Your message dated Sun, 19 Oct 2025 20:37:15 +0000
with message-id <[email protected]>
and subject line Bug#1118149: fixed in passwordsafe 1.22.0+dfsg-1
has caused the Debian Bug report #1118149,
regarding passwordsafe: Please cherry-pick upstream patch to fix unaligned
access
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1118149: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118149
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: passwordsafe
Version: 1.21.0+dfsg-1.1
Severity: normal
Tags: patch upstream
User: [email protected]
Usertags: sparc64
X-Debbugs-Cc: [email protected]
Hi,
passwordsafe currently FTBFS on sparc64 due to unaligned access [1]:
The following tests FAILED:
1 - cli-test (Bus error)
2 - Coretests (Bus error)
Errors while running CTest
This has been fixed by the upstream developers in [2].
While the crash does not affect other architectures at first sight, this
bug might be related to the crash reported in #1071155 [3], so it might
be worth a try to include the fix from [2].
NB: Patches from GitHub pull request can be obtained by adding a ".patch"
suffix to the URL of the pull request in [2].
Thanks,
Adrian
> [1]
> https://buildd.debian.org/status/fetch.php?pkg=passwordsafe&arch=sparc64&ver=1.21.0%2Bdfsg-1.1&stamp=1757581195&raw=0
> [2] https://github.com/pwsafe/pwsafe/pull/1623
> [3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071155
--
.''`. John Paul Adrian Glaubitz
: :' : Debian Developer
`. `' Physicist
`- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
>From d07604bd3a490d7624fc0e3b381d507ea63a3141 Mon Sep 17 00:00:00 2001
From: ronys <[email protected]>
Date: Sun, 12 Oct 2025 17:22:05 +0300
Subject: [PATCH 1/6] sparc64 - Fixed alignment problem in
PWSrand::NextRandBlock()
There are probably more...
---
src/core/PWSrand.cpp | 17 ++++++++++++-----
1 file changed, 12 insertions(+), 5 deletions(-)
diff --git a/src/core/PWSrand.cpp b/src/core/PWSrand.cpp
index be324123c7..9813469fd6 100644
--- a/src/core/PWSrand.cpp
+++ b/src/core/PWSrand.cpp
@@ -64,14 +64,21 @@ void PWSrand::NextRandBlock()
SHA256 s;
s.Update(K, sizeof(K));
s.Final(R);
- unsigned int *Kp = reinterpret_cast<unsigned int *>(K);
- unsigned int *Rp = reinterpret_cast<unsigned int *>(R);
- const int N = SHA256::HASHLEN / sizeof(uint32);
- Kp[0]++;
+ constexpr int N = SHA256::HASHLEN / sizeof(uint32);
+
+ // Use temporary buffers to avoid alignment issues
+ uint32 Ktemp[N], Rtemp[N];
+
+ std::memcpy(Ktemp, K, sizeof(Ktemp));
+ std::memcpy(Rtemp, R, sizeof(Rtemp));
+
+ Ktemp[0]++;
for (int32 i = 0; i < N; i++)
- Kp[i] += Rp[i];
+ Ktemp[i] += Rtemp[i];
+
+ std::memcpy(K, Ktemp, sizeof(Ktemp));
}
void PWSrand::GetRandomData( void * const buffer, unsigned long length )
>From 9860c33a5c6fb001b53d4beaa6d215f289dbad1c Mon Sep 17 00:00:00 2001
From: ronys <[email protected]>
Date: Sun, 12 Oct 2025 17:39:21 +0300
Subject: [PATCH 2/6] Now compiles under Linux...
---
src/core/PWSrand.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/core/PWSrand.cpp b/src/core/PWSrand.cpp
index 9813469fd6..93c0f358aa 100644
--- a/src/core/PWSrand.cpp
+++ b/src/core/PWSrand.cpp
@@ -6,6 +6,7 @@
* http://www.opensource.org/licenses/artistic-license-2.0.php
*/
#include <limits>
+#include <cstring> // for std::memcpy
#include "os/rand.h"
#include "PwsPlatform.h"
>From 1a188c451cf3e042a23846f525603b2d32e98fef Mon Sep 17 00:00:00 2001
From: ronys <[email protected]>
Date: Sun, 12 Oct 2025 18:01:22 +0300
Subject: [PATCH 3/6] sparc64 - Fixed alignment problem in
CItemData::DeSerializePlainText()
---
src/core/ItemData.cpp | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/core/ItemData.cpp b/src/core/ItemData.cpp
index 74c716b122..456666b772 100644
--- a/src/core/ItemData.cpp
+++ b/src/core/ItemData.cpp
@@ -24,7 +24,7 @@
#include "os/pws_tchar.h"
#include "os/utf8conv.h"
-#include <ctime>
+#include <cstring>
#include <sstream>
#include <iomanip>
#include <algorithm>
@@ -2068,7 +2068,8 @@ bool CItemData::DeSerializePlainText(const
std::vector<char> &v)
return true; // happy end
}
- uint32 len = *(reinterpret_cast<const uint32 *>(&(*iter)));
+ uint32 len = 0;
+ std::memcpy(&len, &(*iter), sizeof(len));
ASSERT(len < v.size()); // sanity check
iter += sizeof(uint32);
>From e1d3da7992e9ab76ea695861f49aa56683d37e44 Mon Sep 17 00:00:00 2001
From: ronys <[email protected]>
Date: Sun, 12 Oct 2025 18:06:50 +0300
Subject: [PATCH 4/6] sparc64 - Fixed unrelated sanity check in
CItemData::DeSerializePlainText()
---
src/core/ItemData.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/ItemData.cpp b/src/core/ItemData.cpp
index 456666b772..1d6eee13ca 100644
--- a/src/core/ItemData.cpp
+++ b/src/core/ItemData.cpp
@@ -2053,7 +2053,7 @@ bool CItemData::DeSerializePlainText(const
std::vector<char> &v)
while (iter != v.end()) {
unsigned char type = *iter++;
- if (static_cast<uint32>(distance(v.end(), iter)) < sizeof(uint32)) {
+ if (static_cast<uint32>(distance(iter, v.end())) < sizeof(uint32)) {
ASSERT(0); // type must ALWAYS be followed by length
return false;
}
>From 6d1fa4091f13ba4710d485705074f446c1c530e6 Mon Sep 17 00:00:00 2001
From: ronys <[email protected]>
Date: Sun, 12 Oct 2025 18:17:37 +0300
Subject: [PATCH 5/6] sparc64 - Fixed HOTP::Generate()
---
src/core/crypto/hotp.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/core/crypto/hotp.h b/src/core/crypto/hotp.h
index 21fedcb773..b8098438d3 100644
--- a/src/core/crypto/hotp.h
+++ b/src/core/crypto/hotp.h
@@ -13,6 +13,7 @@
#include <vector>
#include <cmath>
+#include <cstring> // for memcpy
#include "../Util.h"
#include "hmac.h"
@@ -39,7 +40,8 @@ class HOTP
Digest digest(HMACGenerator::HASH_LENGTH);
hmacGenerator.Final(&digest[0]);
int index = digest[HMACGenerator::HASH_LENGTH - 1] & 0x0F;
- uint32_t code = *reinterpret_cast<uint32_t*>(&digest[0] + index);
+ uint32_t code = 0;
+ std::memcpy(&code, &digest[0] + index, sizeof(code));
#ifdef PWS_LITTLE_ENDIAN
byteswap(code);
#endif
>From 2a0a815280e0a0f8297f5809a323d8ccb78ebc33 Mon Sep 17 00:00:00 2001
From: ronys <[email protected]>
Date: Sun, 12 Oct 2025 18:27:20 +0300
Subject: [PATCH 6/6] sparc64 - Fixed PWSrand::RandUInt()
---
src/core/PWSrand.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/PWSrand.cpp b/src/core/PWSrand.cpp
index 93c0f358aa..83e1dcfbd3 100644
--- a/src/core/PWSrand.cpp
+++ b/src/core/PWSrand.cpp
@@ -128,8 +128,8 @@ unsigned int PWSrand::RandUInt()
ibRandomData = 0;
}
- const unsigned int u =
- *(reinterpret_cast<uint32 *>(rgbRandomData + ibRandomData));
+ unsigned int u = 0;
+ std::memcpy(&u, rgbRandomData + ibRandomData, sizeof(uint32));
ibRandomData += sizeof(uint32);
return u;
}
--- End Message ---
--- Begin Message ---
Source: passwordsafe
Source-Version: 1.22.0+dfsg-1
Done: William Blough <[email protected]>
We believe that the bug you reported is fixed in the latest version of
passwordsafe, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
William Blough <[email protected]> (supplier of updated passwordsafe package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 19 Oct 2025 15:15:53 -0400
Source: passwordsafe
Architecture: source
Version: 1.22.0+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: William Blough <[email protected]>
Changed-By: William Blough <[email protected]>
Closes: 1118149
Changes:
passwordsafe (1.22.0+dfsg-1) unstable; urgency=medium
.
* New upstream version 1.22.0+dfsg
* Add upstream patch to fix unaligned access, closes: 1118149
Checksums-Sha1:
5cb9a745d12cf557252a75cf80c8e300ca430f94 2545 passwordsafe_1.22.0+dfsg-1.dsc
a4b64fd81be9c20ff2004d9ba1fdd6db88cc8372 11148504
passwordsafe_1.22.0+dfsg.orig.tar.xz
d0a1fc6afa68e60e3b014a1a4c6a1a6da4afdb9d 20340
passwordsafe_1.22.0+dfsg-1.debian.tar.xz
032f68cd97e7b5de43461289dfc4374b99de16ca 12596
passwordsafe_1.22.0+dfsg-1_amd64.buildinfo
Checksums-Sha256:
bfd3e66a7793d778e62f92539b863010524c72ecc89f3617850a3a8d3b544bf0 2545
passwordsafe_1.22.0+dfsg-1.dsc
93a36919f16f945585b72946e0563b8edc44d9320b9ef7b997c233cdddb64352 11148504
passwordsafe_1.22.0+dfsg.orig.tar.xz
d14cabb489a395dfc4130d551c973a8c57292a81ef98797445b5d64064f3783b 20340
passwordsafe_1.22.0+dfsg-1.debian.tar.xz
11a18f74839e6602b22aeb0597a3383a608e4163bca20522b6026f4b8e383f7e 12596
passwordsafe_1.22.0+dfsg-1_amd64.buildinfo
Files:
58a60b845c4714d75b06c1687ef91328 2545 utils optional
passwordsafe_1.22.0+dfsg-1.dsc
0b74c4d90acda4d43b26a57941ff024d 11148504 utils optional
passwordsafe_1.22.0+dfsg.orig.tar.xz
a63e42fc7924564c49c3fdc90e190054 20340 utils optional
passwordsafe_1.22.0+dfsg-1.debian.tar.xz
38fbb415f36b0c1bda6a748c74f63cae 12596 utils optional
passwordsafe_1.22.0+dfsg-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKnBAEBCgCRFiEEJXjSPd76bZ5rVv2gNeEe5JHS9UwFAmj1QbVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDI1
NzhEMjNEREVGQTZEOUU2QjU2RkRBMDM1RTExRUU0OTFEMkY1NEMTHGJibG91Z2hA
ZGViaWFuLm9yZwAKCRA14R7kkdL1THy/D/4iateiMB/DGbvnvjaLMfMyEg1F/Ij0
wx05nlf5bfY0aui4MlbXVIc1g9lRoMWXPQpORUxpeffpqeVev5ovLMcI4E1WyjDH
bVDjSUsXnd2kRWyJ9/VLePWAV86xGj/RjSSTrv171DsVVcIF7jh41oNbUNHIaMOM
Kku8SazrgJ2mQTsuxL5Jl70Vtu5w6ApAWw1QtIllFCmVx+8yXA/JnaItIiWebkwk
Kv+WivVLarswzK8HubCJq3rg3zxN43TzCBbCty9VXiqrJvNUwW3IssqBZ1+zLMFc
S4PUiIlMDRt4anOQUrhw0SwGqAybDfVr4aUbBnHHm50N2A2hxEaKDpFMGivKbENV
VT8LMAhn1Fj65AvWv9NaBGcJGP+D7veE+hNUqgIdrvRrn0nbaE0wIWpnSC9GXCKX
JbhzlnSGECH/htckUMJ6txlCsbQhtddfljOI0NXobjbY6dY23kLylvbZH1XoGukM
raxAIWliLvWJmVqSMjTN+Y+RZraKKeoX6wvmw4Rpu/vv57b4Or6sCUwZzS8Wmc4T
IKhcAjnNVyzjkIepazJzUPnJQFHoSlC0ocNciMXNopevMsjonOaKEI9sWubCoLup
FJ//8gHeQds76VCMZZ6KkcYPbpa/bLcG7pwnvi/5ojo9dvlwsPyaD5nKqqZV5Hwb
bAktGS1nP1H6Eg==
=pNmF
-----END PGP SIGNATURE-----
pgpsibrk1vsRs.pgp
Description: PGP signature
--- End Message ---
