Bug#453899: marked as done (ether_line returns far too much)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Wed, 19 Dec 2007 18:32:08 +0000
with message-id <E1J53iC-0002Mr-17@ries.debian.org>
and subject line Bug#453899: fixed in glibc 2.7-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

• To: submit@bugs.debian.org
• Subject: ether_line returns far too much
• From: Matthew Wilcox <matthew@wil.cx>
• Date: Sat, 1 Dec 2007 21:49:23 -0700
• Message-id: <[🔎] 20071202044922.GK2584@parisc-linux.org>

Package: libc6
Version: 2.6.1-1+b1

I'm convinced this is an upstream bug, but the glibc upstream bug
reporting page is about as snarly as any I've ever seen, and insist I
report it to you instead.

Here's a test program:

#include <netinet/ether.h>
#include <stdio.h>
#include <sys/mman.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

int main(void)
{
        struct ether_addr addr;
        char hostname[1024];
        int fd = open("ethers", O_RDONLY);
        const char *ethers = mmap(NULL, 100000, PROT_READ, MAP_SHARED, fd, 0);

        ether_line(ethers, &addr, hostname);

        printf("%s\n", hostname);

        return 0;
}

And here's the data file (ie "ethers") I run it against:

00:16:35:4b:ca:eb       charming
00:30:6e:1b:6f:2c       fozzie
00:30:6e:38:2a:29       rowlf
00:30:6e:1e:6e:65       animal
# honeydew wireless (HP 11b card)
00:02:2d:1d:d7:f2       honeydew-wb
# honeydew wireless (3com 11g card)
00:12:a9:d1:8b:1f       honeydew-wg
# honeydew tethered
08:00:46:77:c2:53       honeydew

Here's what MacOS X prints:

charming

Here's what glibc prints:

charming
00:30:6e:1b:6f:2c       fozzie
00:30:6e:38:2a:29       rowlf
00:30:6e:1e:6e:65       animal

Clearly it stops at the first #, not at the end of line.

This is a severe bug as it can lead to overrunning the 'hostname' buffer.

-- 
Intel are signing my paycheques ... these opinions are still mine
"Bill, look, we understand that you're interested in selling us this
operating system, but compare it to ours.  We can't possibly take such
a retrograde step."

--- End Message ---

--- Begin Message ---

• To: 453899-close@bugs.debian.org
• Subject: Bug#453899: fixed in glibc 2.7-5
• From: Aurelien Jarno <aurel32@debian.org>
• Date: Wed, 19 Dec 2007 18:32:08 +0000
• Message-id: <E1J53iC-0002Mr-17@ries.debian.org>

Source: glibc
Source-Version: 2.7-5

We believe that the bug you reported is fixed in the latest version of
glibc, which is due to be installed in the Debian FTP archive:

glibc-doc_2.7-5_all.deb
  to pool/main/g/glibc/glibc-doc_2.7-5_all.deb
glibc_2.7-5.diff.gz
  to pool/main/g/glibc/glibc_2.7-5.diff.gz
glibc_2.7-5.dsc
  to pool/main/g/glibc/glibc_2.7-5.dsc
libc6-dbg_2.7-5_amd64.deb
  to pool/main/g/glibc/libc6-dbg_2.7-5_amd64.deb
libc6-dev-i386_2.7-5_amd64.deb
  to pool/main/g/glibc/libc6-dev-i386_2.7-5_amd64.deb
libc6-dev_2.7-5_amd64.deb
  to pool/main/g/glibc/libc6-dev_2.7-5_amd64.deb
libc6-i386_2.7-5_amd64.deb
  to pool/main/g/glibc/libc6-i386_2.7-5_amd64.deb
libc6-pic_2.7-5_amd64.deb
  to pool/main/g/glibc/libc6-pic_2.7-5_amd64.deb
libc6-prof_2.7-5_amd64.deb
  to pool/main/g/glibc/libc6-prof_2.7-5_amd64.deb
libc6-udeb_2.7-5_amd64.udeb
  to pool/main/g/glibc/libc6-udeb_2.7-5_amd64.udeb
libc6_2.7-5_amd64.deb
  to pool/main/g/glibc/libc6_2.7-5_amd64.deb
libnss-dns-udeb_2.7-5_amd64.udeb
  to pool/main/g/glibc/libnss-dns-udeb_2.7-5_amd64.udeb
libnss-files-udeb_2.7-5_amd64.udeb
  to pool/main/g/glibc/libnss-files-udeb_2.7-5_amd64.udeb
locales-all_2.7-5_amd64.deb
  to pool/main/g/glibc/locales-all_2.7-5_amd64.deb
locales_2.7-5_all.deb
  to pool/main/g/glibc/locales_2.7-5_all.deb
nscd_2.7-5_amd64.deb
  to pool/main/g/glibc/nscd_2.7-5_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 453899@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 19 Dec 2007 01:22:06 +0100
Source: glibc
Binary: libc0.1-prof libc6.1-alphaev67 libc6-dev-amd64 locales-all libc6-i686 libc6-dev-ppc64 libc0.3-pic glibc-doc libc0.3 libc6-dev-mipsn32 libc0.1-i686 libc0.1-i386 libc6-mips64 libc6.1-dev libc6-s390x libnss-files-udeb libc0.1-dev-i386 libc6-dev-sparc64 libc6-i386 libc0.3-dev libc6-udeb libc6-dbg libc6.1-pic libc6-dev libc0.3-prof libc0.1-udeb libc6-dev-i386 libc6.1-prof libc6-mipsn32 libc0.1-dev locales libc6-pic libc0.3-udeb libc6-dev-powerpc libc0.1-pic libc6-ppc64 libc0.3-dbg libc0.1-dbg libc6-amd64 libc0.1 libc6-prof libc6-xen libc6-dev-mips64 libc6-powerpc libc6 libc6-sparcv9b libc6.1-udeb libc6.1-dbg nscd libc6-sparc64 libnss-dns-udeb libc6.1 libc6-dev-s390x
Architecture: source amd64 all
Version: 2.7-5
Distribution: unstable
Urgency: low
Maintainer: Aurelien Jarno <aurel32@debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description: 
 glibc-doc  - GNU C Library: Documentation
 libc6      - GNU C Library: Shared libraries
 libc6-dbg  - GNU C Library: Libraries with debugging symbols
 libc6-dev  - GNU C Library: Development Libraries and Header Files
 libc6-dev-i386 - GNU C Library: 32bit development libraries for AMD64
 libc6-i386 - GNU C Library: 32bit shared libraries for AMD64
 libc6-pic  - GNU C Library: PIC archive library
 libc6-prof - GNU C Library: Profiling Libraries
 libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb)
 libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb)
 locales    - GNU C Library: National Language (locale) data [support]
 locales-all - GNU C Library: Precompiled locale data
 nscd       - GNU C Library: Name Service Cache Daemon
Closes: 453408 453899 455603 455783 456260 456779
Changes: 
 glibc (2.7-5) unstable; urgency=low
 .
   [ Aurelien Jarno ]
   * Moved merged parts of patches/any/submitted-sched_h.diff into
     patches/any/cvs-sched_h.diff.
   * patches/any/cvs-ether_line.diff: new patch from upstream to fix
     ether_line().  Closes: bug#453899.
   * patches/any/cvs-vfscanf.diff: new patch from upstream to fix
     crash when %as is used with sscanf().  Closes: bug#453408.
   * debian/rules: also set CXX when cross-compiling.
   * patches/any/submitted-malloc_h.diff: removed, replaced by
     patches/any/cvs-wchar_h.diff.
   * debian/sysdeps/depflags.pl: conflict against tzdata (<< 2007j-2) as
     etch now have version 2007j-1etch1.  Closes: bug#455783.
   * debian/sysdeps/depflags.pl: suggests libc6-i686 on i386 architecture.
     Closes: bug#455603.
   * any/submitted-rfc3484-labels.diff: new patch to fix RFC 3484 default
     label ordering.  Closes: bug#456779.
   * patches/alpha/local-dl-procinfo.diff: add missing part.  Closes:
     bug#456260.
 .
   [ Petr Salinger]
   * kfreebsd/local-sysdeps.diff: update to revision 2082 (from glibc-bsd).
   * any/cvs-fchmodat.diff: properly declare as stub - needed by GNU/kFreeBSD.
 .
   [ Samuel Thibault]
   * patches/hurd-i386/submitted-ioctl-unsigned-size_t.diff: update to also
     handle unsigned char/int/short/long and ssize_t.
Files: 
 361dd96941a59f2aef46bb9ad9ba3ee6 2072 libs required glibc_2.7-5.dsc
 0011d41ff261625c1754af61040c64a3 675390 libs required glibc_2.7-5.diff.gz
 975f3462f7d8774f2a81aaa8c0fc60f5 1623962 doc optional glibc-doc_2.7-5_all.deb
 5abfe8de9c1edaffc49e5273a0cfb321 4486002 libs standard locales_2.7-5_all.deb
 2d70d766d5c721c3486071635344e263 4992748 libs required libc6_2.7-5_amd64.deb
 ebf51cbd7a6f29c0a2fadf2a98469218 2530166 libdevel optional libc6-dev_2.7-5_amd64.deb
 884738826550a7bbe3e80ec562e94bff 1961766 libdevel extra libc6-prof_2.7-5_amd64.deb
 77a6841b1962ed27e3a453d93048d889 1481630 libdevel optional libc6-pic_2.7-5_amd64.deb
 541ac14a7f00ef0916e5f2be5ab12444 2730022 libs extra locales-all_2.7-5_amd64.deb
 398e6f6a56d4398bc55aabb3cebc5054 3735604 libs optional libc6-i386_2.7-5_amd64.deb
 7f8d5b40c4cb1cafb43177a9fe062d28 1430482 libdevel optional libc6-dev-i386_2.7-5_amd64.deb
 5265a7d9c9b0ac1edb308ddfeb1cc2f6 170498 admin optional nscd_2.7-5_amd64.deb
 a5b657ed998b8f9bd43cc5ff24f06a6e 5317476 libdevel extra libc6-dbg_2.7-5_amd64.deb
 8c903d8677e3829c7237ca50e61e6be0 1129200 debian-installer extra libc6-udeb_2.7-5_amd64.udeb
 d7d190f4ef4276a128f3360588248c70 9744 debian-installer extra libnss-dns-udeb_2.7-5_amd64.udeb
 88126b6ec721be6fb1b377019fd5e068 18012 debian-installer extra libnss-files-udeb_2.7-5_amd64.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHaVGJw3ao2vG823MRAls+AJ9FC6Kzv1jK5rSRnESBR6O2yeppyACeP7Pt
4djm+On05Bb5rZJRIXAAgS8=
=HVLP
-----END PGP SIGNATURE-----

--- End Message ---