[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#817992: marked as done (jessie-pu: package apt/1.0.9.8.3)

Your message dated Sat, 02 Apr 2016 14:20:04 +0100
with message-id <1459603204.2441.216.camel@adam-barratt.org.uk>
and subject line Fix included in stable
has caused the Debian Bug report #817992,
regarding jessie-pu: package apt/1.0.9.8.3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
817992: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817992
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu

Hi,

I'd like to update APT in jessie from 1.0.9.8.2 to 1.0.9.8.3 to
fix a stack buffer overflow the the dependency resolver, backported
from apt 1.2.6.

A compressed complete diff is attached. The relevant part is reproduced
below, it consists of the commits:
 [1] https://anonscm.debian.org/cgit/apt/apt.git/commit/?h=debian/jessie&id=2f34b45174906024fa87ee0d51d2e13d4770f465
 [2] https://anonscm.debian.org/cgit/apt/apt.git/commit/?h=debian/jessie&id=950f68a3459f47aa7215ce2bd493ca9354194300

[1] being the original commit cherry-picked, [2] being the changes needed to make
that run in jessie with a pre-C++11 APT.

diff -Nru apt-1.0.9.8.2/apt-pkg/algorithms.cc apt-1.0.9.8.3/apt-pkg/algorithms.cc
--- apt-1.0.9.8.2/apt-pkg/algorithms.cc	2015-09-15 17:08:27.000000000 +0200
+++ apt-1.0.9.8.3/apt-pkg/algorithms.cc	2016-03-12 14:14:29.000000000 +0100
@@ -735,6 +735,7 @@
       changing a breaks c) */
    bool Change = true;
    bool const TryFixByInstall = _config->FindB("pkgProblemResolver::FixByInstall", true);
+   std::vector<PackageKill> KillList;
    for (int Counter = 0; Counter != 10 && Change == true; Counter++)
    {
       Change = false;
@@ -777,12 +778,12 @@
 	    clog << "Investigating (" << Counter << ") " << I << endl;
 	 
 	 // Isolate the problem dependency
-	 PackageKill KillList[100];
-	 PackageKill *LEnd = KillList;
 	 bool InOr = false;
 	 pkgCache::DepIterator Start;
 	 pkgCache::DepIterator End;
-	 PackageKill *OldEnd = LEnd;
+	 size_t OldSize = 0;
+
+	 KillList.resize(0);
 	 
 	 enum {OrRemove,OrKeep} OrOp = OrRemove;
 	 for (pkgCache::DepIterator D = Cache[I].InstVerIter(Cache).DependsList();
@@ -792,7 +793,7 @@
 	    if (Start == End)
 	    {
 	       // Decide what to do
-	       if (InOr == true && OldEnd == LEnd)
+	       if (InOr == true && OldSize == KillList.size())
 	       {
 		  if (OrOp == OrRemove)
 		  {
@@ -826,7 +827,7 @@
 		  continue;
 
 	       InOr = Start != End;
-	       OldEnd = LEnd;
+	       OldSize = KillList.size();
 	    }
 	    else
             {
@@ -989,10 +990,8 @@
 		
 		  if (Debug == true)
 		     clog << "  Added " << Pkg.FullName(false) << " to the remove list" << endl;
-		  
-		  LEnd->Pkg = Pkg;
-		  LEnd->Dep = End;
-		  LEnd++;
+
+		  KillList.push_back((PackageKill) {Pkg, End});
 		  
 		  if (Start.IsNegative() == false)
 		     break;
@@ -1042,7 +1041,7 @@
 	 // Apply the kill list now
 	 if (Cache[I].InstallVer != 0)
 	 {
-	    for (PackageKill *J = KillList; J != LEnd; J++)
+	    for (std::vector<PackageKill>::const_iterator J = KillList.begin(); J != KillList.end(); J++)
 	    {
 	       Change = true;
 	       if ((Cache[J->Dep] & pkgDepCache::DepGNow) == 0)



-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (900, 'unstable'), (500, 'unstable-debug'), (500, 'testing'), (100, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.4.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

-- 
Debian Developer - deb.li/jak | jak-linux.org - free software dev

When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to (`inline'). Thank you.

Attachment: apt_1.0.9.8.2_1.0.9.8.3.diff.gz
Description: application/gzip


--- End Message ---
--- Begin Message --- 
Version: 8.4

Hi,

The packages referenced by these bugs were included in today's stable
point release.

Regards,

Adam

--- End Message ---
Reply to: