Ubuntu
makeztxt package

makeztxt segfaults

Bug #3477 reported by Marius Gedminas
8
Affects Status Importance Assigned to Milestone
makeztxt (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

There's an off-by-one error in makeztxt that causes it to overwrite an array on the stack, which ends in a segfault. I've a patch that fixes it.

Daniel Holbach (dholbach)
Changed in makeztxt:
assignee: nobody → motu
Johnny Mast (johnnymast)
Changed in makeztxt:
assignee: motu → rave
Revision history for this message
Johnny Mast (johnnymast) wrote : Patch for makeztxt_1.60-5 to makeztxt_1.60-7ubuntu1_i386.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 29 Nov 2005 18:12:07 +0100
Source: makeztxt
Binary: makeztxt
Architecture: source i386
Version: 1.60-7ubuntu1
Distribution: breezy
Urgency: low
Maintainer: Rolandas Juodzbalis <email address hidden>
Changed-By: rave <email address hidden>
Description:
 makeztxt - Create zTXT databases from ASCII files to read them in a Palm
Closes: 3477
Changes:
 makeztxt (1.60-7ubuntu1) breezy; urgency=low
 .
   * Patched an off-by-one vulnerability in makeztxt 1.60.
     (Closes: #3477)
Files:
 109bcb4c36cbc2410fba73f79b1d8814 592 otherosfs optional makeztxt_1.60-7ubuntu1.dsc
 0aa3e97256443ebe857d64f4feace7ab 3580 otherosfs optional makeztxt_1.60-7ubuntu1.diff.gz
 f0b31cf5abf6d776727af4ee786a09e6 26134 otherosfs optional makeztxt_1.60-7ubuntu1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDjJK2xJECkISmL40RArgIAJ47FSrkBBbofYXzU1TIHMS/Q2SI4gCfUWJg
yrQFDfSXI0p5364XGr0jEts=
=jfWb
-----END PGP SIGNATURE-----

Changed in makeztxt:
status: New → PendingUpload
Johnny Mast (johnnymast)
Changed in makeztxt:
assignee: rave → motureviewers
Revision history for this message
Reinhard Tartler (siretart) wrote :

is there are CAN/CVE number available for this? you should really mention it in the changelog. Please use your real name in the changelog.
Why do you drop the Recommends?

Changed in makeztxt:
status: Fix Committed → In Progress
Revision history for this message
Zak B. Elep (zakame) wrote :

Hi!

Why is the patch from -5 to -7ubuntu1? what happened to -6? Dapper still has -5.

Revision history for this message
Zak B. Elep (zakame) wrote :

Ignore the previous comment, seems change was minimal (even Debian only has -5).

Revision history for this message
Zak B. Elep (zakame) wrote :

Changed version from -7 to -5. Please be careful next time, Johnny ;)

Changed in makeztxt:
status: In Progress → Fix Committed
Revision history for this message
Zak B. Elep (zakame) wrote : Re: [Motu-reviewers] [Bug 3477] makeztxt segfaults

> Changed version from -7 to -5. Please be careful next time, Johnny ;)

That also applies to me :/ Didn't check the patch was set with
distribution: breezy, not dapper.

siretart's comment also applies, I think dropping the Recommends is
unneeded.

Changed in makeztxt:
status: Fix Committed → In Progress
Revision history for this message
Zak B. Elep (zakame) wrote :

Haven't heard from you for more than a week now, so I'm rebuilding this patch, dropping the Recommends change.

Revision history for this message
Zak B. Elep (zakame) wrote :

Patched with some minor changes.

Changed in makeztxt:
status: In Progress → Fix Committed
Zak B. Elep (zakame)
Changed in makeztxt:
status: Fix Committed → Fix Released
Revision history for this message
Gauvain Pocentek (gpocentek) wrote :

The fix has been uploaded.

Changed in makeztxt:
status: Unconfirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.