Bug#895111: ohcount: FTBFS on arm64 due to buffer overflow

Sat, 07 Apr 2018 00:33:50 -0700 

Package: ohcount
Version: 3.1.0-1
Severity: serious
Tags: patch
Justification: FTBFS
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu bionic ubuntu-patch

Dear Sylvestre,

ohcount 3.1.0-1 has been failing to build in unstable on arm64 (and in
Ubuntu on the same architecture) because an off-by-one error in the code
shows up as stack corruption in the build-time tests on this architecture. 
This buffer overflow may cause crashes on other architectures as well in
some circumstances, I haven't checked.

Please find attached the short patch for this issue, which has been uploaded
to Ubuntu to fix the build failure there.

Cheers,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slanga...@ubuntu.com                                     vor...@debian.org

diff -Nru ohcount-3.1.0/debian/patches/fix-buffer-overflow.patch 
ohcount-3.1.0/debian/patches/fix-buffer-overflow.patch
--- ohcount-3.1.0/debian/patches/fix-buffer-overflow.patch      1969-12-31 
16:00:00.000000000 -0800
+++ ohcount-3.1.0/debian/patches/fix-buffer-overflow.patch      2018-04-07 
00:24:49.000000000 -0700
@@ -0,0 +1,18 @@
+Description: fix a buffer overflow due to an off-by one
+ This manifests as a build failure on arm64 in Ubuntu.
+Author: Steve Langasek <steve.langa...@ubuntu.com>
+Last-Modified: 2018-04-07
+
+Index: ohcount-3.1.0/src/diff.c
+===================================================================
+--- ohcount-3.1.0.orig/src/diff.c
++++ ohcount-3.1.0/src/diff.c
+@@ -315,7 +315,7 @@ static int hash(char *line) {
+ void prepare(int i, const char *buf) {
+   struct line *p;
+   int j;
+-  char bufcpy[strlen(buf)];
++  char bufcpy[strlen(buf)+1];
+   char *l;
+ 
+   p = malloc(3*sizeof(struct line));
diff -Nru ohcount-3.1.0/debian/patches/series 
ohcount-3.1.0/debian/patches/series
--- ohcount-3.1.0/debian/patches/series 2018-01-14 10:03:49.000000000 -0800
+++ ohcount-3.1.0/debian/patches/series 2018-04-07 00:19:07.000000000 -0700
@@ -1,3 +1,4 @@
 disabled_test_suite.patch
 conflicting-type.diff
 build-cflags.diff
+fix-buffer-overflow.patch

Reply via email to