Your message dated Fri, 16 Dec 2022 14:34:35 +0000
with message-id <[email protected]>
and subject line Bug#1003185: fixed in dialog 1.3-20220728-1
has caused the Debian Bug report #1003185,
regarding dialog: Dialog segfaults when passing large line to editbox
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1003185: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003185
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: dialog
Version: 1.3-20201126-1
Severity: normal
Dear Maintainer,
There is a segfault bug in the editbox widget. Specifically, the dialog
can segfault when typing a line that is longer than the --max-input.
Steps to reproduce:
1. Run: touch /tmp/foo && dialog --max-input 10 --editbox /tmp/foo 18 80
2. Type a very long string. In my system, it suffices to type a
40-character string.
The root cause of this bug seems to be a heap buffer overflow in the
editbox input buffer. The buffer overflow seems in turn to originate in
this line in dlg_editbox():
644 strncpy(buffer, input, max_len - 1)[max_len - 1] = '\0';
If the length of the string in the buffer and the cursor position (i.e.,
*chr_offset) are both equal to max_len, setting buffer[max_len - 1] to
\0 reduces the string length by one. This causes the cursor position to
exceed the string length. Since dlg_edit_string() checks only the string
length and not the cursor position, this leads eventually to buffer
overflow when typing new characters in the same line.
Note that this bug seems to be the same with the one reported a couple
of years ago here:
https://lists.gnu.org/archive/html/bug-ncurses/2019-06/msg00001.html
-- System Information:
Debian Release: 9.13
APT prefers stable
APT policy: (500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.4.0-91-generic (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8), LANGUAGE=en_US.UTF-8
Shell: /bin/sh linked to /bin/dash
Init: unable to detect
Versions of packages dialog depends on:
ii debianutils 4.8.1.1
ii libc6 2.31-13+deb11u2
ii libncursesw6 6.2+20201114-2
ii libtinfo6 6.2+20201114-2
dialog recommends no packages.
dialog suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: dialog
Source-Version: 1.3-20220728-1
Done: Santiago Vila <[email protected]>
We believe that the bug you reported is fixed in the latest version of
dialog, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Santiago Vila <[email protected]> (supplier of updated dialog package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 16 Dec 2022 14:40:00 +0100
Source: dialog
Architecture: source
Version: 1.3-20220728-1
Distribution: unstable
Urgency: medium
Maintainer: Santiago Vila <[email protected]>
Changed-By: Santiago Vila <[email protected]>
Closes: 1003185 1004868 1004874
Changes:
dialog (1.3-20220728-1) unstable; urgency=medium
.
* New upstream release.
* Fix segfault when passing large line to editbox. Closes: #1003185.
* Fix segfault when resizing menu. Closes: #1004868.
* Make --max-input work for sizes greater than 2048. Closes: #1004874.
* Add missing ${misc:Depends} to Depends field.
* Update standards version to 4.6.1.
* Trim trailing whitespace.
Checksums-Sha1:
a3661d36a27535af7da3233d185c6b0be292159a 1712 dialog_1.3-20220728-1.dsc
d1d0138d55de04cf54f8fe063bb7933efc075e75 568086 dialog_1.3-20220728.orig.tar.gz
e50c57a80f844a0596dbd10410d917c3c4443b7a 729
dialog_1.3-20220728.orig.tar.gz.asc
0605723cb5f38c29bd0c626448a4e8d476ab32f2 12484
dialog_1.3-20220728-1.debian.tar.xz
f066afb6e7075bd674ff8e8392361244f50dd30d 5436
dialog_1.3-20220728-1_source.buildinfo
Checksums-Sha256:
861dcf97b7058e49fc47b4fcaf0c79a79cd633b4deddf705a3d7324b8957fe56 1712
dialog_1.3-20220728-1.dsc
54418973d559a461b00695fafe68df62f2bc73d506b436821d77ca3df454190b 568086
dialog_1.3-20220728.orig.tar.gz
975e7f855eae69e9f8470ea575eebf572b751bbc89e0415118d84b849700fb93 729
dialog_1.3-20220728.orig.tar.gz.asc
bbb0afe839e576f5d308b40d66e070a0637aff8631e886d82d2fc35f39b841ad 12484
dialog_1.3-20220728-1.debian.tar.xz
8492fbf81c9011e50176e4d326784ac128e515eda7d4dd1ad165bb8c56a1fbca 5436
dialog_1.3-20220728-1_source.buildinfo
Files:
3c7643889337d1c800647b79b8ec1ed5 1712 misc optional dialog_1.3-20220728-1.dsc
86c432112b406dbcfeb331c65b3c5290 568086 misc optional
dialog_1.3-20220728.orig.tar.gz
0c8313b740cef1461ec3b888f9da91ed 729 misc optional
dialog_1.3-20220728.orig.tar.gz.asc
8a743e749772add505341a46560f3028 12484 misc optional
dialog_1.3-20220728-1.debian.tar.xz
eb37a0eac97854f70abeab508626e6cd 5436 misc optional
dialog_1.3-20220728-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE1Uw7+v+wQt44LaXXQc5/C58bizIFAmOcdkcACgkQQc5/C58b
izKowwf/dvMylqGYfAOQ5F+SOHz0KkMaeQVrudUZcnTX456CCg87MF069fHZEp5f
z9Xl0je/7o/PTMkCWPtz1grq+0Tkd84lEtyimuxiDxS91Xptf71mr+8yIlHNwOY8
CX7gqkLd0h5UvN+LtaImq92x0PQYyGJMsA9jrxpdiaheJ4Mzs2dH2+/YN2v5oK62
dQHG2ZVjRhE1Cge5sCdtsAHzBzCOtwzyzs7tPMZivBrgVfSSknaQk41EM+95oOeY
3GkMK6fdHDo2oj8dFwebfwbed6aOJ+6Jy9BG60rVHODFU2eBq9+DIK0WEBwf0L1g
LjmmO/YGtLDmK1/Uq4vBrAyZdGTvcw==
=Eprb
-----END PGP SIGNATURE-----
--- End Message ---
