Your message dated Sat, 21 Jan 2006 21:07:30 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Fixed in oneko 1.2.sakura.6-2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 17 Nov 2003 15:25:58 +0000
>From [EMAIL PROTECTED] Mon Nov 17 09:25:57 2003
Return-path: <[EMAIL PROTECTED]>
Received: from springfield.intasys.com (steve.edi.intasys.com) [194.217.254.10]
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1ALlGG-0002gT-00; Mon, 17 Nov 2003 09:25:56 -0600
Received: from steve by steve.edi.intasys.com with local (Exim 3.36 #1 (Debian))
id 1ALlCp-0004ND-00; Mon, 17 Nov 2003 15:22:23 +0000
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Steve Kemp <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: oneko: Segfault on excessive command line argument.
X-Mailer: reportbug 2.36
Date: Mon, 17 Nov 2003 15:22:23 +0000
Message-Id: <[EMAIL PROTECTED]>
Sender: Steve Kemp <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Status: No, hits=-7.9 required=4.0
tests=HAS_PACKAGE,PATCH_UNIFIED_DIFF
autolearn=ham version=2.53-bugs.debian.org_2003_11_15
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_11_15
(1.174.2.15-2003-03-30-exp)
Package: oneko
Version: 1.2.sakura.6-1
Severity: normal
Tags: patch
oneko segfaults when given an excessively large argument to the
'-display' option.
Were this game setgid/setuid it would be exploitable, but thankfully
it is not.
The following session demonstrates the problem:
[EMAIL PROTECTED]:~$ oneko -display `perl -e 'print "X"x3333'`
Segmentation fault (core dumped)
The diff below fixes the issue.
Steve
--
-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux steve 2.4.19-686 #1 Mon Nov 18 23:59:03 EST 2002 i686
Locale: LANG=C, LC_CTYPE=en_US.UTF-8
Versions of packages oneko depends on:
ii libc6 2.3.2-9 GNU C Library: Shared libraries an
ii xlibs 4.2.1-13 X Window System client libraries
-- debconf information excluded
--- oneko.c-orig 2003-11-17 15:15:55.000000000 +0000
+++ oneko.c 2003-11-17 15:16:08.000000000 +0000
@@ -1421,7 +1421,7 @@
if (strcmp(argv[ArgCounter], "-display") == 0) {
ArgCounter++;
if (ArgCounter < argc) {
- strcpy(theDisplayName, argv[ArgCounter]);
+ strncpy(theDisplayName, argv[ArgCounter], sizeof(theDisplayName)-1);
} else {
fprintf(stderr, "%s: -display option error.\n", ProgramName);
exit(1);
---------------------------------------
Received: (at 221270-done) by bugs.debian.org; 21 Jan 2006 20:07:26 +0000
>From [EMAIL PROTECTED] Sat Jan 21 12:07:26 2006
Return-path: <[EMAIL PROTECTED]>
Received: from mail.irb.hr ([161.53.22.8] ident=UNKNOWN)
by spohr.debian.org with esmtp (Exim 4.50)
id 1F0P1C-0003K1-DH; Sat, 21 Jan 2006 12:07:26 -0800
Received: from diziet.irb.hr (diziet.irb.hr [161.53.22.31])
by mail.irb.hr (8.13.4/8.13.4/Debian-3) with ESMTP id k0LK7IkF029487;
Sat, 21 Jan 2006 21:07:19 +0100
Received: from diziet.irb.hr (localhost [127.0.0.1])
by diziet.irb.hr (8.13.5/8.13.5/Debian-3) with ESMTP id k0LK7Uap019666;
Sat, 21 Jan 2006 21:07:30 +0100
Received: (from [EMAIL PROTECTED])
by diziet.irb.hr (8.13.5/8.13.5/Submit) id k0LK7Uuv019664;
Sat, 21 Jan 2006 21:07:30 +0100
From: Matej Vela <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Fixed in oneko 1.2.sakura.6-2
Date: Sat, 21 Jan 2006 21:07:30 +0100
Message-ID: <[EMAIL PROTECTED]>
User-Agent: Gnus/5.110004 (No Gnus v0.4) Emacs/21.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Scanned-By: MIMEDefang 2.51 on 161.53.22.8
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
Source: oneko
Source-Version: 1.2.sakura.6-2
Now that oneko is orphaned, NMU-fixed bugs can be closed.
The original .changes file follows.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 20 Jan 2006 09:49:27 +0100
Source: oneko
Binary: oneko
Architecture: source powerpc
Version: 1.2.sakura.6-2
Distribution: unstable
Urgency: low
Maintainer: Marc 'HE' Brockschmidt <[EMAIL PROTECTED]>
Changed-By: Marc 'HE' Brockschmidt <[EMAIL PROTECTED]>
Description:
oneko - a cat chases the cursor (now a mouse) around the screen
Closes: 221270 347132
Changes:
oneko (1.2.sakura.6-2) unstable; urgency=low
.
* QA upload to help with xlibs-dev transition.
* Orphan package, as requested in #348199.
* debian/control: Replace xlibs-dev build-dep (Closes: #347132)
* oneko.c: Apply patch from Steve Kemp to handle long command line
arguments. Thanks, dude. (Closes: #221270)
Files:
2e7b3acf9db0528300c2d43e7b4ca3a0 614 games optional oneko_1.2.sakura.6-2.dsc
9e0d6446e46964e1f66eb9630dc03af8 5670 games optional
oneko_1.2.sakura.6-2.diff.gz
cd883e70d6395288fb6f9009472e5fc0 38210 games optional
oneko_1.2.sakura.6-2_powerpc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFD0KYtmO5zOp3h7rERAub7AJ9i2Kuyml3HOjU7mEC8PtSbwGHJOQCeOCRv
o4DMT56YWl/caCEovC/DyvU=
=q+Wa
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
