Bug#780471: marked as done (wheezy-pu: package mdbtools/0.7-1+deb7u2)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sat, 05 Sep 2015 14:33:54 +0100
with message-id <1441460034.2151.33.camel@adam-barratt.org.uk>
and subject line Closing bugs for 7.9
has caused the Debian Bug report #780471,
regarding wheezy-pu: package mdbtools/0.7-1+deb7u2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
780471: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780471
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: wheezy-pu: package mdbtools/0.7-1+deb7u2
• From: Jean-Michel Nirgal Vourgère <jmv_deb@nirgal.com>
• Date: Sat, 14 Mar 2015 15:36:21 +0000
• Message-id: <55045575.2030208@nirgal.com>

Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: pu
Tags: wheezy
Severity: normal


Dear RT,

Here are a couple of jessie patches, cherry-picked from upstream, that I
believe are worth having in wheezy:

* memo_zero_len_multipage fixes a buffer overflow while handling some
memo fields.
* bin_output_fix fixes blob output, because of a source destination
inversion in a memcpy.

Attached is a debdiff of 0.7-1+deb7u2 against 0.7-1+deb7u1.

Can I upload it to stable ?


-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

diff -Nru mdbtools-0.7/debian/changelog mdbtools-0.7/debian/changelog
--- mdbtools-0.7/debian/changelog	2015-03-14 16:27:10.000000000 +0100
+++ mdbtools-0.7/debian/changelog	2015-03-14 16:33:12.000000000 +0100
@@ -1,3 +1,11 @@
+mdbtools (0.7-1+deb7u2) wheezy; urgency=medium
+
+  * memo_zero_len_multipage: Fix overflow in some memo fields. Thanks to
+    lovelytwo@github.
+  * bin_output_fix: Fix output of binary data. Thanks to tyzhaoqi.
+
+ -- Jean-Michel Nirgal Vourgère <jmv_deb@nirgal.com>  Sat, 14 Mar 2015 16:33:09 +0100
+
 mdbtools (0.7-1+deb7u1) wheezy; urgency=low
 
   * Version libiodbc Breaks now that it can load multiarch drivers, drop
diff -Nru mdbtools-0.7/debian/patches/bin_output_fix mdbtools-0.7/debian/patches/bin_output_fix
--- mdbtools-0.7/debian/patches/bin_output_fix	1970-01-01 01:00:00.000000000 +0100
+++ mdbtools-0.7/debian/patches/bin_output_fix	2015-03-14 16:33:04.000000000 +0100
@@ -0,0 +1,19 @@
+Description: Fix binary outout
+Author: tyzhaoqi <tyzhaoqi@gmail.com>
+Last-Update: 2014-07-24
+Reviewed-by: Jean-Michel Vourgère <jmv_deb@nirgal.com>
+Applied-Upstream: commit:9ab40e83e6789015c965c92bdb62f92f8cdd0dbd
+
+Index: mdbtools/src/libmdb/data.c
+===================================================================
+--- mdbtools.orig/src/libmdb/data.c
++++ mdbtools/src/libmdb/data.c
+@@ -931,7 +931,7 @@ char *mdb_col_to_string(MdbHandle *mdb,
+ 				text = g_strdup("");
+ 			} else {
+ 				text = g_malloc(size);
+-				memcpy((char*)buf+start, text, size);
++				memcpy(text, (char*)buf+start, size);
+ 			}
+ 		break;
+ 		case MDB_TEXT:
diff -Nru mdbtools-0.7/debian/patches/memo_zero_len_multipage mdbtools-0.7/debian/patches/memo_zero_len_multipage
--- mdbtools-0.7/debian/patches/memo_zero_len_multipage	1970-01-01 01:00:00.000000000 +0100
+++ mdbtools-0.7/debian/patches/memo_zero_len_multipage	2015-03-14 16:33:04.000000000 +0100
@@ -0,0 +1,29 @@
+Description: Segfault fix on memo zero length multiple page
+ .
+ While converting memo field to string, stop processing on zero length
+ multiple page.
+Author: lovelytwo <>
+Reviewed-by: Jean-Michel Vourgère <jmv_deb@nirgal.com>
+Last-Update: 2014-05-02
+Applied-Upstream: commit:a89baeacf5976daf196e6f902fa84ca176d399db
+
+Index: mdbtools/src/libmdb/data.c
+===================================================================
+--- mdbtools.orig/src/libmdb/data.c
++++ mdbtools/src/libmdb/data.c
+@@ -732,9 +732,13 @@ static char *mdb_memo_to_string(MdbHandl
+ 			printf("row num %d start %d len %d\n",
+ 				pg_row & 0xff, row_start, len);
+ #endif
+-			if (tmpoff + len - 4 > memo_len) {
++			if (tmpoff + len - 4 > memo_len)
+ 				break;
+-			}
++
++			/* Stop processing on zero length multiple page memo fields */
++			if (!len)
++				break;
++
+ 			memcpy(tmp + tmpoff, buf + row_start + 4, len - 4);
+ 			tmpoff += len - 4;
+ 		} while (( pg_row = mdb_get_int32(buf, row_start) ));
diff -Nru mdbtools-0.7/debian/patches/series mdbtools-0.7/debian/patches/series
--- mdbtools-0.7/debian/patches/series	2015-03-14 16:27:10.000000000 +0100
+++ mdbtools-0.7/debian/patches/series	2015-03-14 16:33:04.000000000 +0100
@@ -3,3 +3,5 @@
 export_repid_uuid_as_string_use_char_38_in_mysql
 gmdb2_double_free
 binaries_to_string
+memo_zero_len_multipage
+bin_output_fix

Attachment: signature.asc
Description: OpenPGP digital signature

--- End Message ---

--- Begin Message ---

• To: 725661-done@bugs.debian.org, 770955-done@bugs.debian.org, 773796-done@bugs.debian.org, 774773-done@bugs.debian.org, 774820-done@bugs.debian.org, 774850-done@bugs.debian.org, 774921-done@bugs.debian.org, 775380-done@bugs.debian.org, 775603-done@bugs.debian.org, 775664-done@bugs.debian.org, 775825-done@bugs.debian.org, 776095-done@bugs.debian.org, 776734-done@bugs.debian.org, 776781-done@bugs.debian.org, 776884-done@bugs.debian.org, 777046-done@bugs.debian.org, 777047-done@bugs.debian.org, 777372-done@bugs.debian.org, 777553-done@bugs.debian.org, 778622-done@bugs.debian.org, 779083-done@bugs.debian.org, 779622-done@bugs.debian.org, 779926-done@bugs.debian.org, 780191-done@bugs.debian.org, 780471-done@bugs.debian.org, 780798-done@bugs.debian.org, 780924-done@bugs.debian.org, 781281-done@bugs.debian.org, 781406-done@bugs.debian.org, 781542-done@bugs.debian.org, 781885-done@bugs.debian.org, 781965-done@bugs.debian.org, 782042-done@bugs.debian.org, 782165-done@bugs.debian.org, 782409-done@bugs.debian.org, 782600-done@bugs.debian.org, 782663-done@bugs.debian.org, 782848-done@bugs.debian.org, 783659-done@bugs.debian.org, 783749-done@bugs.debian.org, 784102-done@bugs.debian.org, 785155-done@bugs.debian.org, 785348-done@bugs.debian.org, 785735-done@bugs.debian.org, 786691-done@bugs.debian.org, 786830-done@bugs.debian.org, 786919-done@bugs.debian.org, 787076-done@bugs.debian.org, 787403-done@bugs.debian.org, 787933-done@bugs.debian.org, 787947-done@bugs.debian.org, 788064-done@bugs.debian.org, 788242-done@bugs.debian.org, 788558-done@bugs.debian.org, 788664-done@bugs.debian.org, 790692-done@bugs.debian.org, 790940-done@bugs.debian.org, 793028-done@bugs.debian.org, 794962-done@bugs.debian.org, 795166-done@bugs.debian.org, 795892-done@bugs.debian.org, 797079-done@bugs.debian.org, 797213-done@bugs.debian.org
• Subject: Closing bugs for 7.9
• From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
• Date: Sat, 05 Sep 2015 14:33:54 +0100
• Message-id: <1441460034.2151.33.camel@adam-barratt.org.uk>

Version: 7.9

Hi,

These bugs relate to updates which were included in the 7.9 point
release.

Regards,

Adam

--- End Message ---