Bug#1025323: bullseye-pu: package nano/5.4-2+deb11u2
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
Hi release team!
I'm requesting the acceptance of a new nano update for stable,
with 3 additional upstream patches that fix two crash conditions
and a data-loss condition.
All the patches are trivial, self-explanatory but also well
documented in their headers.
[ Reason ]
These fixes are backports of fixes for the most important
bugfixes in the latest nano releases.
[ Impact ]
Not applying these means nano can crash on certain conditions.
The errors were found via Fedora's crash data service.
[ Tests ]
Manual tests have been done to test these fixes. Besides, the
fixes have been in test in newer versions of nano across multiple
distributors.
[ Risks ]
I think the risks are minimal, but in any case, the fixes can be easily
reverted if they need to.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable (except for one of
the patches, which will be fixed in soon to be released 7.1)
[ Changes ]
The debiff consists of the addition of 3 individual patches,
plus the update of teh series file and debian changelog.
[ Other info ]
This update is very similar to the one that was previously accepted by
the release team, but this time with far less patches and lines of code
involved.
diff -Nru nano-5.4/debian/changelog nano-5.4/debian/changelog
--- nano-5.4/debian/changelog 2021-11-22 01:07:23.000000000 +0100
+++ nano-5.4/debian/changelog 2022-12-02 14:06:48.000000000 +0100
@@ -1,3 +1,11 @@
+nano (5.4-2+deb11u2) bullseye; urgency=medium
+
+ * The "No a l'ampliació del port" release.
+ * Add three additional patches from Benno Schulenberg, with two
+ crash fixes and one data-loss fix.
+
+ -- Jordi Mallach <jordi@debian.org> Fri, 02 Dec 2022 14:06:48 +0100
+
nano (5.4-2+deb11u1) bullseye; urgency=medium
* The "Bueno, de verdad, hasta luego, paso" release.
diff -Nru nano-5.4/debian/patches/0036-input-ensure-that-no-more-bytes-are-consumed-than-ar.patch nano-5.4/debian/patches/0036-input-ensure-that-no-more-bytes-are-consumed-than-ar.patch
--- nano-5.4/debian/patches/0036-input-ensure-that-no-more-bytes-are-consumed-than-ar.patch 1970-01-01 01:00:00.000000000 +0100
+++ nano-5.4/debian/patches/0036-input-ensure-that-no-more-bytes-are-consumed-than-ar.patch 2022-12-02 13:42:39.000000000 +0100
@@ -0,0 +1,33 @@
+From af63d94017a26cbf3446219de5ced30e677e0f13 Mon Sep 17 00:00:00 2001
+From: Benno Schulenberg <bensberg@telfort.nl>
+Date: Sun, 12 Dec 2021 15:43:15 +0100
+Subject: [PATCH 36/38] input: ensure that no more bytes are consumed than are
+ available
+
+The value of 'consumed' may not exceed the given 'length'.
+
+Bug existed since version 2.9.3, commit e739448c.
+
+(Bug was found by studying Fedora crash reports. Thank you, Fedora!)
+---
+ src/winio.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/winio.c b/src/winio.c
+index 1116c172..e12d6e6b 100644
+--- a/src/winio.c
++++ b/src/winio.c
+@@ -466,8 +466,9 @@ int convert_SS3_sequence(const int *seq, size_t length, int *consumed)
+ /* Translate a sequence that began with "Esc [" to its corresponding key code. */
+ int convert_CSI_sequence(const int *seq, size_t length, int *consumed)
+ {
+- if (seq[0] < '9')
++ if (seq[0] < '9' && length > 1)
+ *consumed = 2;
++
+ switch (seq[0]) {
+ case '1':
+ if (length > 1 && seq[1] == '~')
+--
+2.37.4
+
diff -Nru nano-5.4/debian/patches/0037-execute-don-t-crash-when-an-empty-buffer-is-piped-th.patch nano-5.4/debian/patches/0037-execute-don-t-crash-when-an-empty-buffer-is-piped-th.patch
--- nano-5.4/debian/patches/0037-execute-don-t-crash-when-an-empty-buffer-is-piped-th.patch 1970-01-01 01:00:00.000000000 +0100
+++ nano-5.4/debian/patches/0037-execute-don-t-crash-when-an-empty-buffer-is-piped-th.patch 2022-12-02 13:42:39.000000000 +0100
@@ -0,0 +1,33 @@
+From 35b67b15652102203161beb31db786f09981de81 Mon Sep 17 00:00:00 2001
+From: Benno Schulenberg <bensberg@telfort.nl>
+Date: Thu, 24 Feb 2022 11:57:56 +0100
+Subject: [PATCH 37/38] execute: don't crash when an empty buffer is piped
+ through a command
+
+That is, take into account that the cutbuffer could be NULL
+(when updating the undo item).
+
+This fixes https://savannah.gnu.org/bugs/?62107.
+
+Bug existed since version 4.9, commit b15c5a7e.
+---
+ src/text.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/text.c b/src/text.c
+index 5ff5745d..c88ca516 100644
+--- a/src/text.c
++++ b/src/text.c
+@@ -1200,7 +1200,8 @@ void update_undo(undo_type action)
+ else if (cutbuffer != NULL) {
+ free_lines(u->cutbuffer);
+ u->cutbuffer = copy_buffer(cutbuffer);
+- }
++ } else
++ break;
+ if (!(u->xflags & MARK_WAS_SET)) {
+ linestruct *bottomline = u->cutbuffer;
+ size_t count = 0;
+--
+2.37.4
+
diff -Nru nano-5.4/debian/patches/0038-text-upon-Enter-eat-only-lefthand-blanks-not-any-oth.patch nano-5.4/debian/patches/0038-text-upon-Enter-eat-only-lefthand-blanks-not-any-oth.patch
--- nano-5.4/debian/patches/0038-text-upon-Enter-eat-only-lefthand-blanks-not-any-oth.patch 1970-01-01 01:00:00.000000000 +0100
+++ nano-5.4/debian/patches/0038-text-upon-Enter-eat-only-lefthand-blanks-not-any-oth.patch 2022-12-02 13:42:39.000000000 +0100
@@ -0,0 +1,36 @@
+From 7338d67935876a05cc3743102821c12574c17435 Mon Sep 17 00:00:00 2001
+From: Benno Schulenberg <bensberg@telfort.nl>
+Date: Thu, 24 Nov 2022 15:51:43 +0100
+Subject: [PATCH 38/38] text: upon Enter, eat only lefthand blanks, not any
+ other characters
+
+Make sure that there is only whitespace to the left of the cursor
+before setting 'allblanks' to TRUE, because this latter value will
+cause these characters to be eaten (as a special case, to avoid
+creating lines that contain only blanks when both --autoindent
+and --breaklonglines are on).
+
+This fixes https://savannah.gnu.org/bugs/?63407.
+Reported-by: Tasos Papastylianou <tpapastylianou@hotmail.com>
+
+Bug existed since version 2.9.8, commit d00ab406.
+---
+ src/text.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/text.c b/src/text.c
+index c88ca516..9c6043e9 100644
+--- a/src/text.c
++++ b/src/text.c
+@@ -878,7 +878,7 @@ void do_enter(void)
+ if (extra > openfile->current_x)
+ extra = openfile->current_x;
+ else if (extra == openfile->current_x)
+- allblanks = TRUE;
++ allblanks = (indent_length(openfile->current->data) == extra);
+ }
+ #endif /* NANO_TINY */
+ newnode->data = nmalloc(strlen(openfile->current->data +
+--
+2.37.4
+
diff -Nru nano-5.4/debian/patches/series nano-5.4/debian/patches/series
--- nano-5.4/debian/patches/series 2021-11-22 00:52:49.000000000 +0100
+++ nano-5.4/debian/patches/series 2022-12-02 13:43:25.000000000 +0100
@@ -33,3 +33,6 @@
0033-help-do-not-show-S-when-preserve-is-in-effect.patch
0034-syntax-email-use-a-character-class-as-s-does-not-wor.patch
0035-justify-correctly-determine-whether-top-of-buffer-ha.patch
+0036-input-ensure-that-no-more-bytes-are-consumed-than-ar.patch
+0037-execute-don-t-crash-when-an-empty-buffer-is-piped-th.patch
+0038-text-upon-Enter-eat-only-lefthand-blanks-not-any-oth.patch
Reply to: