[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1107119: mail bounced; try once more; Bug#1107119: unblock: freetds/1.5.2+ds-1

Hi

On 2025-06-14 08:33:10 +0200, Paul Gevers wrote:
> Hi Joe,
> 
> Your email address bounced. This is a courtesy message to let you know your
> bug report had follow up.
> 
> Paul
> 
> On 09-06-2025 15:27, Mail Delivery System wrote:
> > This message was created automatically by mail delivery software.
> > 
> > A message that you sent could not be delivered to one or more of its
> > recipients. This is a permanent error. The following address(es) failed:
> > 
> >    joe@nahmias.net
> >      host skippy.nahmias.net [162.243.209.86]
> >      retry timeout exceeded
> 

As we got no reply on the unblock bug and the full freeze started, I
have uploaded the attached debdiff to tpu to fix #1104758 in trixie.

Cheers
-- 
Sebastian Ramacher

diff -Nru freetds-1.3.17+ds/debian/changelog freetds-1.3.17+ds/debian/changelog
--- freetds-1.3.17+ds/debian/changelog	2023-01-27 01:59:14.000000000 +0100
+++ freetds-1.3.17+ds/debian/changelog	2025-07-27 10:08:11.000000000 +0200
@@ -1,3 +1,10 @@
+freetds (1.3.17+ds-2+deb13u1) trixie; urgency=medium
+
+  * debian/patches: Add upstream patch to fix float -> uint conversion bounds
+    check (Closes: #1104758)
+
+ -- Sebastian Ramacher <sramacher@debian.org>  Sun, 27 Jul 2025 10:08:11 +0200
+
 freetds (1.3.17+ds-2) unstable; urgency=medium
 
   * source-only upload to enable bookwork testing migration. 
diff -Nru freetds-1.3.17+ds/debian/patches/bts_1104758.patch freetds-1.3.17+ds/debian/patches/bts_1104758.patch
--- freetds-1.3.17+ds/debian/patches/bts_1104758.patch	1970-01-01 01:00:00.000000000 +0100
+++ freetds-1.3.17+ds/debian/patches/bts_1104758.patch	2025-07-27 09:58:49.000000000 +0200
@@ -0,0 +1,105 @@
+From a381342bbfccafc0aa9ed2376e38470907d53225 Mon Sep 17 00:00:00 2001
+From: Frediano Ziglio <freddy77@gmail.com>
+Date: Sat, 31 May 2025 17:02:34 +0100
+Subject: [PATCH] tds: Fix bound check conversion (float -> uint)
+
+Converting from floating point to unsigned int the bound check
+was incorrect resulting in invalid conversions if the input
+value was not in range.
+
+Signed-off-by: Frediano Ziglio <freddy77@gmail.com>
+---
+ src/tds/convert.c | 19 ++++++++++---------
+ 1 file changed, 10 insertions(+), 9 deletions(-)
+
+--- a/src/tds/convert.c
++++ b/src/tds/convert.c
+@@ -89,7 +89,6 @@
+ 
+ /*
+  * Macros for integer number checks.
+- * IS_UINT works for both integers and floating point values.
+  *
+  * f77: I don't write -2147483648, some compiler seem to have some problem 
+  * with this constant although is a valid 32bit value
+@@ -98,7 +97,7 @@
+ #define TDS_INT_MAX 2147483647
+ #define INT_IS_INT(x) (TDS_INT_MIN <= (x) && (x) <= TDS_INT_MAX)
+ #define TDS_UINT_MAX 4294967295u
+-#define IS_UINT(x) (-1 < (TDS_INT8)(x) && (x) < (TDS_INT8) TDS_UINT_MAX + 1)
++#define INT_IS_UINT(x) (0 <= (x) && (x) <= (TDS_INT8) TDS_UINT_MAX)
+ #define TDS_INT8_MIN (-(((TDS_INT8)1)<<62) -(((TDS_INT8)1)<<62))
+ #define TDS_INT8_MAX ((((TDS_INT8) 0x7fffffff) << 32) + (TDS_INT8) 0xffffffffu)
+ 
+@@ -110,6 +109,8 @@
+  */
+ #define TDS_INT_UPPER_FLOAT 2147483648.0f
+ #define FLOAT_IS_INT(x) (TDS_INT_MIN - (x) < 1.0f && (x) < TDS_INT_UPPER_FLOAT)
++#define TDS_UINT_UPPER_FLOAT 4294967296.0f
++#define FLOAT_IS_UINT(x) (-1.0f < (x) && (x) < TDS_UINT_UPPER_FLOAT)
+ #define TDS_INT8_MIN_FLOAT (-9223372036854775808.0f)
+ #define TDS_INT8_UPPER_FLOAT 9223372036854775808.0f
+ #define FLOAT_IS_INT8(x) (TDS_INT8_MIN_FLOAT - (x) < 1.0f && (x) < TDS_INT8_UPPER_FLOAT)
+@@ -407,7 +408,7 @@
+ 	case SYBUINT4:
+ 		if ((rc = string_to_int8(src, src + srclen, &tds_i8)) < 0)
+ 			return rc;
+-		if (!IS_UINT(tds_i8))
++		if (!INT_IS_UINT(tds_i8))
+ 			return TDS_CONVERT_OVERFLOW;
+ 		cr->ui = (TDS_UINT) tds_i8;
+ 		return sizeof(TDS_UINT);
+@@ -748,7 +749,7 @@
+ 		return TDS_CONVERT_OVERFLOW;
+ 		break;
+ 	case SYBUINT4:
+-		if (!IS_UINT(buf))
++		if (!INT_IS_UINT(buf))
+ 			return TDS_CONVERT_OVERFLOW;
+ 		cr->ui = (TDS_UINT) buf;
+ 		return sizeof(TDS_UINT);
+@@ -826,7 +827,7 @@
+ 		return TDS_CONVERT_OVERFLOW;
+ 		break;
+ 	case SYBUINT4:
+-		if (!IS_UINT(buf))
++		if (!INT_IS_UINT(buf))
+ 			return TDS_CONVERT_OVERFLOW;
+ 		cr->ui = (TDS_UINT) buf;
+ 		return sizeof(TDS_UINT);
+@@ -1119,7 +1120,7 @@
+ 		break;
+ 	case SYBUINT4:
+ 		dollars = mny.mny4 / 10000;
+-		if (!IS_UINT(dollars))
++		if (!INT_IS_UINT(dollars))
+ 			return TDS_CONVERT_OVERFLOW;
+ 		cr->ui = dollars;
+ 		return sizeof(TDS_UINT);
+@@ -1219,7 +1220,7 @@
+ 		break;
+ 	case SYBUINT4:
+ 		dollars = mymoney / 10000;
+-		if (!IS_UINT(dollars))
++		if (!INT_IS_UINT(dollars))
+ 			return TDS_CONVERT_OVERFLOW;
+ 		cr->ui = (TDS_UINT) dollars;
+ 		return sizeof(TDS_UINT);
+@@ -1549,7 +1550,7 @@
+ 		return sizeof(TDS_INT);
+ 		break;
+ 	case SYBUINT4:
+-		if (!IS_UINT(the_value))
++		if (!FLOAT_IS_UINT(the_value))
+ 			return TDS_CONVERT_OVERFLOW;
+ 		cr->ui = (TDS_UINT) the_value;
+ 		return sizeof(TDS_UINT);
+@@ -1658,7 +1659,7 @@
+ 		return sizeof(TDS_INT);
+ 		break;
+ 	case SYBUINT4:
+-		if (!IS_UINT(the_value))
++		if (!FLOAT_IS_UINT(the_value))
+ 			return TDS_CONVERT_OVERFLOW;
+ 		cr->ui = (TDS_UINT) the_value;
+ 		return sizeof(TDS_UINT);
diff -Nru freetds-1.3.17+ds/debian/patches/series freetds-1.3.17+ds/debian/patches/series
--- freetds-1.3.17+ds/debian/patches/series	2023-01-25 20:45:38.000000000 +0100
+++ freetds-1.3.17+ds/debian/patches/series	2025-07-27 09:56:37.000000000 +0200
@@ -1,2 +1,3 @@
 drop-obsolete-AC_LTDL_DLLIB.patch
 drop-w3c-validation-badge.patch
+bts_1104758.patch
Reply to: