Bug#969228: marked as done (glaurung: Segmentation fault caused by out of bounds access)

To: Adam Borowski <kilobyte@angband.pl>
Subject: Bug#969228: marked as done (glaurung: Segmentation fault caused by out of bounds access)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Wed, 09 Sep 2020 11:51:05 +0000
Message-id: <[🔎] handler.969228.D969228.15996521566370.ackdone@bugs.debian.org>
Reply-to: 969228@bugs.debian.org
References: <E1kFybD-0009VK-04@fasolo.debian.org> <87d0399x4b.fsf@posteo.net>

Your message dated Wed, 09 Sep 2020 11:49:15 +0000
with message-id <E1kFybD-0009VK-04@fasolo.debian.org>
and subject line Bug#969228: fixed in glaurung 2.2-4
has caused the Debian Bug report #969228,
regarding glaurung: Segmentation fault caused by out of bounds access
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
969228: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969228
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: glaurung: Segmentation fault caused by out of bounds access
From: Asher Gordon <AsDaGo@posteo.net>
Date: Sat, 29 Aug 2020 13:32:04 -0400
Message-id: <87d0399x4b.fsf@posteo.net>

Package: glaurung
Version: 2.2-3
Severity: grave
Tags: patch
X-Debbugs-Cc: Asher Gordon <AsDaGo@posteo.net>

Dear Maintainer,

Glaurung segfaults when the 'go' command is used, making it
unusable. For example:

    $ glaurung
    Glaurung 2.2.  Copyright (C) 2004-2008 Tord Romstad.
    go
    Segmentation fault

This is because of an out of bounds access, fixed by the following
patch:

From 62017d29d816d07513805500d498d8779343e074 Mon Sep 17 00:00:00 2001
From: Asher Gordon <AsDaGo@posteo.net>
Date: Sat, 29 Aug 2020 12:53:56 -0400
Subject: [PATCH 1/3] Fix buffer overrun, causing a segfault

---
 src/evaluate.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/evaluate.cpp b/src/evaluate.cpp
index 72032f0..ac303fa 100644
--- a/src/evaluate.cpp
+++ b/src/evaluate.cpp
@@ -1243,7 +1243,7 @@ namespace {
         SafetyTable[i] = Value((int)(100 * a * (i - b)));
     }
 
-    for(i = 0; i < 100; i++)
+    for(i = 0; i < 99; i++)
       if(SafetyTable[i+1] - SafetyTable[i] > maxSlope) {
         for(j = i + 1; j < 100; j++)
           SafetyTable[j] = SafetyTable[j-1] + Value(maxSlope);
-- 
2.28.0

I also attempted to send this patch upstream, but I don't know Tord's
current email address (it's not tord@glaurungchess.com; I tried). So I
sent it to Matthew Purland, since he had made the last commit on
https://github.com/phenri/glaurung.

So hopefully, he will be able to apply it upstream, but until then,
please apply this patch in Debian.

Thanks,
Asher

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.7.0-2-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages glaurung depends on:
ii  libc6       2.31-3
ii  libstdc++6  10.1.0-6

Versions of packages glaurung recommends:
ii  polyglot  2.0.4-2+b1
ii  xboard    4.9.1-2

glaurung suggests no packages.

-- no debconf information

-- 
One picture is worth 128K words.
                               --------
I prefer to send and receive mail encrypted. Please send me your
public key, and if you do not have my public key, please let me
know. Thanks.

GPG fingerprint: 38F3 975C D173 4037 B397  8095 D4C9 C4FC 5460 8E68

Attachment: signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

To: 969228-close@bugs.debian.org
Subject: Bug#969228: fixed in glaurung 2.2-4
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 09 Sep 2020 11:49:15 +0000
Message-id: <E1kFybD-0009VK-04@fasolo.debian.org>
Reply-to: Adam Borowski <kilobyte@angband.pl>

Source: glaurung
Source-Version: 2.2-4
Done: Adam Borowski <kilobyte@angband.pl>

We believe that the bug you reported is fixed in the latest version of
glaurung, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 969228@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adam Borowski <kilobyte@angband.pl> (supplier of updated glaurung package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 09 Sep 2020 13:05:47 +0200
Source: glaurung
Architecture: source
Version: 2.2-4
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Adam Borowski <kilobyte@angband.pl>
Closes: 969228
Changes:
 glaurung (2.2-4) unstable; urgency=medium
 .
   * QA upload.
   * Fix a segfault for out-of bounds, patch by Asher Gordon.
     (Closes: #969228)
Checksums-Sha1:
 7b7105eccb1a60c5c1f690951649180d29ab13c6 1665 glaurung_2.2-4.dsc
 f1315efcd08774a6e5248bd5523014c427c4256f 13528 glaurung_2.2-4.debian.tar.xz
 c471e6af7333a60e2a2da5d15e627d291a176256 5061 glaurung_2.2-4_source.buildinfo
Checksums-Sha256:
 0ded9fcd58cbe302e06f2eab602a577ca0861254ca6e85482eff425f1ea4cccf 1665 glaurung_2.2-4.dsc
 aa33d661c66105f4a920d9c6219eab917cd7fe6f79d4c28f8a23c30bb8ce7761 13528 glaurung_2.2-4.debian.tar.xz
 08278bbb5439bc7619e11e8f9c9e0cb3d9bb4e1ad1d76d7796a64ea43718f991 5061 glaurung_2.2-4_source.buildinfo
Files:
 657077a3259f014706b4de49d85263ee 1665 games optional glaurung_2.2-4.dsc
 90775e99062873f88be39d575c142cf7 13528 games optional glaurung_2.2-4.debian.tar.xz
 efc3c7139afe5244cf25092c59b75bc2 5061 games optional glaurung_2.2-4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEkjZVexcMh/iCHArDweDZLphvfH4FAl9YvFwACgkQweDZLphv
fH4qRg//evbAjkEcojh38GBem6iobzJSfQsputDizAip81+A2ZhUHyuE/OaJ2QtL
QJIiBsSl91d/MsHamniMMN9YqJ/ZzW6nOdDDiklzJKorrVKduu60cnlT6DrnW/yU
APyj67LHWVA3cgt6ztNGvgVbKZ6WmC/WXX2Np2GU/dE9czS62OAqxZROZA4oaBGu
+DnAfkXkJvo6NwYjRXqjn2QZ2T+AW/FUh0iP7bC54mHYN0CYr+K7noKBpAyia5E8
OsE4e2pbr93qM6cty+LDeBoWhlhSqa4mQ/maP6/SlEJixuno5coJxl/PFyMac7zN
vsNgG39u+Vv/CZRZ6w0DW/Q1WnKu3rL02xHaJucn/qGRCT1Kiyy8yYUvjpsk8CCR
Lx8UPyg1UXQlr5eHAeu/MBXhgS1T3ngaQ4fTZob3IIE9pELQXc9ZokikAFYSL+GU
bxZpgib3DlSXbphNq79oZm39DEBjk/xViIPgQMgcJuHHIyy1A7c9EBDAzmKTW2qr
Sq1NMZ398fch8fvU3gaX/iYrKC62A5M/NgBv6IThz6AX2c6DeOkY4CZhVDEzOJL9
i1iCyDErh6aoQ6YbCchEKKl17zcOpj25dqS8iD/RwfsxC3pX5CXrzytP/8rpnA7H
uUx7b/m3zjVyEoWagmwDsQ0+AFApnZH2vMWpX9ttUMsuNrWJAcY=
=y+5w
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: wiipdf is marked for autoremoval from testing
Next by Date: Processing of glaurung_2.2-4_source.changes
Previous by thread: wiipdf is marked for autoremoval from testing
Next by thread: Processing of glaurung_2.2-4_source.changes
Index(es):
- Date
- Thread