review eject 2.1.5+deb1+cvs20081104-13.1 2014-02-14 21:29

To: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Cc: debian-mentors@lists.debian.org, 719110@bugs.debian.org
Subject: review eject 2.1.5+deb1+cvs20081104-13.1 2014-02-14 21:29
From: Bart Martens <bartm@debian.org>
Date: Sun, 23 Feb 2014 09:39:20 +0000
Message-id: <[🔎] 20140223093920.GC14402@master.debian.org>

Hi Gianfranco,

I have two questions for you.

1. The patch makes the program use one additional position of the memory
pointed to by buf.  Are you sure that there will be no buffer overflow for any
value of name without replacing 14 by 15 in the allocation ?

2. The package has a high popcon.  Have you thoroughly tested the resulting
package ? I would feel more comfortable if you would confirm that on bug
719110.

Regards,

Bart Martens

Reply to:

Follow-Ups:
- Re: review eject 2.1.5+deb1+cvs20081104-13.1 2014-02-14 21:29
  - From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>

Prev by Date: review tomcat7 7.0.28-4+deb7u1 2014-02-17 17:10 at mentors
Next by Date: Re: Handling daemons that fail to start
Previous by thread: Re: review tomcat7 7.0.28-4+deb7u1 2014-02-17 17:10 at mentors
Next by thread: Re: review eject 2.1.5+deb1+cvs20081104-13.1 2014-02-14 21:29
Index(es):
- Date
- Thread