Your message dated Tue, 03 Apr 2007 19:47:03 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#300735: fixed in figlet 2.2.1-4.1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: figlet Version: 2.2-11 chkfont can be made to SIGSEGV. ie. chkfont /dev/zero Failure to zero a freed pointer causes a double free() near main() exit. This patch fixes this bug, squashes some warnings, and makes a couple of changes in an effort to make chkfont less exploitable. The bug fix proper is near line 283. -----Cut Here----- --- figlet221/chkfont.c 1998-03-05 16:00:00.000000000 -0800 +++ figlet221-kad/chkfont.c 2005-03-16 18:49:36.000000000 -0800 @@ -1,6 +1,14 @@ #include <stdio.h> #include <string.h> #include <ctype.h> +#ifdef __STDC__ +#include <stdlib.h> +#endif + +#ifndef EXIT_SUCCESS +#define EXIT_SUCCESS (0) +#define EXIT_FAILURE (1) +#endif #define DATE "20 Feb 1996" #define VERSION "2.2" @@ -19,18 +27,24 @@ full o' bugs .... */ +/* Squashed some warnings and a double free(): Kenneth Davies Mar 14 2005 */ + /* #define CHECKBLANKS */ #define FONTFILESUFFIX ".flf" #define FONTFILEMAGICNUMBER "flf2" -char posshardblanks[9] = { '!', '@', '#', '$', '%', '&', '*', 0x7f, 0 }; + +const char +posshardblanks[9] = { '!', '@', '#', '$', '%', '&', '*', '\177', '\0' }; char *myname,*fontfilename; FILE *fontfile; char hardblank; -int charheight,upheight,maxlen=0,old_layout; +int charheight,upheight,old_layout; int spectagcnt; -char *fileline; -int maxlinelength=0,currline; +char *fileline = NULL; +int currline; +int maxlinelength=0; +int maxlen=0; int ec,wc; int incon_endmarkwarn,endmark_countwarn,nonincrwarn; @@ -38,8 +52,8 @@ int codetagcnt; int gone; -void weregone(really) -int really; +void +weregone(int really) { if (!really && 2*ec+wc<=40) { return; @@ -60,23 +74,23 @@ gone=1; } -char *my_alloc(size) -int size; +char * +my_alloc(size_t size) { char *ptr; ptr=(char *)malloc(size); if (ptr==NULL) { fprintf(stderr,"%s: Out of memory\n",myname); + exit(EXIT_FAILURE); /* Bail out now instead of not returning anything */ } else { return(ptr); } } -int badsuffix(path,suffix) -char *path; -char *suffix; +int +badsuffix(char *path, char *suffix) { char ucsuffix[10]; char *s; @@ -93,22 +107,30 @@ return 1; } -void usageerr() +void +usageerr() { fprintf(stderr,"chkfont by Glenn Chappell <[EMAIL PROTECTED]>\n"); fprintf(stderr,"Version: %s, date: %s\n",VERSION,DATE); fprintf(stderr,"Checks figlet 2.0/2.1 font files for format errors.\n"); fprintf(stderr,"(Does not modify font files.)\n"); fprintf(stderr,"Usage: %s fontfile ...\n",myname); -exit(1); +exit(EXIT_FAILURE); } -void readchar() +void +readchar() { -int i,expected_width,k,len,newlen,diff,l; +int i,expected_width,k,diff,l; char endmark,expected_endmark; int leadblanks,minleadblanks,trailblanks,mintrailblanks; +int len, newlen; + + minleadblanks=0; + expected_endmark='\0'; + expected_width=0; + mintrailblanks=0; for (i=0;i<charheight;i++) { fgets(fileline,maxlen+1000,fontfile); @@ -202,7 +224,8 @@ } -void checkit() +void +checkit() { int i,k,cmtcount,numsread,ffrighttoleft,have_layout,layout; char magicnum[5],cha; @@ -223,7 +246,7 @@ fontfile=fopen(fontfilename,"r"); if (fontfile == NULL) { fprintf(stderr,"%s: Could not open file '%s'\n",myname,fontfilename); - exit(1); + exit(EXIT_FAILURE); } } @@ -258,6 +281,7 @@ &hardblank,&charheight,&upheight,&maxlen,&old_layout,&cmtcount, &ffrighttoleft,&layout,&spectagcnt); free(fileline); +fileline = NULL; if (numsread<7) { ffrighttoleft=0; } @@ -436,9 +460,8 @@ } -int main(argc,argv) -int argc; -char *argv[]; +int +main(int argc, char *argv[]) { int arg; __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/
--- End Message ---
--- Begin Message ---Source: figlet Source-Version: 2.2.1-4.1 We believe that the bug you reported is fixed in the latest version of figlet, which is due to be installed in the Debian FTP archive: figlet_2.2.1-4.1.diff.gz to pool/non-free/f/figlet/figlet_2.2.1-4.1.diff.gz figlet_2.2.1-4.1.dsc to pool/non-free/f/figlet/figlet_2.2.1-4.1.dsc figlet_2.2.1-4.1_alpha.deb to pool/non-free/f/figlet/figlet_2.2.1-4.1_alpha.deb figlet_2.2.1-4.1_amd64.deb to pool/non-free/f/figlet/figlet_2.2.1-4.1_amd64.deb figlet_2.2.1-4.1_arm.deb to pool/non-free/f/figlet/figlet_2.2.1-4.1_arm.deb figlet_2.2.1-4.1_hppa.deb to pool/non-free/f/figlet/figlet_2.2.1-4.1_hppa.deb figlet_2.2.1-4.1_i386.deb to pool/non-free/f/figlet/figlet_2.2.1-4.1_i386.deb figlet_2.2.1-4.1_powerpc.deb to pool/non-free/f/figlet/figlet_2.2.1-4.1_powerpc.deb figlet_2.2.1-4.1_sparc.deb to pool/non-free/f/figlet/figlet_2.2.1-4.1_sparc.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sam Hocevar (Debian packages) <[EMAIL PROTECTED]> (supplier of updated figlet package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 27 Mar 2007 13:51:54 +0200 Source: figlet Binary: figlet Architecture: source alpha amd64 arm hppa i386 powerpc sparc Version: 2.2.1-4.1 Distribution: testing-proposed-updates Urgency: high Maintainer: Carlos Laviola <[EMAIL PROTECTED]> Changed-By: Sam Hocevar (Debian packages) <[EMAIL PROTECTED]> Description: figlet - Frank, Ian & Glenn's Letters Closes: 300735 Changes: figlet (2.2.1-4.1) testing-proposed-updates; urgency=high . * Non-maintainer upload with maintainer's permission. * chkfont.c: backported patch by Kenneth Davies for 2.2.2-1, fix nasty core dumps when attempting to read files that are unexpected. (Closes: #300735) * /usr/bin/figlet is an alternative to /usr/bin/figlet-figlet now. This change was made to pave the way for free figlet clones. Files: 7a006073d7711519f61fd07719f9b9e8 566 non-free/text optional figlet_2.2.1-4.1.dsc 85f3dd99bd44fadd2c306343d0e797c4 7381 non-free/text optional figlet_2.2.1-4.1.diff.gz 1fd9b669c34e8f7f00dccd08f0648a34 155168 non-free/text optional figlet_2.2.1-4.1_alpha.deb 6b7409e8b7331f19baef76490e287f58 154134 non-free/text optional figlet_2.2.1-4.1_amd64.deb 82c6cd2b28c52fc2f7c5f2583c6a10be 152782 non-free/text optional figlet_2.2.1-4.1_arm.deb 696323df72d75b212031aa0e7ed31327 153730 non-free/text optional figlet_2.2.1-4.1_hppa.deb b806a3b5c0e12a3c6cc21655eeb73982 173056 non-free/text optional figlet_2.2.1-4.1_i386.deb 17f1028fb86e05eb841b00c21b41c64d 151126 non-free/text optional figlet_2.2.1-4.1_powerpc.deb d0905bf258caa0cb396baec4101d2b91 151072 non-free/text optional figlet_2.2.1-4.1_sparc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGEYX8fPP1rylJn2ERAswZAJsHTgXoCfPJ5XWoHYh5t+Ha0VgC4ACfdfte 9x55LvQFyZM3X+/aUumEbB8= =z+Ca -----END PGP SIGNATURE-----
--- End Message ---
