Ubuntu
scratchbox2 package

hardening patch needs to handle failure

Bug #267594 reported by Kees Cook on 2008-09-07

This bug report is a duplicate of: Bug #372736: Sync scratchbox2 2.0-1 (universe) from Debian unstable (main).. Edit Remove

Affects		Status	Importance	Assigned to	Milestone
	scratchbox2 (Ubuntu)	New	Undecided	Unassigned

Bug Description

Binary package hint: scratchbox2

The recent patch for solving the FTBFS needs to correctly handle the bug that was detected.

+- asprintf(&new_ld_preload, "%s:%s",
+- old_ld_preload, sbox_libsb2);
++ if (asprintf(&new_ld_preload, "%s:%s",
++ old_ld_preload, sbox_libsb2)) { }

This will just silence the warning -- new_ld_preload being NULL after the sprintf is an unhandled failure condition that needs to be tested, reported, and have the program abort accordingly. (See the other situations in "main" where this is done.)

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #372736 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuscratchbox2 package

hardening patch needs to handle failure

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
scratchbox2 package