Bug#780471: wheezy-pu: package mdbtools/0.7-1+deb7u2
Control: tags -1 + pending
On Sat, 2015-03-14 at 16:20 +0000, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sat, 2015-03-14 at 15:36 +0000, Jean-Michel Nirgal Vourgère wrote:
> > * memo_zero_len_multipage fixes a buffer overflow while handling some
> > memo fields.
>
> +- if (tmpoff + len - 4 > memo_len) {
> ++ if (tmpoff + len - 4 > memo_len)
> + break;
> +- }
> ++
> ++ /* Stop processing on zero length multiple page memo fields */
>
> I'm not really sure what that first change is doing in the patch, as it
> changes nothing functionally.
>
> Can "len" ever be a non-zero value that's still less than 4? If so the
> memcpy just after the section changed by the patch looks like it won't
> do the right thing.
>
> > * bin_output_fix fixes blob output, because of a source destination
> > inversion in a memcpy.
>
> +Description: Fix binary outout
>
> s/outout/output/
>
> Other than that the patches look reasonable enough; please go ahead.
Uploaded (without the changes) and flagged for acceptance.
Regards,
Adam
Reply to: