Bug#687600: marked as done (unblock: openarena/0.8.8-5+deb7u1)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#687600: marked as done (unblock: openarena/0.8.8-5+deb7u1)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Fri, 14 Sep 2012 12:09:08 +0000
Message-id: <[🔎] handler.687600.D687600.134762442121048.ackdone@bugs.debian.org>
References: <91b5ac9fa498d963bcd446a80d4a046f@mail.adsl.funky-badger.org> <[🔎] 20120914072015.GA7851@reptile.pseudorandom.co.uk>

Your message dated Fri, 14 Sep 2012 13:06:54 +0100
with message-id <91b5ac9fa498d963bcd446a80d4a046f@mail.adsl.funky-badger.org>
and subject line Re: Bug#687600: unblock: openarena/0.8.8-5+deb7u1
has caused the Debian Bug report #687600,
regarding unblock: openarena/0.8.8-5+deb7u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
687600: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687600
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: openarena/0.8.8-5+deb7u1
From: Simon McVittie <smcv@debian.org>
Date: Fri, 14 Sep 2012 08:20:15 +0100
Message-id: <[🔎] 20120914072015.GA7851@reptile.pseudorandom.co.uk>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package openarena:

    unblock openarena/0.8.8-5+deb7u1

which fixes a remotely triggerable crash (NULL dereference) on servers.

diffstat for openarena-0.8.8 openarena-0.8.8

 changelog                                                        |    7 +++
 patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch |   20 ++++++++++
 patches/series                                                   |    1 
 3 files changed, 28 insertions(+)

diff -Nru openarena-0.8.8/debian/changelog openarena-0.8.8/debian/changelog
--- openarena-0.8.8/debian/changelog	2012-06-23 00:38:36.000000000 +0100
+++ openarena-0.8.8/debian/changelog	2012-09-14 08:02:50.000000000 +0100
@@ -1,3 +1,10 @@
+openarena (0.8.8-5+deb7u1) unstable; urgency=low
+
+  * Add patch from upstream to fix a client-triggerable server crash.
+    Thanks to Poul Sander and Markus Koschany (Closes: #681812)
+
+ -- Simon McVittie <smcv@debian.org>  Fri, 14 Sep 2012 07:52:53 +0100
+
 openarena (0.8.8-5) unstable; urgency=low
 
   * Don't refuse to start a new openarena-server if there's a stale
diff -Nru openarena-0.8.8/debian/patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch openarena-0.8.8/debian/patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch
--- openarena-0.8.8/debian/patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch	1970-01-01 01:00:00.000000000 +0100
+++ openarena-0.8.8/debian/patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch	2012-09-14 08:02:50.000000000 +0100
@@ -0,0 +1,20 @@
+Description: Fix for crashing the server by making a callvote to kick a player which does not exist
+Author: Poul Sander <sago007@gmail.com>
+Origin: upstream
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681812
+Applied-Upstream: http://code.google.com/p/oax/source/detail?r=304
+Last-Update: 2012-09-13
+Tested-by: Markus Koschany <apo@gambaru.de>
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/code/game/g_cmds.c
++++ b/code/game/g_cmds.c
+@@ -1812,7 +1812,7 @@ void Cmd_CallVote_f( gentity_t *ent ) {
+ 		Com_sprintf( level.voteDisplayString, sizeof( level.voteDisplayString ), "Shuffle teams?" );
+         } else if ( !Q_stricmp( arg1, "kick" ) ) {
+                 i = 0;
+-                while(Q_stricmp(arg2,(g_entities+i)->client->pers.netname)) {
++ 		while( !(g_entities+i) || !((g_entities+i)->client) || Q_stricmp(arg2,(g_entities+i)->client->pers.netname)) {
+                     //Not client i, try next
+                     i++;
+                     if(i>=MAX_CLIENTS){ //Only numbers <128 is clients
diff -Nru openarena-0.8.8/debian/patches/series openarena-0.8.8/debian/patches/series
--- openarena-0.8.8/debian/patches/series	2012-06-23 00:38:36.000000000 +0100
+++ openarena-0.8.8/debian/patches/series	2012-09-14 08:02:50.000000000 +0100
@@ -1,3 +1,4 @@
 0001-Use-a-cpp-macro-for-the-game-code-version-so-package.patch
+0002-Fix-callvote-kick-player-does-not-exist-crash.patch
 0031-Fix-FTBFS-on-kFreeBSD.patch
 0040-Add-OPENARENA_081_COMPATIBLE-define-for-network-comp.patch

--- End Message ---

--- Begin Message ---

To: Simon McVittie <smcv@debian.org>, <687600-done@bugs.debian.org>

Subject: Re: Bug#687600: unblock: openarena/0.8.8-5+deb7u1

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Fri, 14 Sep 2012 13:06:54 +0100

Message-id: <91b5ac9fa498d963bcd446a80d4a046f@mail.adsl.funky-badger.org>

In-reply-to: <[🔎] 20120914072015.GA7851@reptile.pseudorandom.co.uk>

References: <[🔎] 20120914072015.GA7851@reptile.pseudorandom.co.uk>
On 14.09.2012 08:20, Simon McVittie wrote:
Please unblock package openarena:

    unblock openarena/0.8.8-5+deb7u1
which fixes a remotely triggerable crash (NULL dereference) onservers.
Unblocked; thanks.

Regards,

Adam
--- End Message ---

Reply to:

References:
- Bug#687600: unblock: openarena/0.8.8-5+deb7u1
  - From: Simon McVittie <smcv@debian.org>

Prev by Date: Bug#687633: pre-approve unblock: tryton-modules-calendar-scheduling/2.2.2-1
Next by Date: Bug#687630: marked as done (unblock: arpack/3.1.1-2.1)
Previous by thread: Bug#687600: unblock: openarena/0.8.8-5+deb7u1
Next by thread: Bug#687614: unblock: gdebi/0.8.6 (pre-approval)
Index(es):
- Date
- Thread