Your message dated Mon, 15 Aug 2011 16:04:33 +0000
with message-id <[email protected]>
and subject line Bug#604190: fixed in yafc 1.1.1.dfsg.1-4.1
has caused the Debian Bug report #604190,
regarding [yafc] Wrong usage of strcpy
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
604190: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604190
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: yafc
Version: 1.1.1.dfsg.1-4
Severity: normal
Tags: patch
--- Please enter the report below this line. ---
Hi,
Since a few months I've noticed that yafc uploads files with a wrong
name. For example a file named 'IMG_0301.JPG' will be renamed as
'IMG_0001.JPG'.
This is due to a wrong usage of the strcpy function. strcpy cannot be
used with source and destination overlapping. With optimized
implementations this might led to inconsistencies.
Please find a patched attached.
Regards,
--
Lionel Landwerlin
--- System information. ---
Architecture: amd64
Kernel: Linux 2.6.32-4-amd64
Debian Release: squeeze/sid
500 unstable ftp.fr.debian.org
1 experimental ftp.fr.debian.org
--- Package information. ---
Depends (Version) | Installed
====================================-+-====================
libc6 (>= 2.7-1) | 2.11.2-6
libncurses5 (>= 5.6+20071006-3) | 5.7+20100313-4
libreadline5 (>= 5.2) | 5.2-7
Package's Recommends field is empty.
Package's Suggests field is empty.
>From da8487d7794b0239e12121e70c45628a08c35f32 Mon Sep 17 00:00:00 2001
From: Lionel Landwerlin <[email protected]>
Date: Sun, 21 Nov 2010 04:33:44 +0100
Subject: [PATCH] strpull: fix wrong usage of strcpy
strcpy cannot be used with source and destination overlapping, with
optimized implementations this might led to inconsistencies.
Signed-off-by: Lionel Landwerlin <[email protected]>
---
src/libmhe/strq.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/libmhe/strq.c b/src/libmhe/strq.c
index 00b51c7..f303d84 100644
--- a/src/libmhe/strq.c
+++ b/src/libmhe/strq.c
@@ -96,9 +96,11 @@ void strpush(char *s, int n)
void strpull(char *s, int n)
{
- if(n > strlen(s))
+ int l = strlen(s);
+
+ if(n > l)
n = strlen(s);
- strcpy(s, s+n);
+ memmove(s, s+n, l-n+1);
}
/* returns number of C in STR */
--
1.7.2.3
--- End Message ---
--- Begin Message ---
Source: yafc
Source-Version: 1.1.1.dfsg.1-4.1
We believe that the bug you reported is fixed in the latest version of
yafc, which is due to be installed in the Debian FTP archive:
yafc_1.1.1.dfsg.1-4.1.diff.gz
to main/y/yafc/yafc_1.1.1.dfsg.1-4.1.diff.gz
yafc_1.1.1.dfsg.1-4.1.dsc
to main/y/yafc/yafc_1.1.1.dfsg.1-4.1.dsc
yafc_1.1.1.dfsg.1-4.1_amd64.deb
to main/y/yafc/yafc_1.1.1.dfsg.1-4.1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sebastian Ramacher <[email protected]> (supplier of updated yafc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 04 Aug 2011 16:55:52 +0200
Source: yafc
Binary: yafc
Architecture: source amd64
Version: 1.1.1.dfsg.1-4.1
Distribution: unstable
Urgency: low
Maintainer: Decklin Foster <[email protected]>
Changed-By: Sebastian Ramacher <[email protected]>
Description:
yafc - yet another FTP client
Closes: 553874 601758 604190
Changes:
yafc (1.1.1.dfsg.1-4.1) unstable; urgency=low
.
* Non-maintainer upload.
* Change Build-Dep libreadline5-dev to libreadline-dev. (Closes: #553874)
* Add patch from Mats Erik Andersson to fix FTBFS on GNU/kFreeBSD. (Closes:
#601758)
* Add patch from Lionel Landwerlin to fix wrong usage of strcpy. (Closes:
#604190)
Checksums-Sha1:
d1f1171f37c28316e3dde5f6c125068da8b6b1f6 1028 yafc_1.1.1.dfsg.1-4.1.dsc
bbc15c06b8d322e729164dfc264708050cf3a739 11446 yafc_1.1.1.dfsg.1-4.1.diff.gz
8fdc755185d1629cbb39a5bfbdd4413c6bf468d9 156076 yafc_1.1.1.dfsg.1-4.1_amd64.deb
Checksums-Sha256:
8db4974f163fb071e2262b642eb504b240f0c606b5862c8cc243e1b6ee0b71be 1028
yafc_1.1.1.dfsg.1-4.1.dsc
766c308aa4cfa4db71c27af4541cbb320efe83658700c7afe50c62e9312b332a 11446
yafc_1.1.1.dfsg.1-4.1.diff.gz
58d049881e3df6f4936e0b6fbc214d14a7a4c6489312b849f6e46b40c5f64f01 156076
yafc_1.1.1.dfsg.1-4.1_amd64.deb
Files:
bc38ae35e1f4b74f5f6df0b643bb5af9 1028 net optional yafc_1.1.1.dfsg.1-4.1.dsc
c12cbdd6f7608e5e6b5fdaa0c416619b 11446 net optional
yafc_1.1.1.dfsg.1-4.1.diff.gz
9ba8e5fa03e35dbf59f6be9ae13ffcc3 156076 net optional
yafc_1.1.1.dfsg.1-4.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iD8DBQFOPAq4vdkzt4X+wX8RAoYkAJ4nFVC7+veSCAMUvFLNy9JzKnCJkACfRF3t
10Hd9oEoR6NxXHYg5H9QEw8=
=0NSX
-----END PGP SIGNATURE-----
--- End Message ---
