Stable update request: nano

To: debian-release@lists.debian.org
Subject: Stable update request: nano
From: Jordi Mallach <jordi@debian.org>
Date: Thu, 17 May 2007 01:38:43 +0200
Message-id: <[🔎] 20070516233843.GA28585@nubol.oskuro.net>
Mail-followup-to: Jordi Mallach <jordi@debian.org>, debian-release@lists.debian.org

Hi release team,

Nano's upstream maintainer found a few segfaults in nano when it was too
late for new updates. I think the fixes included in this revision are
important enough for r1.

These fixes are from CVS, from the deep-frozen 2.0.x branch (only
bugfixes are allowed there) and have been tested in unstable for a while
now, with no negative feedback.

Of course, as nano is part of d-i, I don't know how difficult accepting
this is.

Attached is the interdiff. Please tell me if I should/can upload, and
I'll setup a stable chroot to build this.

Thanks,
Jordi
-- 
Jordi Mallach Pérez  --  Debian developer     http://www.debian.org/
jordi@sindominio.net     jordi@debian.org     http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

diff -u nano-2.0.2/debian/changelog nano-2.0.2/debian/changelog
--- nano-2.0.2/debian/changelog
+++ nano-2.0.2/debian/changelog
@@ -1,3 +1,16 @@
+nano (2.0.2-1etch1) stable; urgency=low
+
+  * The "Subestació de Patraix fora!" release.
+  * Apply several important fixes from the 2.0 CVS branch:
+    - 01_CVS_filebugs.dpatch: fixes several file-handling related bugs,
+      including a segfault, when working with filenames starting with "~",
+      and the lack of warning when overwriting a file (closes: #419353).
+      From CVS; provided by David Lawrence Ramsey.
+    - 02_CVS_justify_segfault.dpatch: fixes a segfault in the justify code
+      when marking/cutting text. From CVS; provided by David Lawrence Ramsey.
+
+ -- Jordi Mallach <jordi@debian.org>  Thu, 17 May 2007 00:52:30 +0200
+
 nano (2.0.2-1) unstable; urgency=medium
 
   * The "Compromís pel País Valencià" release.
only in patch2:
unchanged:
--- nano-2.0.2.orig/debian/patches/01_CVS_filebugs.dpatch
+++ nano-2.0.2/debian/patches/01_CVS_filebugs.dpatch
@@ -0,0 +1,183 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 01_CVS_filebugs.dpatch by Jordi Mallach <jordi@debian.org>
+##
+## DP: Fix a segfault when handling filenames starting with "~".
+## DP: Warn about file overwriting in one corner case.
+
+@DPATCH@
+diff -urNad nano-2.0.2~/src/files.c nano-2.0.2/src/files.c
+--- nano-2.0.2~/src/files.c	2006-12-15 06:03:08.000000000 +0100
++++ nano-2.0.2/src/files.c	2007-05-17 01:04:47.074839214 +0200
+@@ -586,10 +586,17 @@
+ {
+     struct stat fileinfo;
+     int fd;
++    char *full_filename;
+ 
+     assert(filename != NULL && f != NULL);
+ 
+-    if (stat(filename, &fileinfo) == -1) {
++    /* Get the specified file's full path. */
++    full_filename = get_full_path(filename);
++
++    if (full_filename == NULL)
++	full_filename = mallocstrcpy(NULL, filename);
++
++    if (stat(full_filename, &fileinfo) == -1) {
+ 	if (newfie) {
+ 	    statusbar(_("New File"));
+ 	    return -2;
+@@ -606,8 +613,9 @@
+ 		_("\"%s\" is a device file"), filename);
+ 	beep();
+ 	return -1;
+-    } else if ((fd = open(filename, O_RDONLY)) == -1) {
+-	statusbar(_("Error reading %s: %s"), filename, strerror(errno));
++    } else if ((fd = open(full_filename, O_RDONLY)) == -1) {
++	statusbar(_("Error reading %s: %s"), filename,
++		strerror(errno));
+ 	beep();
+  	return -1;
+      } else {
+@@ -623,6 +631,8 @@
+ 	    statusbar(_("Reading File"));
+     }
+ 
++    free(full_filename);
++
+     return 0;
+ }
+ 
+@@ -1881,7 +1891,7 @@
+ 
+ 	    if (append == OVERWRITE) {
+ 		size_t answer_len = strlen(answer);
+-		bool name_exists, different_name;
++		bool name_exists, do_warning;
+ 		char *full_answer, *full_filename;
+ 		struct stat st;
+ 
+@@ -1889,10 +1899,14 @@
+ 		 * full path. */
+ 		sunder(answer);
+ 
+-		name_exists = (stat(answer, &st) != -1);
+ 		full_answer = get_full_path(answer);
+ 		full_filename = get_full_path(openfile->filename);
+-		different_name = (strcmp((full_answer == NULL) ?
++		name_exists = (stat((full_answer == NULL) ? answer :
++			full_answer, &st) != -1);
++		if (openfile->filename[0] == '\0')
++		    do_warning = name_exists;
++		else
++		    do_warning = (strcmp((full_answer == NULL) ?
+ 			answer : full_answer, (full_filename == NULL) ?
+ 			openfile->filename : full_filename) != 0);
+ 
+@@ -1905,28 +1919,26 @@
+ 		if (full_answer != NULL)
+ 		    free(full_answer);
+ 
+-		if (different_name) {
+-		    if (name_exists) {
+-			/* If we're using restricted mode, we aren't
+-			 * allowed to save a new file under the name of
+-			 * an existing file. */
+-			if (ISSET(RESTRICTED))
+-			    continue;
++		if (do_warning) {
++		    /* If we're using restricted mode, we aren't allowed
++		     * to overwrite an existing file with the current
++		     * file.  We also aren't allowed to change the name
++		     * of the current file if it has one, because that
++		     * would allow reading from or writing to files not
++		     * specified on the command line. */
++		    if (ISSET(RESTRICTED))
++			continue;
+ 
++		    if (name_exists) {
+ 			i = do_yesno_prompt(FALSE,
+ 				_("File exists, OVERWRITE ? "));
+ 			if (i == 0 || i == -1)
+ 			    continue;
+-		    /* If we're using restricted mode, we aren't allowed
+-		     * to change the name of a file once it has one,
+-		     * because that would allow reading from or writing
+-		     * to files not specified on the command line. */
+-		    } else if (!ISSET(RESTRICTED) &&
+-			openfile->filename[0] != '\0'
++		    } else
+ #ifndef NANO_TINY
+-			&& (exiting || !openfile->mark_set)
++		    if (exiting || !openfile->mark_set)
+ #endif
+-			) {
++		    {
+ 			i = do_yesno_prompt(FALSE,
+ 				_("Save file under DIFFERENT NAME ? "));
+ 			if (i == 0 || i == -1)
+@@ -1972,45 +1984,45 @@
+  * convert ~user/ and ~/ notation. */
+ char *real_dir_from_tilde(const char *buf)
+ {
+-    char *dirtmp = NULL;
++    char *retval;
+ 
+     assert(buf != NULL);
+ 
+     if (buf[0] == '~') {
+-	size_t i;
+-	const char *tilde_dir;
++	size_t i = 1;
++	char *tilde_dir;
+ 
+-	/* Figure out how much of the str we need to compare. */
+-	for (i = 1; buf[i] != '/' && buf[i] != '\0'; i++)
++	/* Figure out how much of the string we need to compare. */
++	for (; buf[i] != '/' && buf[i] != '\0'; i++)
+ 	    ;
+ 
+ 	/* Get the home directory. */
+ 	if (i == 1) {
+ 	    get_homedir();
+-	    tilde_dir = homedir;
++	    tilde_dir = mallocstrcpy(NULL, homedir);
+ 	} else {
+ 	    const struct passwd *userdata;
+ 
++	    tilde_dir = mallocstrncpy(NULL, buf, i + 1);
++	    tilde_dir[i] = '\0';
++
+ 	    do {
+ 		userdata = getpwent();
+-	    } while (userdata != NULL &&
+-		strncmp(userdata->pw_name, buf + 1, i - 1) != 0);
++	    } while (userdata != NULL && strcmp(userdata->pw_name,
++		tilde_dir + 1) != 0);
+ 	    endpwent();
+-	    tilde_dir = userdata->pw_dir;
++	    if (userdata != NULL)
++		tilde_dir = mallocstrcpy(tilde_dir, userdata->pw_dir);
+ 	}
+ 
+-	if (tilde_dir != NULL) {
+-	    dirtmp = charalloc(strlen(tilde_dir) + strlen(buf + i) + 1);
+-	    sprintf(dirtmp, "%s%s", tilde_dir, buf + i);
+-	}
+-    }
++	retval = charalloc(strlen(tilde_dir) + strlen(buf + i) + 1);
++	sprintf(retval, "%s%s", tilde_dir, buf + i);
+ 
+-    /* Set a default value for dirtmp, in case the user's home directory
+-     * isn't found. */
+-    if (dirtmp == NULL)
+-	dirtmp = mallocstrcpy(NULL, buf);
++	free(tilde_dir);
++    } else
++	retval = mallocstrcpy(NULL, buf);
+ 
+-    return dirtmp;
++    return retval;
+ }
+ 
+ #if !defined(DISABLE_TABCOMP) || !defined(DISABLE_BROWSER)
only in patch2:
unchanged:
--- nano-2.0.2.orig/debian/patches/02_CVS_justify_segfault.dpatch
+++ nano-2.0.2/debian/patches/02_CVS_justify_segfault.dpatch
@@ -0,0 +1,29 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 02_CVS_justify_segfault.dpatch by Jordi Mallach <jordi@debian.org>
+##
+## DP: Fix a segfault in the justif code when marking/cutting text on
+## DP: a certain condition.
+
+@DPATCH@
+diff -urNad nano-2.0.2~/src/text.c nano-2.0.2/src/text.c
+--- nano-2.0.2~/src/text.c	2006-12-10 18:57:09.000000000 +0100
++++ nano-2.0.2/src/text.c	2007-05-17 01:11:27.464136871 +0200
+@@ -1212,9 +1212,16 @@
+      * line, putting first_line, edittop, current, and mark_begin at the
+      * same lines in the copied paragraph that they had in the original
+      * paragraph. */
+-    if (openfile->current != openfile->fileage)
++    if (openfile->current != openfile->fileage) {
+ 	top = openfile->current->prev;
+-    else
++#ifndef NANO_TINY
++	if (old_mark_set &&
++		openfile->current->lineno == mb_lineno_save) {
++	    openfile->mark_begin = openfile->current;
++	    openfile->mark_begin_x = mark_begin_x_save;
++	}
++#endif
++    } else
+ 	top = openfile->current;
+     for (i = par_len; i > 0 && top != NULL; i--) {
+ 	if (top->lineno == fl_lineno_save)
only in patch2:
unchanged:
--- nano-2.0.2.orig/debian/patches/00list
+++ nano-2.0.2/debian/patches/00list
@@ -0,0 +1,2 @@
+01_CVS_filebugs
+02_CVS_justify_segfault

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Stable update request: nano
  - From: Martin Zobel-Helas <zobel@ftbfs.de>

Prev by Date: Re: [RFC, LONG] Proposal: DAK - automated migration of udebs
Next by Date: Re: Stable update request: nano
Previous by thread: Re: [binNMU] clamav 0.90.2-3 (i386)
Next by thread: Re: Stable update request: nano
Index(es):
- Date
- Thread