Hello community, here is the log from the commit of package libestr for openSUSE:Factory checked in at 2013-10-18 11:33:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libestr (Old) and /work/SRC/openSUSE:Factory/.libestr.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libestr" Changes: -------- --- /work/SRC/openSUSE:Factory/libestr/libestr.changes 2013-09-13 14:44:45.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libestr.new/libestr.changes 2013-10-18 11:39:46.000000000 +0200 @@ -1,0 +2,7 @@ +Thu Oct 17 17:58:54 UTC 2013 - [email protected] + +- update to 0.1.8 - [bnc#846487] + - bugfix: invalid comparison results for different-length strings + es_strcmp, es_strcasecmp, es_strbufcmp, and es_strcasebufcmp + +------------------------------------------------------------------- Old: ---- libestr-0.1.6.tar.gz New: ---- libestr-0.1.8.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libestr.spec ++++++ --- /var/tmp/diff_new_pack.CzwkhH/_old 2013-10-18 11:39:47.000000000 +0200 +++ /var/tmp/diff_new_pack.CzwkhH/_new 2013-10-18 11:39:47.000000000 +0200 @@ -17,7 +17,7 @@ Name: libestr -Version: 0.1.6 +Version: 0.1.8 Release: 0 Summary: String handling essentials library License: LGPL-2.1+ ++++++ libestr-0.1.6.tar.gz -> libestr-0.1.8.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libestr-0.1.6/ChangeLog new/libestr-0.1.8/ChangeLog --- old/libestr-0.1.6/ChangeLog 2013-09-12 14:51:23.000000000 +0200 +++ new/libestr-0.1.8/ChangeLog 2013-10-16 16:55:34.000000000 +0200 @@ -1,4 +1,20 @@ ---------------------------------------------------------------------- +Version 0.1.8 2013-10-16 +- bugfix: previous fix for string comparisons did not work properly + Thanks to Tomas Heinrich for alerting us +---------------------------------------------------------------------- +Version 0.1.7 2013-10-10 +- bugfix: invalid comparison results for different-length strings + es_strcmp, es_strcasecmp, es_strbufcmp, and es_strcasebufcmp + returned incorrect results if the first string was smaller than + the second. In that case, the first string was always assumed + to be lexially lower than the second. If the second string was + larger than the first, the same issue occured. This did not affect + equal comparisons, but LT/GT checks lead to invalid result, with + potentially harsh consequences (e.g. qsort() did not work properly). + This bug is present for a very long time, potentially down to the + initial implementation of libestr. +---------------------------------------------------------------------- Version 0.1.6 2013-09-12 - bugfix: ascii hex code escapes did not work Thanks to Rene Kalff for the patch diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libestr-0.1.6/configure new/libestr-0.1.8/configure --- old/libestr-0.1.6/configure 2013-09-12 14:53:29.000000000 +0200 +++ new/libestr-0.1.8/configure 2013-10-16 16:56:30.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for libestr 0.1.6. +# Generated by GNU Autoconf 2.68 for libestr 0.1.8. # # Report bugs to <[email protected]>. # @@ -570,8 +570,8 @@ # Identity of this package. PACKAGE_NAME='libestr' PACKAGE_TARNAME='libestr' -PACKAGE_VERSION='0.1.6' -PACKAGE_STRING='libestr 0.1.6' +PACKAGE_VERSION='0.1.8' +PACKAGE_STRING='libestr 0.1.8' PACKAGE_BUGREPORT='[email protected]' PACKAGE_URL='' @@ -1298,7 +1298,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libestr 0.1.6 to adapt to many kinds of systems. +\`configure' configures libestr 0.1.8 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1368,7 +1368,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libestr 0.1.6:";; + short | recursive ) echo "Configuration of libestr 0.1.8:";; esac cat <<\_ACEOF @@ -1473,7 +1473,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libestr configure 0.1.6 +libestr configure 0.1.8 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1842,7 +1842,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libestr $as_me 0.1.6, which was +It was created by libestr $as_me 0.1.8, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -2657,7 +2657,7 @@ # Define the identity of the package. PACKAGE='libestr' - VERSION='0.1.6' + VERSION='0.1.8' cat >>confdefs.h <<_ACEOF @@ -12135,7 +12135,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libestr $as_me 0.1.6, which was +This file was extended by libestr $as_me 0.1.8, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -12201,7 +12201,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -libestr config.status 0.1.6 +libestr config.status 0.1.8 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libestr-0.1.6/configure.ac new/libestr-0.1.8/configure.ac --- old/libestr-0.1.6/configure.ac 2013-09-12 14:53:06.000000000 +0200 +++ new/libestr-0.1.8/configure.ac 2013-10-16 16:56:19.000000000 +0200 @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT([libestr], [0.1.6], [[email protected]]) +AC_INIT([libestr], [0.1.8], [[email protected]]) AM_INIT_AUTOMAKE m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) AC_CONFIG_SRCDIR([src/libestr.c]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libestr-0.1.6/src/string.c new/libestr-0.1.8/src/string.c --- old/libestr-0.1.6/src/string.c 2013-09-12 14:52:00.000000000 +0200 +++ new/libestr-0.1.8/src/string.c 2013-10-16 17:02:38.000000000 +0200 @@ -212,20 +212,20 @@ ASSERT_STR(s); assert(buf != NULL); - if(s->lenStr < lenBuf) - r = -1; - else if(s->lenStr > lenBuf) - r = 1; - else { - c = es_getBufAddr(s); - r = 0; /* assume: strings equal, will be reset if not */ - for(i = 0 ; i < s->lenStr ; ++i) { - if(c[i] != buf[i]) { - r = c[i] - buf[i]; - break; - } + c = es_getBufAddr(s); + r = 0; /* assume: strings equal, will be reset if not */ + for(i = 0 ; i < s->lenStr ; ++i) { + if(i == lenBuf) { + r = 1; /* strings are so far equal, but second string is smaller */ + break; + } + if(c[i] != buf[i]) { + r = c[i] - buf[i]; + break; } } + if(r == 0 && s->lenStr < lenBuf) + r = -1; /* strings are so far equal, but first string is smaller */ return r; } @@ -245,20 +245,20 @@ ASSERT_STR(s); assert(buf != NULL); - if(s->lenStr < lenBuf) - r = -1; - else if(s->lenStr > lenBuf) - r = 1; - else { - c = es_getBufAddr(s); - r = 0; /* assume: strings equal, will be reset if not */ - for(i = 0 ; i < s->lenStr ; ++i) { - if(tolower(c[i]) != tolower(buf[i])) { - r = tolower(c[i]) - tolower(buf[i]); - break; - } + c = es_getBufAddr(s); + r = 0; /* assume: strings equal, will be reset if not */ + for(i = 0 ; i < s->lenStr ; ++i) { + if(i == lenBuf) { + r = 1; + break; + } + if(tolower(c[i]) != tolower(buf[i])) { + r = tolower(c[i]) - tolower(buf[i]); + break; } } + if(r == 0 && s->lenStr < lenBuf) + r = -1; return r; } int -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
