Hi, I just uploaded to sid cruft 0.9.12 with the attached changes since previous version. This is a minimal change to fix a rather nasty bug. Please allow it into lenny. regards, -- Marcin Owsiany <porridge@debian.org> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
diff -Nru cruft-0.9.11/debian/changelog cruft-0.9.12/debian/changelog --- cruft-0.9.11/debian/changelog 2008-07-24 06:49:22.000000000 +0100 +++ cruft-0.9.12/debian/changelog 2008-11-21 22:28:08.000000000 +0000 @@ -1,3 +1,14 @@ +cruft (0.9.12) unstable; urgency=high + + * Minimal change to fix a serious bug; upload aimed at lenny + * filter_shell.c: + - when there are more patterns to load than we can handle then warn and + exit, instead of segfaulting (closes: Bug#498986) + - increase the number of patterns we can handle from 1000 (very easy to + reach) to 4000 + + -- Marcin Owsiany <porridge@debian.org> Fri, 21 Nov 2008 22:11:43 +0000 + cruft (0.9.11) unstable; urgency=low * Unset DISPLAY when launching dia, so it's less likely to fail if the diff -Nru cruft-0.9.11/filter_shell.c cruft-0.9.12/filter_shell.c --- cruft-0.9.11/filter_shell.c 2008-07-24 06:49:22.000000000 +0100 +++ cruft-0.9.12/filter_shell.c 2008-11-21 22:28:08.000000000 +0000 @@ -7,11 +7,15 @@ #define FALSE 0 #define TRUE 1 +/* XXX this should be changed to use the heap. stack has its limits... */ +#define BUFFER_LEN 1000 +#define NUM_STRINGS 4000 + int shellexp(char*, char*); int main(int argc, char **argv) { - char strings[1000][1000]; - char buffer[1000]; + char strings[NUM_STRINGS][BUFFER_LEN]; + char buffer[BUFFER_LEN]; FILE* exp_list; int n_strings = 0; int i; @@ -25,7 +29,7 @@ continue; } - while( fgets( strings[n_strings], 1000, exp_list ) ) { + while( fgets( strings[n_strings], BUFFER_LEN, exp_list ) ) { char*pch; char*buffer = strings[n_strings]; @@ -46,7 +50,12 @@ *(pch+1) = '\0'; - n_strings++; continue; + n_strings++; + if ( n_strings == NUM_STRINGS ) { + fprintf(stderr, "You have more than %d patterns defined. Change NUM_STRINGS definition in "__FILE__" and recompile.\n", NUM_STRINGS); + exit(EXIT_FAILURE); + } + continue; /* XXX: the following code is unreachable */ /* Trim leading whitespace */ if ( isspace(buffer[0]) ) { @@ -62,7 +71,7 @@ /* Copy lines from standard input to standard output, skipping the ones * which matched at least one of the loaded patterns */ - while( fgets( buffer, 1000, stdin ) ) { + while( fgets( buffer, BUFFER_LEN, stdin ) ) { int match; match = FALSE;
Attachment:
signature.asc
Description: Digital signature