man, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 858...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb  (supplier of updated docbook-to-man package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 12 May 2017 11:02:11 +0200
Source: docbook-to-man
Binary: docbook-to-man
Architecture: source
Version: 1:2.0.0-36
Distribution: unstable
Urgency: medium
Maintainer: Chris Lamb 
Changed-By: Chris Lamb 
Description:
 docbook-to-man - converter from DocBook SGML into roff man macros
Closes: 842635 858389
Changes:
 docbook-to-man (1:2.0.0-36) unstable; urgency=medium
 .
   * Adopt package.
   * Prevent undefined behaviour in memcpy parameter overlap; docbook-to-man
 can insert random characters into the output. e.g. it will sometimes
 generate an "I" instead of a literal tab. Thanks to Chris West
  and Yuri Gribov 
 (Closes: #842635, #858389)
   * Update Vcs-{Git,Browser}.
   * Tidy debian/rules.
   * Bump Standards-Version to 3.9.8>
   * Bump Debhelper compatibility level to 10.
   * Refresh all patches with `pq import` -> `pq export`.
   * Add myself to debian/copyright.
 .
   Debian-Bugs: #842635 #858389
Checksums-Sha1:
 253c76894c124ffb1fb585a09356b76633c52ca6 1890 docbook-to-man_2.0.0-36.dsc
 46e477ec1dad712153728e594807ff32ffcd025b 21828 
docbook-to-man_2.0.0-36.debian.tar.xz
 f9aecde2b4d5cda86de357beba6259b5bab3938b 5644 
docbook-to-man_2.0.0-36_amd64.buildinfo
Checksums-Sha256:
 1ff6e5c22512e75bb9d51b527bab5df23d955491d23cc221ff22d3bbed315041 1890 
docbook-to-man_2.0.0-36.dsc
 6ea7a4ce491c6629090c2e3d6f19cfd88d66ea63c74601e754b21cb45596a5b5 21828 
docbook-to-man_2.0.0-36.debian.tar.xz
 f6017c6b1f37ee73854cc19ab8fd07593b617cbb64d496d547e485ecd38a44d0 5644 
docbook-to-man_2.0.0-36_amd64.buildinfo
Files:
 12bfa07458262fe9c22a655e93c44ac5 1890 text optional docbook-to-man_2.0.0-36.dsc
 83d41cf01ad8a79baff03963396a0490 21828 text optional 
docbook-to-man_2.0.0-36.debian.tar.xz
 f559c7f664fc2bb86fdfc876400d66aa 5644 text optional 
docbook-to-man_2.0.0-36_amd64.buildinfo

-BEGIN PGP SIGNATURE-

Bug#842635: marked as done (Incorrect output on i386 due to UB)

2017-05-12 Thread Debian Bug Tracking System

Your message dated Fri, 12 May 2017 09:18:33 +
with message-id 
and subject line Bug#842635: fixed in docbook-to-man 1:2.0.0-36
has caused the Debian Bug report #842635,
regarding Incorrect output on i386 due to UB
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
842635: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842635
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: docbook-to-man
User: reproducible-bui...@lists.alioth.debian.org
Usertags: toolchain
Version: 1:2.0.0-35
X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org

On i386 (but not armhf or amd64), docbook-to-man inserts random
characters into the output.

e.g. it will sometimes generate an "I" instead of a literal tab.

I chased the bug around the code, and it looks like /usr/bin/instant has
some UB in main.c:

https://sources.debian.net/src/docbook-to-man/1:2.0.0-35/Instant/main.c/#L799

memcpy([1], [2], strlen(buf)-1);

.. for bufs like " n\\011". The resulting buf contains \111, which maps
to capital I, eventually. Cool coincidence, eh.

Patch (for this case!) is simply s/memcpy/memmove/, but I doubt this is
the only case where this can happen.
--- End Message ---
--- Begin Message ---
Source: docbook-to-man
Source-Version: 1:2.0.0-36

We believe that the bug you reported is fixed in the latest version of
docbook-to-man, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 842...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb  (supplier of updated docbook-to-man package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 12 May 2017 11:02:11 +0200
Source: docbook-to-man
Binary: docbook-to-man
Architecture: source
Version: 1:2.0.0-36
Distribution: unstable
Urgency: medium
Maintainer: Chris Lamb 
Changed-By: Chris Lamb 
Description:
 docbook-to-man - converter from DocBook SGML into roff man macros
Closes: 842635 858389
Changes:
 docbook-to-man (1:2.0.0-36) unstable; urgency=medium
 .
   * Adopt package.
   * Prevent undefined behaviour in memcpy parameter overlap; docbook-to-man
 can insert random characters into the output. e.g. it will sometimes
 generate an "I" instead of a literal tab. Thanks to Chris West
  and Yuri Gribov 
 (Closes: #842635, #858389)
   * Update Vcs-{Git,Browser}.
   * Tidy debian/rules.
   * Bump Standards-Version to 3.9.8>
   * Bump Debhelper compatibility level to 10.
   * Refresh all patches with `pq import` -> `pq export`.
   * Add myself to debian/copyright.
 .
   Debian-Bugs: #842635 #858389
Checksums-Sha1:
 253c76894c124ffb1fb585a09356b76633c52ca6 1890 docbook-to-man_2.0.0-36.dsc
 46e477ec1dad712153728e594807ff32ffcd025b 21828 
docbook-to-man_2.0.0-36.debian.tar.xz
 f9aecde2b4d5cda86de357beba6259b5bab3938b 5644 
docbook-to-man_2.0.0-36_amd64.buildinfo
Checksums-Sha256:
 1ff6e5c22512e75bb9d51b527bab5df23d955491d23cc221ff22d3bbed315041 1890 
docbook-to-man_2.0.0-36.dsc
 6ea7a4ce491c6629090c2e3d6f19cfd88d66ea63c74601e754b21cb45596a5b5 21828 
docbook-to-man_2.0.0-36.debian.tar.xz
 f6017c6b1f37ee73854cc19ab8fd07593b617cbb64d496d547e485ecd38a44d0 5644 
docbook-to-man_2.0.0-36_amd64.buildinfo
Files:
 12bfa07458262fe9c22a655e93c44ac5 1890 text optional docbook-to-man_2.0.0-36.dsc
 83d41cf01ad8a79baff03963396a0490 21828 text optional 
docbook-to-man_2.0.0-36.debian.tar.xz
 f559c7f664fc2bb86fdfc876400d66aa 5644 text optional 
docbook-to-man_2.0.0-36_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlkVejEACgkQHpU+J9Qx
HliLxg//an01IIb7RW+gbGwlN+USf/S3+TsCziFB1B9B/YzqiBo28LLiOTssmYnA
LPnapkJMtBoGFQYhc82Jvh4Xi63IW3AQQDSa03fdzdpBqLgFK1ymUC5X5Io4GJ/d
ucHNRjAjxMnzf609TVfdIgkgWME+S9uwGCUxFzkhbuyx/RMIRGoQHyDhLNXw+ZM5
v0yX7AFRYFEV32+loiRQnYetKjJdeT0LvwXjMjUv8C/TOBTWsbiHrxVmmleYlqAl
OzCLYivOTilK06wfqR+I2XcuQFbrPNGJ/GVSq1SYPcXqlXjwReRGo0ELrqaDiWu9
V5EMsq8MpqnexoLSWBUkqxV1LJi7s9C2MruSLSJ+UAep21RVIMlub0FEoLfgEhOI
5RM6qj7cQol4cUG4KpzSrSzoI5WRRld48JHaFEYZeHI+4D+FoykBmraQl1SmR4JJ

Processed: Re: Incorrect output on i386 due to UB

2017-05-12 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tags 858389 + pending
Bug #858389 [docbook-to-man] Memcpy parameter overlap in docbook-to-man
Added tag(s) pending.
> tags 842635 + pending
Bug #842635 [docbook-to-man] Incorrect output on i386 due to UB
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
842635: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842635
858389: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858389
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#842635: Incorrect output on i386 due to UB

2017-05-12 Thread Chris Lamb

tags 858389 + pending
tags 842635 + pending
thanks

> Re: Incorrect output on i386 due to UB

Applied & uploaded; many thanks! :)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#770369: bug fix for i386

Bug#770369: bug fix for i386

Bug#858389: marked as done (Memcpy parameter overlap in docbook-to-man)

Bug#842635: marked as done (Incorrect output on i386 due to UB)

Processed: Re: Incorrect output on i386 due to UB

Bug#842635: Incorrect output on i386 due to UB

6 matches

Site Navigation

Mail list logo

Footer information