Your message dated Tue, 11 Mar 2025 07:51:39 +0100
with message-id <[email protected]>
and subject line ogdi-dfsg issues
has caused the Debian Bug report #751607,
regarding ogdi-dfsg: dyn_SelectLayer passes literal struct instead of
pointer-to-struct
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
751607: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751607
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ogdi-dfsg
Version: 3.2.0~beta2-7.1
Usertags: goto-cc
During an analysis of all Debian packages using our research compiler tool-chain
(using tools from the cbmc package) the following error was found:
When invoking vpf_close_table here
http://sources.debian.net/src/ogdi-dfsg/3.2.0~beta2-7.1/ogdi/driver/vrf/vrf.c?hl=504#L504
the struct itself is passed as argument rather than the expected
pointer-to-struct (missing & operator); line 414 has the same problem, but is
currently #if 0-disabled.
As a result, the first member of the struct will be interpreted as a pointer to
that struct, which happens to be a char pointer - as such buffer overflows are
to be expected.
Best,
Michael
pgpwHGPfDwgZR.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
tags 716225 wontfix
tags 751607 wontfix
tags 583203 wontfix
tags 1097501 wontfix
thanks
OGDI support is being removed from GDAL 3.11, we will then also remove the
package.
Kind Regards,
Bas
--
GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
--- End Message ---
