[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#771889: marked as done (unblock: gettext/0.19.3-2)

Your message dated Wed, 03 Dec 2014 21:38:21 +0100
with message-id <547F74BD.5010607@thykier.net>
and subject line Re: Bug#771889: unblock: gettext/0.19.3-2
has caused the Debian Bug report #771889,
regarding unblock: gettext/0.19.3-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
771889: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771889
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: unblock
Severity: normal

I'd like to ask the unblocking of gettext 0.19.3-2.

This release fixes three memory related bugs, in every case the fix
comes directly from upstream git.

debdiff follows.

Thanks.

diff -Nru gettext-0.19.3/debian/changelog gettext-0.19.3/debian/changelog
--- gettext-0.19.3/debian/changelog	2014-10-23 15:35:20.000000000 +0200
+++ gettext-0.19.3/debian/changelog	2014-11-30 12:10:51.000000000 +0100
@@ -1,3 +1,16 @@
+gettext (0.19.3-2) unstable; urgency=low
+
+  * xgettext: Fix double-free in singular/plural argument extraction.
+    See http://lists.gnu.org/archive/html/bug-gettext/2014-10/msg00028.html
+    Patch extracted from upstream commits 8137d2b and 84044b5.
+  * msgunfmt: Fix segfault on certain (slightly corrupted) .mo files.
+    Patch extracted from upstream commit abf93d1. Closes: #769901.
+  * msgfilter: Fix read buffer allocation for empty input.
+    See http://lists.gnu.org/archive/html/bug-gettext/2014-11/msg00008.html
+    Patch extracted from upstream commit 06e206f.
+
+ -- Santiago Vila <sanvila@debian.org>  Sun, 30 Nov 2014 12:10:20 +0100
+
 gettext (0.19.3-1) unstable; urgency=low
 
   * New upstream release.
diff -Nru gettext-0.19.3/debian/patches/04-xgettext-fix-double-free gettext-0.19.3/debian/patches/04-xgettext-fix-double-free
--- gettext-0.19.3/debian/patches/04-xgettext-fix-double-free	1970-01-01 01:00:00.000000000 +0100
+++ gettext-0.19.3/debian/patches/04-xgettext-fix-double-free	2014-11-30 12:04:00.000000000 +0100
@@ -0,0 +1,94 @@
+From: Daiki Ueno <ueno@gnu.org>
+Subject: Fix double-free in singular/plural argument extraction
+X-Debian-version: 0.19.3-2
+
+--- a/gettext-tools/src/xgettext.c
++++ b/gettext-tools/src/xgettext.c
+@@ -3099,9 +3099,9 @@
+                 char *msgid = parser->parse (best_cp->msgid,
+                                              &best_cp->msgid_pos,
+                                              best_cp->msgid_escape);
+-                free (best_cp->msgid);
+                 if (best_cp->msgid_plural == best_cp->msgid)
+                   best_cp->msgid_plural = msgid;
++                free (best_cp->msgid);
+                 best_cp->msgid = msgid;
+               }
+             else
+@@ -3110,26 +3110,7 @@
+                 CONVERT_STRING (best_cp->msgid, lc_string);
+               }
+ 
+-            if (best_cp->msgid_comment != NULL)
+-              {
+-                refcounted_string_list_ty *msgid_comment =
+-                  savable_comment_convert_encoding (best_cp->msgid_comment,
+-                                                    &best_cp->msgid_pos);
+-                drop_reference (best_cp->msgid_comment);
+-                best_cp->msgid_comment = msgid_comment;
+-              }
+-
+-            /* best_cp->msgctxt and best_cp->msgid are already in
+-               UTF-8.  Prevent further conversion in remember_a_message.  */
+-            encoding = xgettext_current_source_encoding;
+-            xgettext_current_source_encoding = po_charset_utf8;
+-            mp = remember_a_message (ap->mlp, best_cp->msgctxt, best_cp->msgid,
+-                                     msgid_context,
+-                                     &best_cp->msgid_pos,
+-                                     NULL, best_cp->msgid_comment);
+-            xgettext_current_source_encoding = encoding;
+-
+-            if (mp != NULL && best_cp->msgid_plural != NULL)
++            if (best_cp->msgid_plural)
+               {
+                 /* best_cp->msgid_plural may point to best_cp->msgid.
+                    In that case, it is already interpreted and converted.  */
+@@ -3152,14 +3133,41 @@
+                       }
+                   }
+ 
+-                encoding = xgettext_current_source_encoding;
+-                xgettext_current_source_encoding = po_charset_utf8;
+-                remember_a_message_plural (mp, best_cp->msgid_plural,
+-                                           msgid_plural_context,
+-                                           &best_cp->msgid_plural_pos,
+-                                           NULL);
+-                xgettext_current_source_encoding = encoding;
++                /* If best_cp->msgid_plural equals to best_cp->msgid,
++                   the ownership will be transferred to
++                   remember_a_message before it is passed to
++                   remember_a_message_plural.
++
++                   Make a copy of the string in that case.  */
++                if (best_cp->msgid_plural == best_cp->msgid)
++                  best_cp->msgid_plural = xstrdup (best_cp->msgid);
++              }
++
++            if (best_cp->msgid_comment != NULL)
++              {
++                refcounted_string_list_ty *msgid_comment =
++                  savable_comment_convert_encoding (best_cp->msgid_comment,
++                                                    &best_cp->msgid_pos);
++                drop_reference (best_cp->msgid_comment);
++                best_cp->msgid_comment = msgid_comment;
+               }
++
++            /* best_cp->msgctxt, best_cp->msgid, and best_cp->msgid_plural
++               are already in UTF-8.  Prevent further conversion in
++               remember_a_message.  */
++            encoding = xgettext_current_source_encoding;
++            xgettext_current_source_encoding = po_charset_utf8;
++            mp = remember_a_message (ap->mlp, best_cp->msgctxt, best_cp->msgid,
++                                     msgid_context,
++                                     &best_cp->msgid_pos,
++                                     NULL, best_cp->msgid_comment);
++            if (mp != NULL && best_cp->msgid_plural != NULL)
++              remember_a_message_plural (mp,
++                                         best_cp->msgid_plural,
++                                         msgid_plural_context,
++                                         &best_cp->msgid_plural_pos,
++                                         NULL);
++            xgettext_current_source_encoding = encoding;
+           }
+ 
+           if (best_cp->xcomments.nitems > 0)
diff -Nru gettext-0.19.3/debian/patches/05-msgunfmt-fix-segfault gettext-0.19.3/debian/patches/05-msgunfmt-fix-segfault
--- gettext-0.19.3/debian/patches/05-msgunfmt-fix-segfault	1970-01-01 01:00:00.000000000 +0100
+++ gettext-0.19.3/debian/patches/05-msgunfmt-fix-segfault	2014-11-30 12:05:00.000000000 +0100
@@ -0,0 +1,26 @@
+From: Daiki Ueno <ueno@gnu.org>
+Subject: Fix segfault on certain (slightly corrupted) .mo files
+Bug-Debian: http://bugs.debian.org/769901
+X-Debian-version: 0.19.3-2
+
+--- a/gettext-tools/src/read-mo.c
++++ b/gettext-tools/src/read-mo.c
+@@ -38,6 +38,7 @@
+ #include "message.h"
+ #include "format.h"
+ #include "gettext.h"
++#include "xsize.h"
+ 
+ #define _(str) gettext (str)
+ 
+@@ -121,8 +122,9 @@
+   /* See 'struct string_desc'.  */
+   nls_uint32 s_length = get_uint32 (bfp, offset);
+   nls_uint32 s_offset = get_uint32 (bfp, offset + 4);
++  size_t s_end = xsum3 (s_offset, s_length, 1);
+ 
+-  if (s_offset + s_length + 1 > bfp->size)
++  if (size_overflow_p (s_end) || s_end > bfp->size)
+     error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
+   if (bfp->data[s_offset + s_length] != '\0')
+     error (EXIT_FAILURE, 0,
diff -Nru gettext-0.19.3/debian/patches/06-msgfilter-fix-read-buffer-allocation gettext-0.19.3/debian/patches/06-msgfilter-fix-read-buffer-allocation
--- gettext-0.19.3/debian/patches/06-msgfilter-fix-read-buffer-allocation	1970-01-01 01:00:00.000000000 +0100
+++ gettext-0.19.3/debian/patches/06-msgfilter-fix-read-buffer-allocation	2014-11-30 12:06:00.000000000 +0100
@@ -0,0 +1,15 @@
+From: Daiki Ueno <ueno@gnu.org>
+Subject: Fix read buffer allocation for empty input
+X-Debian-version: 0.19.3-2
+
+--- a/gettext-tools/src/msgfilter.c
++++ b/gettext-tools/src/msgfilter.c
+@@ -554,7 +554,7 @@
+ 
+   if (l->length == l->allocated)
+     {
+-      l->allocated = l->allocated + (l->allocated >> 1);
++      l->allocated = l->allocated + (l->allocated >> 1) + 1;
+       l->result = (char *) xrealloc (l->result, l->allocated);
+     }
+   *num_bytes_p = l->allocated - l->length;
diff -Nru gettext-0.19.3/debian/patches/series gettext-0.19.3/debian/patches/series
--- gettext-0.19.3/debian/patches/series	2014-10-16 21:18:57.000000000 +0200
+++ gettext-0.19.3/debian/patches/series	2014-11-30 12:10:00.000000000 +0100
@@ -1,4 +1,7 @@
 01-do-not-use-java-in-urlget
 02-msgfmt-default-little-endian
 03-libtool-powerpc-le
+04-xgettext-fix-double-free
+05-msgunfmt-fix-segfault
+06-msgfilter-fix-read-buffer-allocation
 99-config-guess-config-sub

--- End Message ---
--- Begin Message --- 
On 2014-12-03 09:50, Santiago Vila wrote:
> Package: release.debian.org
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> Severity: normal
> 
> I'd like to ask the unblocking of gettext 0.19.3-2.
> 
> This release fixes three memory related bugs, in every case the fix
> comes directly from upstream git.
> 
> debdiff follows.
> 
> Thanks.
> 
> [...]

Unblocked, thanks.

~Niels

--- End Message ---
Reply to: