Your message dated Sun, 4 Dec 2005 16:26:09 -0500
with message-id <[EMAIL PROTECTED]>
and subject line fixed-but-not-closed by recent upload
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 9 Jul 2005 23:34:37 +0000
>From [EMAIL PROTECTED] Sat Jul 09 16:34:37 2005
Return-path: <[EMAIL PROTECTED]>
Received: from ms-smtp-03.nyroc.rr.com [24.24.2.57] 
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1DrOq5-0001Pi-00; Sat, 09 Jul 2005 16:34:29 -0700
Received: from andromeda (cpe-69-202-136-66.twcny.res.rr.com [69.202.136.66] 
(may be forged))
        by ms-smtp-03.nyroc.rr.com (8.12.10/8.12.10) with ESMTP id 
j69NYRP4019107
        for <[EMAIL PROTECTED]>; Sat, 9 Jul 2005 19:34:27 -0400 (EDT)
Received: from pryzbyj by andromeda with local (Exim 3.36 #1 (Debian))
        id 1DrOq2-0004qP-00
        for <[EMAIL PROTECTED]>; Sat, 09 Jul 2005 19:34:26 -0400
Date: Sat, 9 Jul 2005 19:34:26 -0400
To: [EMAIL PROTECTED]
Subject: apt-spy: arbitrary length limits
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="d6Gm4EdcadzBjdND"
Content-Disposition: inline
User-Agent: Mutt/1.5.9i
From: Justin Pryzby <[EMAIL PROTECTED]>
X-Virus-Scanned: Symantec AntiVirus Scan Engine
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
        autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 


--d6Gm4EdcadzBjdND
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Package: apt-spy
Severity: important
Tags: patch

apt-spy has arbitrary length limits, like a URL size of 80 characters,
and a line length of 100 characters.  The included patch removes those
limitations (and its application implicitly Closes: #315120).

Justin

--d6Gm4EdcadzBjdND
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="apt-spy.remove-arbitrary-limits"

Only in apt-spy-3.1.jp5: apt-spy
Only in apt-spy-3.1.jp5: build-stamp
Only in apt-spy-3.1.jp5: configure-stamp
diff -ur apt-spy-3.1/include/parse.h apt-spy-3.1.jp5/include/parse.h
--- apt-spy-3.1/include/parse.h 2005-07-08 20:48:09.000000000 -0400
+++ apt-spy-3.1.jp5/include/parse.h     2005-07-09 13:22:23.000000000 -0400
@@ -3,8 +3,7 @@
 #ifndef __PARSE_H
 #define __PARSE_H
 
-#define FTP 0
-#define HTTP 1
+enum protocol { FTP, HTTP };
 
 /* hack */
 extern int BESTNUMBER;
@@ -15,9 +14,9 @@
 };
 
 struct server_struct {
-       char    hostname[80];
-       char    path[2][80];
-       char    url[2][80];
+       char    *hostname;
+       char    *path[2];
+       char    *url[2];
        struct  stats_struct stats;
 };
 
diff -ur apt-spy-3.1/include/protocols.h apt-spy-3.1.jp5/include/protocols.h
--- apt-spy-3.1/include/protocols.h     2005-07-08 20:48:09.000000000 -0400
+++ apt-spy-3.1.jp5/include/protocols.h 2005-07-09 13:23:25.000000000 -0400
@@ -3,6 +3,8 @@
 #ifndef __PROTOCOLS_H
 #define __PROTOCOLS_H
 
-int get_file(server_t *current, CURL *curl, char *file, int protocol, size_t 
*total_bytes);
+#include "parse.h" /* enum protocol */
+
+int get_file(server_t *current, CURL *curl, char *file, enum protocol 
protocol, size_t *total_bytes);
 
 #endif
diff -ur apt-spy-3.1/parse.c apt-spy-3.1.jp5/parse.c
--- apt-spy-3.1/parse.c 2005-07-08 20:48:09.000000000 -0400
+++ apt-spy-3.1.jp5/parse.c     2005-07-09 19:29:09.000000000 -0400
@@ -8,6 +8,7 @@
 char *str_toupper(char *str);
 
 #include <stdio.h>
+#include <assert.h>
 #include <unistd.h>
 #include <string.h>
 #include <stdlib.h>
@@ -226,28 +227,32 @@
        char *line, *save_line;
        char *creation, *save_creation;
        int counter = 0;
+       int len;
+
+       /* First, we read in a line from the file */
+       save_line = line = next_entry(mirror_list);
 
        /* Allocate space for creation */
-       save_creation = creation = malloc(100);
+       len=5+strlen(line);
+       save_creation = creation = malloc(len);
 
        if (creation == NULL) {
                perror("malloc");
                exit(1);
        }
 
-
-       /* First, we read in a line from the file */
-       save_line = line = next_entry(mirror_list);
-
        /* test for file error */
        if (ferror(mirror_list)) {
                perror("fopen");
+               free(save_creation);
                return NULL;
        }
        
        /* If the line begins with a space, we assume it is empty and the list 
is exhausted. */
-       if (isspace(*line) != 0)
+       if (isspace(*line) != 0) {
+               free(save_creation);
                return NULL;
+       }
 
        /* We now read the server name into "creation" */
        while (isspace(*line) == 0)
@@ -290,50 +295,83 @@
 void tokenise(server_t *current, char *cur_entry)
 {
        char *temp;     /* We use this for temporary string-pointing :P */
+       static char null_string[]="";
 
        /* We initialise the structure to 0 */
        memset(current, 0, sizeof(*current));
 
        /* First, we copy the server name into the struct. */
+       current->hostname=malloc(strlen(cur_entry));
+       if (!current->hostname) {
+               perror("malloc");
+               exit(1);
+       }
+
        temp = current->hostname;
        while (*cur_entry != ':')
                *temp++ = *cur_entry++;
 
        *temp++ = '\0';         /* Turn into string */
+       current->hostname=realloc(current->hostname, 
1+strlen(current->hostname));
+       if (!current->hostname) {
+               perror("realloc");
+               exit(1);
+       }
 
        /* We now check for an ftp entry and copy it in */
        if (*(++cur_entry) != ':') {
+               current->path[FTP]=malloc(strlen(cur_entry));
+               if (!current->path[FTP]) {
+                       perror("malloc");
+                       exit(1);
+               }
                temp = current->path[FTP];              
                while (*cur_entry != ':')
                        *temp++ = *cur_entry++;
                        
                *temp++ = '\0';
-       }
+               current->path[FTP]=realloc(current->path[FTP], 
1+strlen(current->path[FTP]));
+               if (!current->path[FTP]) {
+                       perror("malloc");
+                       exit(1);
+               }
+       } else current->path[FTP]=null_string;
 
        /* And now check for HTTP entry */
        if (*(++cur_entry) != ':') {
+               current->path[HTTP]=malloc(strlen(cur_entry));
+               if (!current->path[HTTP]) {
+                       perror("malloc");
+                       exit(1);
+               }
                temp = current->path[HTTP];
                while (*cur_entry != ':')
                        *temp++ = *cur_entry++;
                        
                *temp++ = '\0';
-       }
+               current->path[HTTP]=realloc(current->path[HTTP], 
1+strlen(current->path[HTTP]));
+               if (!current->path[HTTP]) {
+                       perror("realloc");
+                       exit(1);
+               }
+       } else current->path[HTTP]=null_string;
 
        /* We're done for now */
 }
 
 int write_list(FILE *outfile_p, server_t *best, char *dist)
 {
-       char url[100];
+       char *url;
 
        /* Make our mark ;) */
        fprintf(outfile_p, "# sources.list generated by apt-spy %s\n", 
apt_spy_v);
 
        /* Copy URL information */
-       if (best[0].stats.protocol == FTP)
-               strncpy(url, best[0].url[FTP], 100);
-       else
-               strncpy(url, best[0].url[HTTP], 100);
+       if (best[0].stats.protocol == FTP) url=best[0].url[FTP];
+       else {
+               assert(best[0].stats.protocol == HTTP);
+               url=best[0].url[HTTP];
+       }
 
        /* And write the line */
        fprintf(outfile_p, "deb %s %s main\n", url, dist);
diff -ur apt-spy-3.1/protocol.c apt-spy-3.1.jp5/protocol.c
--- apt-spy-3.1/protocol.c      2005-07-08 20:48:09.000000000 -0400
+++ apt-spy-3.1.jp5/protocol.c  2005-07-09 18:33:06.000000000 -0400
@@ -4,15 +4,18 @@
  */
 
 #include <string.h>
+#include <assert.h>
+#include <stdlib.h>
 #include <curl/curl.h>
 
 #include "include/parse.h"
 #include "include/protocols.h"
 
-int get_file(server_t *current, CURL *curl, char *file, int protocol, size_t 
*total_bytes)
+int get_file(server_t *current, CURL *curl, char *file, enum protocol 
protocol, size_t *total_bytes)
 {
        char errorbuff[CURL_ERROR_SIZE + 1];
-       char url[250];
+       int urlsize=0;
+       char *url;
        double download_speed;
        double download_time;
        int error;
@@ -23,38 +26,46 @@
        /* Give us human readable error messages in errorbuff */
        if (curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuff) != 0)
                return 1;
-       
-       /* Create the URL... */
-       if (protocol == HTTP)
-               strcpy(url, "http://";); 
-       else 
-               strcpy(url, "ftp://";);
 
-       strncat(url, current->hostname, 80);
+       assert(HTTP==protocol || FTP==protocol);
+       
urlsize=8+strlen(current->hostname)+strlen(current->path[protocol])+strlen(file);
+       url=malloc(urlsize);
+       if (!url) {
+               perror("malloc");
+               exit(1);
+       }
+
+       if (HTTP==protocol)     strcpy(url, "http://";);
+       else if (FTP==protocol) strcpy(url, "ftp://";);
        
+       strcat(url, current->hostname);
+
        /* Complete the URL. Also save it for later use when writing 
sources.list */
        if (protocol == HTTP) {
-               strncat(url, current->path[HTTP], 80);
-               strncpy(current->url[HTTP], url, 80);
-       }
-       else {
-               strncat(url, current->path[FTP], 80);
-               strncpy(current->url[FTP], url, 80);
+               strcat(url, current->path[HTTP]);
+               current->url[HTTP]=strdup(url);
+       } else {
+               strcat(url, current->path[FTP]);
+               current->url[FTP]=strdup(url);
        }
 
-       strncat(url, file, 80);
+       strcat(url, file);
        
        /* And register it */
-       if (curl_easy_setopt(curl, CURLOPT_URL, url) != 0)
+       if (curl_easy_setopt(curl, CURLOPT_URL, url) != 0) {
+               free(url);
                return 1;
+       }
        
        /* Now do the actual transfer */
        error = curl_easy_perform(curl);
        if (error != 0) {
                if (error != CURLE_OPERATION_TIMEDOUT) {
+                       free(url);
                        fprintf(stderr, "\t\tError: %s\n", errorbuff);
                        return 1;
                } else if (*total_bytes == 0) {
+                       free(url);
                        fprintf(stderr, "\t\tError: %s\n", errorbuff);
                        return 1;
                }                       
@@ -65,6 +76,7 @@
 
        if (*total_bytes == 0) {
                fprintf(stderr, "\t\tNo data was transfered\n");
+               free(url);
                return 1;
        }
                                                        
@@ -79,5 +91,7 @@
                current->stats.speed = download_speed;
                current->stats.protocol = protocol;
        }       
+
+       free(url);
        return 0;
 }

--d6Gm4EdcadzBjdND--

---------------------------------------
Received: (at 317591-done) by bugs.debian.org; 4 Dec 2005 21:26:15 +0000
>From [EMAIL PROTECTED] Sun Dec 04 13:26:15 2005
Return-path: <[EMAIL PROTECTED]>
Received: from ms-smtp-02.nyroc.rr.com ([24.24.2.56])
        by spohr.debian.org with esmtp (Exim 4.50)
        id 1Ej1N9-0002LJ-8A
        for [EMAIL PROTECTED]; Sun, 04 Dec 2005 13:26:15 -0800
Received: from andromeda (cpe-69-202-136-66.twcny.res.rr.com [69.202.136.66])
        by ms-smtp-02.nyroc.rr.com (8.12.10/8.12.10) with ESMTP id 
jB4LQCDK009899
        for <[EMAIL PROTECTED]>; Sun, 4 Dec 2005 16:26:12 -0500 (EST)
Received: from pryzbyj by andromeda with local (Exim 4.54)
        id 1Ej1N5-00039O-5v
        for [EMAIL PROTECTED]; Sun, 04 Dec 2005 16:26:11 -0500
Date: Sun, 4 Dec 2005 16:26:09 -0500
To: [EMAIL PROTECTED]
Subject: fixed-but-not-closed by recent upload
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.9i
From: Justin Pryzby <[EMAIL PROTECTED]>
X-Virus-Scanned: Symantec AntiVirus Scan Engine
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no 
        version=2.60-bugs.debian.org_2005_01_02

Version: 3.1-14

This bug is fixed by apt-spy_3.1-14, but the changelog entry was
broken:

    - Patch to fix the mirror file screwup which caused apy-spy to
      segfault every time. It removes some arbitrary limits. (Closes:
      #315120 #317591)

-- 
Clear skies,
Justin


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to