Bug#1025940: marked as done (info: buffer overflow in copy_converting())
Your message dated Tue, 20 Dec 2022 16:38:31 +0000
with message-id <E1p7fdP-004etK-PG@fasolo.debian.org>
and subject line Bug#1025940: fixed in texinfo 7.0.1-2
has caused the Debian Bug report #1025940,
regarding info: buffer overflow in copy_converting()
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
1025940: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025940
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: info
Version: 7.0.1-1
Some parts of groff.info make info(1) crash:
$ info groff > /dev/null
corrupted size vs. prev_size
Aborted
Valgrind says it's a buffer overflow:
Invalid write of size 1
at 0x48CAD69: internal_utf8_loop (loop.c:335)
by 0x48CAD69: __gconv_transform_internal_utf8 (skeleton.c:619)
by 0x485A467: gconv (skeleton.c:675)
by 0x48C61F7: __gconv (gconv.c:77)
by 0x48C5C5D: iconv (iconv.c:51)
by 0x12CA1F: text_buffer_iconv (util.c:358)
by 0x11C756: copy_converting (scan.c:702)
by 0x11C756: copy_input_to_output.part.0 (scan.c:870)
by 0x11E524: copy_input_to_output (scan.c:1643)
by 0x11E524: scan_node_contents (scan.c:1643)
by 0x11BE00: info_node_of_tag_ext (nodes.c:1289)
by 0x121762: dump_node_to_stream (session.c:3818)
by 0x127FEA: dump_nodes_to_file (session.c:3782)
by 0x10CA25: main (info.c:1062)
Address 0x4ca2ff5 is 0 bytes after a block of size 1,269 alloc'd
at 0x484556B: realloc (in /usr/libexec/valgrind/vgpreload_memcheck-x86-linux.so)
by 0x13093F: xrealloc (xmalloc.c:66)
by 0x12C977: text_buffer_alloc (util.c:327)
by 0x12C977: text_buffer_alloc (util.c:320)
by 0x11C710: copy_converting (scan.c:695)
by 0x11C710: copy_input_to_output.part.0 (scan.c:870)
by 0x11E524: copy_input_to_output (scan.c:1643)
by 0x11E524: scan_node_contents (scan.c:1643)
by 0x11BE00: info_node_of_tag_ext (nodes.c:1289)
by 0x121762: dump_node_to_stream (session.c:3818)
by 0x127FEA: dump_nodes_to_file (session.c:3782)
by 0x10CA25: main (info.c:1062)
-- System Information:
Architecture: i386
Versions of packages info depends on:
ii libc6 2.36-6
ii libtinfo6 6.3+20220423-2
ii install-info 6.8-6+b1
--
Jakub Wilk
--- End Message ---
--- Begin Message ---
Source: texinfo
Source-Version: 7.0.1-2
Done: Hilmar Preusse <hille42@web.de>
We believe that the bug you reported is fixed in the latest version of
texinfo, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1025940@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Hilmar Preusse <hille42@web.de> (supplier of updated texinfo package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 20 Dec 2022 17:14:22 +0100
Source: texinfo
Architecture: source
Version: 7.0.1-2
Distribution: experimental
Urgency: medium
Maintainer: Debian TeX Task Force <debian-tex-maint@lists.debian.org>
Changed-By: Hilmar Preusse <hille42@web.de>
Closes: 1025940
Changes:
texinfo (7.0.1-2) experimental; urgency=medium
.
* Patch: avoid freezing at beginning of a file when 'nodeline'
is set to 'pointers' (the default).
* Patch: info: buffer overflow in copy_converting() (Closes: #1025940).
Checksums-Sha1:
22d74ebe26d7fb240c0a563cadc6501768c9f3a3 2639 texinfo_7.0.1-2.dsc
3d263c7ef440973b1260fce6019e88378ea0c0a2 45668 texinfo_7.0.1-2.debian.tar.xz
63955d5a71fd345a20fc6838e0c8d13c421d4c20 6109 texinfo_7.0.1-2_source.buildinfo
Checksums-Sha256:
91a13a99ea86098f74bd6d2873fc6f97b907403b4e2affdf5a797df5c2d45a80 2639 texinfo_7.0.1-2.dsc
3acef9c0060b2e5b95cda6ba166bd7d6693395dca67c7569bb551d908461250a 45668 texinfo_7.0.1-2.debian.tar.xz
c787916eec7bba61d669a1d59be87125368e04c504312c9990a1ad3a59d0fe15 6109 texinfo_7.0.1-2_source.buildinfo
Files:
8aef8ca3ddff57e52704b02a4b570c0d 2639 doc standard texinfo_7.0.1-2.dsc
15458de84c4372b38e63a927ddc92537 45668 doc standard texinfo_7.0.1-2.debian.tar.xz
f28d71be3cafd33a931a22d10144b206 6109 doc standard texinfo_7.0.1-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEaXGmC/nkbIhxf16kxiZYRqvgLIsFAmOh341fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDY5
NzFBNjBCRjlFNDZDODg3MTdGNUVBNEM2MjY1ODQ2QUJFMDJDOEIACgkQxiZYRqvg
LIt8FA/+KxwnX1gAxUpwzPG27irMCjQMKZKAD3/6u+cUedKL2ZT/5PEkB9+KOGc4
hWUoM4p0zOkpfUgvlafuKUrpUiFm0icr0Me/wRZ1M3KU4pT/G2yajEbX6DTdOyZk
da6wRtrNhRnI+iWNNoQTuWH6+YbiWNX/HuwDXgN1YZSNaZs9M6GTJ6TvR+fB6T/T
+hNCqiRfJIvm/0P1dg/i1mCeNuNGzAHbJt2QmBJGCk3914BZutNjuqKVpspm7j7H
WbhEW6yC8Pk8StPwip9K3O6XsmByEQkO436h3mkTtKyiwe+c7bL02tmw5+G7Y8Za
nTB7iIdZ6VVqFxFcIntkJp37e4tblLJ02FMUamU6dHcmbhXSYdI0i6lzn3lO5Inc
iGLm6LmR2LyQ8802dCrHKFRB0E+hxzk2DxwztVoBGVatjLLXnDPBa9nvdcNVfZaE
dKphiGrfiXiv8CKuQ+bK+fflpKz4NXTd5rgNpQhDj8vgeB7L/4Hx620PG80BcVtM
4S1OjaocWcWqoXF1CBUITfjRAvFSyML7HsypgQ1tf6NPh0FrEjl5/uTZEAORrjXu
kkITXZDWy0CwJO+cxPr5NQ9A8tw1f8qf9hcMSwqKpbuBICZjPXf/8gSUJYgbgcGA
HA3/JocPkv2IaFrCkTKj00qLWlkKykKEphi9kdfbbn6GIUMv3bA=
=WQIG
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: