I have uploaded a new version of ‘file’ to unstable, it already migrated to testing. This upload closes #403085 which the submitter of that bug classified as ‘critical’. Though I am not convinced of the severity, I hereby request inclusion of 4.17-5 in Etch. The complete diff (apart from the changelog entry): diff -r -u6 file_4.17-4/src/apprentice.c file_4.17-5/src/apprentice.c --- file_4.17-4/src/apprentice.c 2006-03-02 23:08:57.000000000 +0100 +++ file_4.17-5/src/apprentice.c 2006-12-20 10:39:26.000000000 +0100 @@ -384,12 +384,13 @@ if ((marray = malloc(maxmagic * sizeof(*marray))) == NULL) { (void)fclose(f); file_oomem(ms); return -1; } marraycount = 0; + (void) memset((void *)marray, 0, maxmagic * sizeof(*marray)); /* print silly verbose header for USG compat. */ if (action == FILE_CHECK) (void)fprintf(stderr, "%s\n", hdr); /* parse it */ diff -r -u2 file_4.17-4/src/magic.c file_4.17-5/src/magic.c --- file_4.17-4/src/magic.c 2005-10-17 19:13:13.000000000 +0200 +++ file_4.17-5/src/magic.c 2006-12-20 10:39:26.000000000 +0100 @@ -87,4 +87,5 @@ if ((ms = malloc(sizeof(struct magic_set))) == NULL) return NULL; + (void) memset((void *)ms, 0, sizeof(struct magic_set)); if (magic_setflags(ms, flags) == -1) { As you can see, it contains merely two very innocent-looking memset calls. Bye, Mike -- |=| Michael Piefel |=| Member of the Debian project
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil