[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#148221: marked as done (dpkg: Small off by one error in parseversion())

Your message dated Sat, 31 Aug 2002 06:30:24 -0400
with message-id <E17l5WK-0005J3-00@auric.debian.org>
and subject line Bug#155362: fixed in dpkg 1.10.5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Received: (at submit) by bugs.debian.org; 26 May 2002 17:35:08 +0000
>From pre@saruman.uio.no Sun May 26 12:35:08 2002
Return-path: <pre@saruman.uio.no>
Received: from mons.uio.no [] (7411)
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 17C1vA-0002Lc-00; Sun, 26 May 2002 12:35:08 -0500
Received: from saruman.uio.no ([])
	by mons.uio.no with esmtp (Exim 2.12 #7)
	id 17C1v6-00079w-00; Sun, 26 May 2002 19:35:04 +0200
Received: from pre by saruman.uio.no with local (Exim 2.12 #7)
	id 17C1v5-0002hJ-00; Sun, 26 May 2002 19:35:03 +0200
To: submit@bugs.debian.org
Subject: dpkg: Small off by one error in parseversion()
From: Petter Reinholdtsen <pere@hungry.com>
Message-Id: <E17C1v5-0002hJ-00@saruman.uio.no>
Sender: Petter Reinholdtsen <petter.reinholdtsen@usit.uio.no>
Date: Sun, 26 May 2002 19:35:03 +0200
Delivered-To: submit@bugs.debian.org

Package: dpkg
Version: 1.9.21
Severity: normal
Tags: patch

The following patch fixes a off by one error in dpkg.  It reads one
past the allocated buffer.

I discovered it using valgrind,

--- lib/parsehelp.c.orig        Sun May 26 19:24:23 2002
+++ lib/parsehelp.c     Sun May 26 19:22:34 2002
@@ -214,7 +214,7 @@
   } else {
     rversion->epoch= 0;
-  rversion->version= nfstrnsave(string,end-string+1);
+  rversion->version= nfstrnsave(string,end-string);
   hyphen= strrchr(rversion->version,'-');
   if (hyphen) *hyphen++= 0;
   rversion->revision= hyphen ? hyphen : "";

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux diskless 2.4.18-686 #2 Wed Mar 20 20:21:31 EST 2002 i686
Locale: LANG=C, LC_CTYPE=no_NO

Versions of packages dpkg depends on:
ii  libc6                    2.2.5-6         GNU C Library: Shared libraries an
ii  libncurses5              5.2.20020112a-7 Shared libraries for terminal hand
ii  libstdc++2.10-glibc2.2   1:2.95.4-7      The GNU stdc++ library

Received: (at 155362-close) by bugs.debian.org; 31 Aug 2002 10:38:55 +0000
>From rmurray@auric.debian.org Sat Aug 31 05:38:55 2002
Return-path: <rmurray@auric.debian.org>
Received: from auric.debian.org [] (mail)
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 17l5eY-0003PN-00; Sat, 31 Aug 2002 05:38:54 -0500
Received: from rmurray by auric.debian.org with local (Exim 3.35 1 (Debian))
	id 17l5WK-0005J3-00; Sat, 31 Aug 2002 06:30:24 -0400
From: Adam Heath <doogie@debian.org>
To: 155362-close@bugs.debian.org
X-Katie: $Revision: 1.17 $
Subject: Bug#155362: fixed in dpkg 1.10.5
Message-Id: <E17l5WK-0005J3-00@auric.debian.org>
Sender: Ryan Murray <rmurray@auric.debian.org>
Date: Sat, 31 Aug 2002 06:30:24 -0400
Delivered-To: 155362-close@bugs.debian.org

We believe that the bug you reported is fixed in the latest version of
dpkg, which is due to be installed in the Debian FTP archive:

  to pool/main/d/dpkg/dpkg-dev_1.10.5_all.deb
  to pool/main/d/dpkg/dpkg-doc_1.10.5_all.deb
  to pool/main/d/dpkg/dpkg_1.10.5.dsc
  to pool/main/d/dpkg/dpkg_1.10.5.tar.gz
  to pool/main/d/dpkg/dpkg_1.10.5_i386.deb
  to pool/main/d/dpkg/dselect_1.10.5_i386.deb

A summary of the changes between this version and the previous one is

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 155362@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
Adam Heath <doogie@debian.org> (supplier of updated dpkg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)

Hash: SHA1

Format: 1.7
Date: Thu, 29 Aug 2002 16:43:15 -0500
Source: dpkg
Binary: dpkg-static dselect dpkg-dev dpkg-doc dpkg
Architecture: source all i386
Version: 1.10.5
Distribution: unstable
Urgency: low
Maintainer: Dpkg Development <debian-dpkg@lists.debian.org>
Changed-By: Adam Heath <doogie@debian.org>
 dpkg       - Package maintenance system for Debian
 dpkg-dev   - Package building tools for Debian
 dpkg-doc   - Dpkg Internals Documentation
 dselect    - a user tool to manage Debian packages
Closes: 147492 153769 154257 154503 154898 155362 156437 156545 157304 157453 157762
 dpkg (1.10.5) unstable; urgency=low
   * Fix segfault in md5sum if the file being checked doesn't exist.
     Closes: #154503.
   * Fix extraction of md5sum in dpkg-scanpackages.  Closes: #153769.
   * Handle directories better in md5sum.  Closes: #157453.
   * Fix read past buffer in lib/nfmalloc.c.  Closes: #157304.
   * Fix several read pass buffer bugs, and a memleak.  Closes: #155362.
   * Fix segfault when --auto-deconfigure is given.  Closes: #157762.
   * Allow spaces between the end of a version, and the trailing ')'.
     Closes: #154898.
   * Fixes for HURD:  Closes: #156545
     * Add i386-gnu0.3 to archtable.
     * Fix handling of static compiles, with regard to zlib.
   * Previous install-infos(before 1.10) handled multiple dir file entries,
     because they would copy the entire stanza unmodified.  The newest
     version does not do this, as it reformats the options, and thereby
     only takes the first line.  So, we now split all the lines from the
     stanza, and process them all.  Closes: #147492.
   * Fix corruption of available file, caused by use of memory that was
     previously freed.  Closes: #154257.
   * Fix several minor memleaks.
   * Remove /usr/sbin/start-stop-daemon.  Closes: #156437.
 8ca73db018cab82b48c6417138d456cb 716 base required dpkg_1.10.5.dsc
 4eebb8207cbb172e96dd8e4c258663dc 1568097 base required dpkg_1.10.5.tar.gz
 8878555aaf21faeecb6efaace48caac4 1136194 base required dpkg_1.10.5_i386.deb
 97a0772ce9ea2aff0678fe747e6d1303 89588 base required dselect_1.10.5_i386.deb
 5fe280f17cf726fbe1c0aec5f7c9e6bc 1126796 byhand - dpkg-1.10.5_i386.nondebbin.tar.gz
 83d81f422079ae537854124b91b15747 1628852 byhand - dpkg-1.10.5_i386-static.nondebbin.tar.gz
 ffdfb744fe93761ce05798185bbaccbc 111730 utils standard dpkg-dev_1.10.5_all.deb
 d54cda2f79bbbbdc9d73842825830dcd 10692 doc optional dpkg-doc_1.10.5_all.deb
 4eebb8207cbb172e96dd8e4c258663dc 1568097 byhand - dpkg-1.10.5.tar.gz

Version: GnuPG v1.0.7 (GNU/Linux)


Reply to: