Bug#639114: texinfo: Increase stack buffer size for sprintf of numeric values

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#639114: texinfo: Increase stack buffer size for sprintf of numeric values
From: أحمد المحمودي <aelmahmoudy@sabily.org>
Date: Wed, 24 Aug 2011 10:49:36 +0200
Message-id: <[🔎] 20110824084936.16856.62685.reportbug@ants>
Reply-to: أحمد المحمودي <aelmahmoudy@sabily.org>, 639114@bugs.debian.org

Package: texinfo
Version: 4.13a.dfsg.1-6
Severity: normal
Tags: patch
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch



*** /tmp/tmpthmH7S
In Ubuntu, the attached patch was applied to achieve the following:

Fix a bug filed on Launchpad that makeinfo fails on sparc with buffer 
overflow detected, causing other packages FTBFS: 
https://bugs.launchpad.net/ubuntu/+source/texinfo/+bug/569802


  * debian/patches/minor-buffer-size-fix: increase stack buffer size
    for sprintf of numeric values (LP: #569802).


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty-proposed'), (500, 'natty'), (100, 'natty-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-11-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -u texinfo-4.13a.dfsg.1/debian/changelog texinfo-4.13a.dfsg.1/debian/changelog
diff -u texinfo-4.13a.dfsg.1/debian/patches/series texinfo-4.13a.dfsg.1/debian/patches/series
--- texinfo-4.13a.dfsg.1/debian/patches/series
+++ texinfo-4.13a.dfsg.1/debian/patches/series
@@ -7,0 +8 @@
+minor-buffer-size-fix
only in patch2:
unchanged:
--- texinfo-4.13a.dfsg.1.orig/debian/patches/minor-buffer-size-fix
+++ texinfo-4.13a.dfsg.1/debian/patches/minor-buffer-size-fix
@@ -0,0 +1,26 @@
+Author: Kees Cook <kees@ubuntu.com>
+Description: extend stack buffers to be large enough for the type values
+ they are expected to hold.
+Bug: https://savannah.gnu.org/bugs/?32122
+Bug-Ubuntu: https://launchpad.net/bugs/569802
+
+Index: texinfo-4.13a.dfsg.1/makeinfo/sectioning.c
+===================================================================
+--- texinfo-4.13a.dfsg.1.orig/makeinfo/sectioning.c	2011-01-13 14:12:35.382016526 -0800
++++ texinfo-4.13a.dfsg.1/makeinfo/sectioning.c	2011-01-13 14:14:41.285127427 -0800
+@@ -256,13 +256,13 @@
+     return xstrdup ("");
+   else if (enum_marker == APPENDIX_MAGIC)
+     {
+-      char s[1];
++      char s[2];
+       sprintf (s, "%c", numbers[0] + 64);
+       return xstrdup (s);
+     }
+   else
+     {
+-      char s[5];
++      char s[32];
+       sprintf (s, "%d", numbers[0]);
+       return xstrdup (s);
+     }

Reply to:

Follow-Ups:
- Bug#639114: texinfo: Increase stack buffer size for sprintf of numeric values
  - From: Hilmar Preusse <hille42@web.de>
- Bug#639114: marked as done (texinfo: Increase stack buffer size for sprintf of numeric values)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: texinfo_4.13a.dfsg.1-7_amd64.changes ACCEPTED into unstable
Next by Date: Bug#639114: texinfo: Increase stack buffer size for sprintf of numeric values
Previous by thread: texinfo_4.13a.dfsg.1-7_amd64.changes ACCEPTED into unstable
Next by thread: Bug#639114: texinfo: Increase stack buffer size for sprintf of numeric values
Index(es):
- Date
- Thread