Your message dated Fri, 12 Feb 2016 10:23:54 +0000 with message-id <[email protected]> and subject line Bug#690827: fixed in kinput2 3.1-13 has caused the Debian Bug report #690827, regarding kinput2-wnn uses unintialized memory area to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 690827: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690827 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: kinput2-wnn Version: 3.1-10.3 Severity: important Tags: patch Dear Maintainer, *** Please consider answering these questions, where appropriate *** * What led up to the situation? I was debugging mozila thunderbird issue and suspected a problem in XIM protocol handling somewhere in kinput2-wnn and jserver. (It turns out libX11 itself has a problem, but I will report it separately.) * What exactly did you do (or not do) that was effective (or ineffective)? I ran kinput2-wnn under valgrind when valgrind warned of usage of uninitialized memory are. * What was the outcome of this action? Hard to tell. It could lead to a random strange behavior. * What outcome did you expect instead? kinput2-wnn should not cause uninitialized memory usage. *** End of the template - remove these lines *** -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.39-2-686-pae (SMP w/1 CPU core) Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages kinput2-wnn depends on: ii debconf [debconf-2.0] 1.5.46 ii freewnn-common 1.1.1~a021+cvs20100325-6 ii kinput2-common 3.1-10.3 ii libc6 2.13-35 ii libice6 2:1.0.8-2 ii libsm6 2:1.2.1-2 ii libwnn6-1 1.0.0-14.2+b1 ii libx11-6 2:1.5.0-1 ii libxaw7 2:1.0.10-2 ii libxext6 2:1.3.1-2 ii libxmu6 2:1.1.1-1 ii libxpm4 1:3.5.10-1 ii libxt6 1:1.1.3-1 Versions of packages kinput2-wnn recommends: ii xfonts-base 1:1.0.3 Versions of packages kinput2-wnn suggests: ii freewnn-jserver 1.1.1~a021+cvs20100325-6 -- debconf information: shared/kinput2/wnn/keybindings: Egg The following patch contains the fix (see bzero() in two places in imxport.c) as well as fixing the use of sprintf with snprintf, and inclusion of stdlib to properly declare free/malloc/realloc [gcc complained about mismatched prototypes.] diff -ur kinput2-v3.1/lib/ConvCtrl.c kinput2-v3.1-CI-mods/lib/ConvCtrl.c --- kinput2-v3.1/lib/ConvCtrl.c 2002-10-03 18:35:27.000000000 +0900 +++ kinput2-v3.1-CI-mods/lib/ConvCtrl.c 2012-10-12 13:46:34.000000000 +0900 @@ -18,6 +18,7 @@ * Author: Makoto Ishisone, Software Research Associates, Inc., Japan */ +#include <stdio.h> #include <X11/IntrinsicP.h> #include <X11/StringDefs.h> #include <X11/Xmu/CharSet.h> @@ -1247,7 +1248,8 @@ params[0] = XtClass(w)->core_class.class_name; num_params = 1; - (void)sprintf(buf, "%%s: %s", msg); + /*FIXED with snprintf */ + (void)snprintf(buf, 512, "%%s: %s", msg); XtAppErrorMsg(XtWidgetToApplicationContext(w), name, type, "WidgetError", buf, params, &num_params); Only in kinput2-v3.1-CI-mods/lib: ConvCtrl.c.orig Only in kinput2-v3.1-CI-mods/lib: ConvCtrl.o Only in kinput2-v3.1-CI-mods/lib: ConvDisp.o Only in kinput2-v3.1-CI-mods/lib: ConvMgr.o Only in kinput2-v3.1-CI-mods/lib: ICLabel.o Only in kinput2-v3.1-CI-mods/lib: IMProto.o Only in kinput2-v3.1-CI-mods/lib: InputConv.o diff -ur kinput2-v3.1/lib/KIProto.c kinput2-v3.1-CI-mods/lib/KIProto.c --- kinput2-v3.1/lib/KIProto.c 2002-10-03 18:35:28.000000000 +0900 +++ kinput2-v3.1-CI-mods/lib/KIProto.c 2012-10-12 13:45:13.000000000 +0900 @@ -18,6 +18,8 @@ * Author: Makoto Ishisone, Software Research Associates, Inc., Japan */ +/* for sprintf() prototype. */ +#include <stdio.h> #include <X11/IntrinsicP.h> #include <X11/StringDefs.h> #include <X11/Xatom.h> @@ -314,10 +316,11 @@ Display *dpy = XtDisplay((Widget)kpw); char buf[256]; - (void)sprintf(buf, "_%s_CONVERSION", kpw->kinput.language); + /* FIXED with snprintf */ + (void)snprintf(buf, 256, "_%s_CONVERSION", kpw->kinput.language); kpw->kinput.convAtom = XInternAtom(dpy, buf, False); if (kpw->kinput.backward_compatible) { - (void)sprintf(buf, "%s_CONVERSION", kpw->kinput.language); + (void)snprintf(buf, 256, "%s_CONVERSION", kpw->kinput.language); kpw->kinput.oldConvAtom = XInternAtom(dpy, buf, False); } else { kpw->kinput.oldConvAtom = None; @@ -331,7 +334,7 @@ kpw->kinput.convNotifyAtom = MAKEATOM("CONVERSION_NOTIFY"); kpw->kinput.convEndAtom = MAKEATOM("CONVERSION_END"); - (void)sprintf(buf, "%s_CONVERSION_VERSION", kpw->kinput.language); + (void)snprintf(buf, 256, "%s_CONVERSION_VERSION", kpw->kinput.language); kpw->kinput.convVersionAtom = XInternAtom(dpy, buf, False); kpw->kinput.convInitialTypeAtom = MAKEATOM("CONVERSION_INITIAL_TYPE"); kpw->kinput.convOpenNotifyAtom = MAKEATOM("CONVERSION_OPEN_NOTIFY"); Only in kinput2-v3.1-CI-mods/lib: KIProto.o Only in kinput2-v3.1-CI-mods/lib: Makefile Only in kinput2-v3.1-CI-mods/lib: OffConv.o Only in kinput2-v3.1-CI-mods/lib: OnConv.o Only in kinput2-v3.1-CI-mods/lib: OverConv.o Only in kinput2-v3.1-CI-mods/lib: WcharDisp.o Only in kinput2-v3.1-CI-mods/lib: XimpProto.c.orig Only in kinput2-v3.1-CI-mods/lib: XimpProto.o Only in kinput2-v3.1-CI-mods/lib/Xsj3clib: Makefile Only in kinput2-v3.1-CI-mods/lib: asyncerr.o Only in kinput2-v3.1-CI-mods/lib: cachedatom.o Only in kinput2-v3.1-CI-mods/lib: cachedfont.o diff -ur kinput2-v3.1/lib/cconv.c kinput2-v3.1-CI-mods/lib/cconv.c --- kinput2-v3.1/lib/cconv.c 2002-10-03 18:35:28.000000000 +0900 +++ kinput2-v3.1-CI-mods/lib/cconv.c 2012-10-12 13:29:38.000000000 +0900 @@ -604,6 +604,7 @@ #endif #include <stdio.h> +#include <stdlib.h> #include <X11/Xlib.h> #include <X11/keysym.h> #include <X11/Xutil.h> Only in kinput2-v3.1-CI-mods/lib: cconv.o Only in kinput2-v3.1-CI-mods/lib: ctext.c.orig Only in kinput2-v3.1-CI-mods/lib: ctext.o Only in kinput2-v3.1-CI-mods/lib: dispatch.o Only in kinput2-v3.1-CI-mods/lib: fontbank.o Only in kinput2-v3.1-CI-mods/lib: fontset.o Only in kinput2-v3.1-CI-mods/lib/imlib: Makefile Only in kinput2-v3.1-CI-mods/lib/imlib: imattr.c.orig Only in kinput2-v3.1-CI-mods/lib/imlib: imattr.o Only in kinput2-v3.1-CI-mods/lib/imlib: imbuf.o Only in kinput2-v3.1-CI-mods/lib/imlib: imconv.o Only in kinput2-v3.1-CI-mods/lib/imlib: imdata.o Only in kinput2-v3.1-CI-mods/lib/imlib: imdispatch.o Only in kinput2-v3.1-CI-mods/lib/imlib: imfuncs.h.orig Only in kinput2-v3.1-CI-mods/lib/imlib: imic.o Only in kinput2-v3.1-CI-mods/lib/imlib: improto.o Only in kinput2-v3.1-CI-mods/lib/imlib: imrequest.o diff -ur kinput2-v3.1/lib/imlib/imxport.c kinput2-v3.1-CI-mods/lib/imlib/imxport.c --- kinput2-v3.1/lib/imlib/imxport.c 2002-10-03 18:35:31.000000000 +0900 +++ kinput2-v3.1-CI-mods/lib/imlib/imxport.c 2012-10-12 14:28:27.000000000 +0900 @@ -355,6 +355,9 @@ if ((length = IMBUFLEN(ibp)) == 0) return TRANSPORT_OK; + /*FIXME: repl time field? */ + bzero(&repl, sizeof(repl)); + repl.type = ClientMessage; repl.window = client_win; @@ -569,6 +572,10 @@ TRACE(("IMXConnection()\n")); + /* FIXME: repl time ? */ + bzero(&repl, sizeof(repl)); + + if (event->type != ClientMessage || event->display != dpy || event->window != XtWindow(protocol) || @@ -609,6 +616,7 @@ repl.data.l[1] = ServerMajorTransportVersion; repl.data.l[2] = ServerMinorTransportVersion; repl.data.l[3] = XTransportDividingSize; + /* make it safe... */ h = XAESetIgnoreErrors(dpy); XSendEvent(dpy, client_window, False, NoEventMask, (XEvent *)&repl); Only in kinput2-v3.1-CI-mods/lib/imlib: imxport.o Only in kinput2-v3.1-CI-mods/lib/imlib: libim.a diff -ur kinput2-v3.1/lib/ioecall.c kinput2-v3.1-CI-mods/lib/ioecall.c --- kinput2-v3.1/lib/ioecall.c 2002-10-03 18:35:28.000000000 +0900 +++ kinput2-v3.1-CI-mods/lib/ioecall.c 2012-10-12 13:42:58.000000000 +0900 @@ -23,6 +23,7 @@ */ #include <stdio.h> +#include <stdlib.h> #include <X11/Xlib.h> #include <X11/Xfuncproto.h> #include "IOECall.h" Only in kinput2-v3.1-CI-mods/lib: ioecall.o Only in kinput2-v3.1-CI-mods/lib: libKi2.a Only in kinput2-v3.1-CI-mods/lib: parsekey.o Only in kinput2-v3.1-CI-mods/lib: wnnlib.o Only in kinput2-v3.1-CI-mods/lib: wstring.o Only in kinput2-v3.1-CI-mods/lib: xtwstr.o Only in kinput2-v3.1-CI-mods/lib: xwstr.o Only in kinput2-v3.1-CI-mods/: reset_state.patch Only in kinput2-v3.1-CI-mods/sj3def: Makefile Only in kinput2-v3.1-CI-mods/: t-add.txt
--- End Message ---
--- Begin Message ---Source: kinput2 Source-Version: 3.1-13 We believe that the bug you reported is fixed in the latest version of kinput2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Adam Borowski <[email protected]> (supplier of updated kinput2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 12 Feb 2016 11:09:01 +0100 Source: kinput2 Binary: kinput2-common kinput2-canna kinput2-wnn kinput2-canna-wnn Architecture: source Version: 3.1-13 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <[email protected]> Changed-By: Adam Borowski <[email protected]> Description: kinput2-canna - input server for X11 applications that want Japanese text input kinput2-canna-wnn - input server for X11 applications that want Japanese text input kinput2-common - Files shared among kinput2 packages kinput2-wnn - input server for X11 applications that want Japanese text input Closes: 690827 808493 Changes: kinput2 (3.1-13) unstable; urgency=medium . * QA upload. * Fix FTBFS due to getline() (closes: #808493). * Apply a patch by ishikawa to fix a bunch of uninitialized memory uses and buffer overflows (closes: #690827). * Improve short descriptions. * Make debian/rules more up-to-date (debhelper 9, dh_prep, build-arch). * Pass dpkg-buildflags. Checksums-Sha1: 61886bf382e04f480399dc8cc1c06fe905fb21b5 1624 kinput2_3.1-13.dsc e629ea2b42aeeab2344acabe20f66d91dd3da5a9 17001 kinput2_3.1-13.diff.gz Checksums-Sha256: 51c93ffabff30a651db7ff9f525f07f03b0d85c8705b279eb93e7f8f21896da9 1624 kinput2_3.1-13.dsc 2fecd76040a34f9953719043ffddac05e48999ee940447d905d8d620aa51d966 17001 kinput2_3.1-13.diff.gz Files: ef49757eb859e5280fbcf2cc8881ed62 1624 x11 optional kinput2_3.1-13.dsc d3ef63abf69b9815f54442bbb8046b33 17001 x11 optional kinput2_3.1-13.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJWva90AAoJECw7Q2/qxoEBmpcH/03G51fyTc2waG966gfbt0qC H3J3Rn//dGqKs+lqgJKehcQsEzHgjaZS7v7qoyKd9AnsBvlu3xcFfCF/hpKRsjmc BiEf/8htrfP8p2qJcmXd1bDMQ1Cx6iCu8HxNf3kmfEiG6AoVyBCCd/GHEhq1JgPH KcXx7Q4E+q5giU9lx/JajoncHIzGWWDio7dPqqiPhNTpt1iwbkWykyXzPoAV0q4G fkZkn7pfAnLUP+X5Fnb5vFr904qbrM5fyAZT/ZFISYO4hixGeBre6ccA80ClJRKH +/6R74FAxTRdF7h4YjnUJSC1OPGZSgbFzaMUPbh1OYL3v6061Ya2N2JAQrs5lbw= =yERD -----END PGP SIGNATURE-----
--- End Message ---
