[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

request for freeze exception: cruft 0.9.12

Hi,

I just uploaded to sid cruft 0.9.12 with the attached changes since
previous version. This is a minimal change to fix a rather nasty bug.
Please allow it into lenny.

regards,
-- 
Marcin Owsiany <porridge@debian.org>             http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216  FE67 DA2D 0ACA FC5E 3F75  D6F6 3A0D 8AA0 60F4 1216

diff -Nru cruft-0.9.11/debian/changelog cruft-0.9.12/debian/changelog
--- cruft-0.9.11/debian/changelog	2008-07-24 06:49:22.000000000 +0100
+++ cruft-0.9.12/debian/changelog	2008-11-21 22:28:08.000000000 +0000
@@ -1,3 +1,14 @@
+cruft (0.9.12) unstable; urgency=high
+
+  * Minimal change to fix a serious bug; upload aimed at lenny
+  * filter_shell.c:
+    - when there are more patterns to load than we can handle then warn and
+      exit, instead of segfaulting (closes: Bug#498986)
+    - increase the number of patterns we can handle from 1000 (very easy to
+      reach) to 4000
+
+ -- Marcin Owsiany <porridge@debian.org>  Fri, 21 Nov 2008 22:11:43 +0000
+
 cruft (0.9.11) unstable; urgency=low
 
   * Unset DISPLAY when launching dia, so it's less likely to fail if the
diff -Nru cruft-0.9.11/filter_shell.c cruft-0.9.12/filter_shell.c
--- cruft-0.9.11/filter_shell.c	2008-07-24 06:49:22.000000000 +0100
+++ cruft-0.9.12/filter_shell.c	2008-11-21 22:28:08.000000000 +0000
@@ -7,11 +7,15 @@
 #define FALSE 0
 #define TRUE  1
 
+/* XXX this should be changed to use the heap. stack has its limits... */
+#define BUFFER_LEN 1000
+#define NUM_STRINGS 4000
+
 int shellexp(char*, char*);
 
 int main(int argc, char **argv) {
-    char strings[1000][1000];
-    char buffer[1000];
+    char strings[NUM_STRINGS][BUFFER_LEN];
+    char buffer[BUFFER_LEN];
     FILE* exp_list;
     int n_strings = 0;
     int i;
@@ -25,7 +29,7 @@
 	    continue;
 	}
 	
-	while( fgets( strings[n_strings], 1000, exp_list ) ) {
+	while( fgets( strings[n_strings], BUFFER_LEN, exp_list ) ) {
 	    char*pch;
 	    char*buffer = strings[n_strings];
 	    
@@ -46,7 +50,12 @@
 	    
 	    *(pch+1) = '\0';
 	    
-	    n_strings++; continue;
+	    n_strings++;
+	    if ( n_strings == NUM_STRINGS ) {
+		fprintf(stderr, "You have more than %d patterns defined. Change NUM_STRINGS definition in "__FILE__" and recompile.\n", NUM_STRINGS);
+		exit(EXIT_FAILURE);
+	    }
+	    continue;
 	    /* XXX: the following code is unreachable */
 	    /* Trim leading whitespace */
 	    if ( isspace(buffer[0]) ) { 
@@ -62,7 +71,7 @@
     
     /* Copy lines from standard input to standard output, skipping the ones
      * which matched at least one of the loaded patterns */
-    while( fgets( buffer, 1000, stdin ) ) {
+    while( fgets( buffer, BUFFER_LEN, stdin ) ) {
 	int match;
 	match = FALSE;

Attachment: signature.asc
Description: Digital signature

Reply to: