Bug#771865: unblock: eztrace/1.0.6-3
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
unblock eztrace/1.0.6-3
Hello,
I have uploaded to unstable the attached changes, which quite obviously
fix a very likely crash of eztrace, notably when MALLOC_PERTURB_ is set:
in that case the allocated buffer is full of non-zeroes, and thus the
first strcat below will overrun the buffer.
Samuel
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.17.0 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--
Samuel
"I don't know why, but first C programs tend to look a lot worse than
first programs in any other language (maybe except for fortran, but then
I suspect all fortran programs look like `firsts')"
(By Olaf Kirch)
diff -Nru eztrace-1.0.6/debian/changelog eztrace-1.0.6/debian/changelog
--- eztrace-1.0.6/debian/changelog 2014-11-24 14:44:10.000000000 +0100
+++ eztrace-1.0.6/debian/changelog 2014-12-02 22:56:58.000000000 +0100
@@ -1,3 +1,9 @@
+eztrace (1.0.6-3) unstable; urgency=medium
+
+ * patches/git-ebe444a: Cherry-pick from upstream to fix uninitialized value.
+
+ -- Samuel Thibault <sthibault@debian.org> Tue, 02 Dec 2014 22:56:57 +0100
+
eztrace (1.0.6-2) unstable; urgency=medium
[ Peter Michael Green ]
diff -Nru eztrace-1.0.6/debian/patches/git-ebe444a eztrace-1.0.6/debian/patches/git-ebe444a
--- eztrace-1.0.6/debian/patches/git-ebe444a 1970-01-01 01:00:00.000000000 +0100
+++ eztrace-1.0.6/debian/patches/git-ebe444a 2014-12-02 22:55:48.000000000 +0100
@@ -0,0 +1,18 @@
+commit ebe444a2b5f1e5e9dabee2f4c3c8dd1db866e826
+Author: François Trahay <francois.trahay@telecom-sudparis.eu>
+Date: Tue Dec 2 17:10:03 2014 +0100
+
+ fix a possible memory corruption bug
+
+diff --git a/src/core/eztrace.c.in b/src/core/eztrace.c.in
+index 00d53d2..be4fffb 100644
+--- a/src/core/eztrace.c.in
++++ b/src/core/eztrace.c.in
+@@ -170,6 +170,7 @@ int main(int argc, char **argv) {
+ arg_length += strlen(argv[nb_opts + 2 + i]) + 10;
+ }
+ char *args_concat = malloc(sizeof(char) * (arg_length + 1));
++ args_concat[0]='\0';
+
+ for (i = 0; i < nb_args; i++) {
+ strcat(args_concat, argv[nb_opts + 2 + i]);
diff -Nru eztrace-1.0.6/debian/patches/series eztrace-1.0.6/debian/patches/series
--- eztrace-1.0.6/debian/patches/series 2014-11-24 13:23:57.000000000 +0100
+++ eztrace-1.0.6/debian/patches/series 2014-12-02 22:57:08.000000000 +0100
@@ -5,3 +5,4 @@
git-8be2d52dfe036666a75160aa33531a52d5f2257a
git-0cb79edc3411c0e04e411d7c8f60a6596632a4ea
no-armv7.patch
+git-ebe444a
Reply to: