Your message dated Sun, 3 Apr 2005 22:18:35 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#302273: didiwiki: Crashes when -h or $DIDIWIKIHOME
contains "%n%n%n%n"
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 30 Mar 2005 23:24:02 +0000
>From [EMAIL PROTECTED] Wed Mar 30 15:24:01 2005
Return-path: <[EMAIL PROTECTED]>
Received: from av7-1-sn4.m-sp.skanova.net [81.228.10.110]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DGmXZ-00012E-00; Wed, 30 Mar 2005 15:24:01 -0800
Received: by av7-1-sn4.m-sp.skanova.net (Postfix, from userid 502)
id 329A837E60; Thu, 31 Mar 2005 01:23:30 +0200 (CEST)
Received: from smtp2-1-sn4.m-sp.skanova.net (smtp2-1-sn4.m-sp.skanova.net
[81.228.10.183])
by av7-1-sn4.m-sp.skanova.net (Postfix) with ESMTP
id 209AC37E45; Thu, 31 Mar 2005 01:23:30 +0200 (CEST)
Received: from h55n2fls31o1123.telia.com (h55n2fls31o1123.telia.com
[81.224.172.55])
by smtp2-1-sn4.m-sp.skanova.net (Postfix) with ESMTP id D244E37E44;
Thu, 31 Mar 2005 01:23:29 +0200 (CEST)
Received: from metaur by h55n2fls31o1123.telia.com with local (Exim 4.50)
id 1DGmX3-0007Ob-BC; Thu, 31 Mar 2005 01:23:29 +0200
Date: Thu, 31 Mar 2005 01:23:29 +0200
From: Ulf Harnhammar <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: didiwiki: Crashes when -h or $DIDIWIKIHOME contains "%n%n%n%n"
Message-ID: <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="PEIAKu/WMn1b1Hv9"
Content-Disposition: inline
X-Blog-URL: http://www.advogato.org/person/metaur/
User-Agent: Mutt/1.5.6+20040907i
Content-Transfer-Encoding: 7bit
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.7 required=4.0 tests=BAYES_00,GAPPY_SUBJECT,
HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--PEIAKu/WMn1b1Hv9
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Subject: didiwiki: Crashes when -h or $DIDIWIKIHOME contains "%n%n%n%n"
Package: didiwiki
Version: 0.5-1
Severity: normal
Tags: patch
Hello,
didiwiki crashes when its -h option or the environment variable DIDIWIKIH=
OME
contains "%n%n%n%n". There are two lines where the program uses user-defi=
ned
data as the format string to snprintf(), where it should use that data as
parameters to a fixed format string.
Here is an example of the two bugs in action:
[EMAIL PROTECTED]:~$ /usr/bin/didiwiki -h '%n%n%n%n'
Segmentation fault
[EMAIL PROTECTED]:~$ export DIDIWIKIHOME=3D'%n%n%n%n'
[EMAIL PROTECTED]:~$ /usr/bin/didiwiki
Segmentation fault
[EMAIL PROTECTED]:~$
I have attached a patch.
// Ulf H=E4rnhammar
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=3Den_US, LC_CTYPE=3Den_US (charmap=3DISO-8859-1)
Versions of packages didiwiki depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared librar=
ies an
-- no debconf information
--PEIAKu/WMn1b1Hv9
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="didiwiki.formstring.patch"
--- src/wiki.c.old 2005-03-31 00:39:40.579930016 +0200
+++ src/wiki.c 2005-03-31 00:58:43.170724112 +0200
@@ -1039,13 +1039,13 @@ wiki_init(char *didiwiki_home)
if (didiwiki_home)
{
- snprintf(datadir, 512, didiwiki_home);
+ snprintf(datadir, 512, "%s", didiwiki_home);
}
else
{
if (getenv("DIDIWIKIHOME"))
{
- snprintf(datadir, 512, getenv("DIDIWIKIHOME"));
+ snprintf(datadir, 512, "%s", getenv("DIDIWIKIHOME"));
}
else
{
--PEIAKu/WMn1b1Hv9--
---------------------------------------
Received: (at 302273-done) by bugs.debian.org; 3 Apr 2005 21:18:40 +0000
>From [EMAIL PROTECTED] Sun Apr 03 14:18:40 2005
Return-path: <[EMAIL PROTECTED]>
Received: from ppsw-8.csi.cam.ac.uk [131.111.8.138]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DICUS-00008F-00; Sun, 03 Apr 2005 14:18:40 -0700
Received: from student.cusu.cam.ac.uk ([131.111.179.82]:59993
helo=kern.srcf.societies.cam.ac.uk)
by ppsw-8.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.138]:25)
with esmtp id 1DICUN-0007Ko-Rt (Exim 4.44) for [EMAIL PROTECTED]
(return-path <[EMAIL PROTECTED]>); Sun, 03 Apr 2005 22:18:35 +0100
Received: from hmw26 by kern.srcf.societies.cam.ac.uk with local (Exim 3.35 #1
(Debian))
id 1DICUN-0007ur-00
for <[EMAIL PROTECTED]>; Sun, 03 Apr 2005 22:18:35 +0100
Date: Sun, 3 Apr 2005 22:18:35 +0100
From: "Hanna M. Wallach" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Bug#302273: didiwiki: Crashes when -h or $DIDIWIKIHOME contains
"%n%n%n%n"
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.28i
Mail-Copies-To: never
Sender: "Hanna M. Wallach" <[EMAIL PROTECTED]>
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
X-Cam-AntiVirus: No virus found
X-Cam-SpamDetails: Not scanned
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-2.6 required=4.0 tests=BAYES_00,FROM_ENDS_IN_NUMS,
GAPPY_SUBJECT,HAS_BUG_NUMBER autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
didiwiki (0.5-3) unstable; urgency=low
* src/wiki.c: Use user-defined data as parameters to fixed format
string rather than as the format string itself (closes #302273).
--
hanna m. wallach
blog: http://join-the-dots.org/
work: http://www.inference.phy.cam.ac.uk/hmw26/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
