Your message dated Mon, 23 Feb 2026 09:48:13 +0000
with message-id <[email protected]>
and subject line Bug#1123081: Removed package(s) from unstable
has caused the Debian Bug report #558750,
regarding Improvment: Check return value of sscanf
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
558750: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558750
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: webalizer
Version: 2.01.10-32
Severity: wishlist
Tags: patch
Hi,
I think this patch makes the parsing of the database webalizer.current
more robust.
Bye, Jörg.
From 097a8409475bc25c88cf10dd6d715d0ba6371c46 Mon Sep 17 00:00:00 2001
Message-Id: <097a8409475bc25c88cf10dd6d715d0ba6371c46.1259165262.git.joerg.som...@ateo.de>
In-Reply-To: <ecff2b0815768dc2b1897390adc3e9e68a0c5689.1259165261.git.joerg.som...@ateo.de>
References: <ecff2b0815768dc2b1897390adc3e9e68a0c5689.1259165261.git.joerg.som...@ateo.de>
From: =?utf-8?q?J=C3=B6rg=20Sommer?= <[email protected]>
Date: Wed, 25 Nov 2009 15:16:18 +0100
Subject: [PATCH 3/5] New Patch to check the return value of sscanf in preserve.c
---
debian/patches/00list | 1 +
debian/patches/23_check_sscanf_return.dpatch | 46 ++++++++++++++++++++++++++
2 files changed, 47 insertions(+), 0 deletions(-)
create mode 100644 debian/patches/23_check_sscanf_return.dpatch
diff --git a/debian/patches/00list b/debian/patches/00list
index 053219e..8d40347 100644
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -20,3 +20,4 @@
20_fix_capital_letter_option
21_remove_-v_option
22_php_as_htm_in_sample.conf
+23_check_sscanf_return.dpatch
diff --git a/debian/patches/23_check_sscanf_return.dpatch b/debian/patches/23_check_sscanf_return.dpatch
new file mode 100644
index 0000000..0bcd158
--- /dev/null
+++ b/debian/patches/23_check_sscanf_return.dpatch
@@ -0,0 +1,46 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 23_check_sscanf_return.dpatch by Jörg Sommer <[email protected]>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Bug # showed that it's better to check this return value the be
+## DP: sure to really have read what we've expected.
+
+@DPATCH@
+diff --git a/preserve.c b/preserve.c
+index a93ae86..181a53d 100644
+--- a/preserve.c
++++ b/preserve.c
+@@ -575,10 +575,12 @@ int restore_state()
+ if (!isdigit((int)buffer[0])) return 8; /* error exit */
+
+ /* load temporary node data */
+- sscanf(buffer,"%d %lld %lld %lf %lld %lld %lf %lf",
+- &t_hnode.flag,&t_hnode.count,
+- &t_hnode.files, &t_hnode.xfer,
+- &t_hnode.visit, &t_hnode.tstamp, &t_hnode.ixfer, &t_hnode.oxfer);
++ if (sscanf(buffer,"%d %lld %lld %lf %lld %lld %lf %lf",
++ &t_hnode.flag,&t_hnode.count,
++ &t_hnode.files, &t_hnode.xfer,
++ &t_hnode.visit, &t_hnode.tstamp,
++ &t_hnode.ixfer, &t_hnode.oxfer) != 8)
++ return 8; /* error exit */
+
+ /* get last url */
+ if ((fgets(buffer,BUFSIZE,fp)) == NULL) return 8; /* error exit */
+@@ -616,10 +618,12 @@ int restore_state()
+ if (!isdigit((int)buffer[0])) return 9; /* error exit */
+
+ /* load temporary node data */
+- sscanf(buffer,"%d %lld %lld %lf %lld %lld %lf %lf",
+- &t_hnode.flag,&t_hnode.count,
+- &t_hnode.files, &t_hnode.xfer,
+- &t_hnode.visit, &t_hnode.tstamp, &t_hnode.ixfer, &t_hnode.oxfer);
++ if (sscanf(buffer,"%d %lld %lld %lf %lld %lld %lf %lf",
++ &t_hnode.flag,&t_hnode.count,
++ &t_hnode.files, &t_hnode.xfer,
++ &t_hnode.visit, &t_hnode.tstamp,
++ &t_hnode.ixfer, &t_hnode.oxfer) != 8)
++ return 8; /* error exit */
+
+ /* get last url */
+ if ((fgets(buffer,BUFSIZE,fp)) == NULL) return 9; /* error exit */
--
1.6.3.3
signature.asc
Description: Digital signature http://en.wikipedia.org/wiki/OpenPGP
--- End Message ---
--- Begin Message ---
Version: 2.23.08-3.3+rm
Dear submitter,
as the package webalizer has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see https://bugs.debian.org/1123081
The version of this package that was in Debian prior to this removal
can still be found using https://snapshot.debian.org/.
Please note that the changes have been done on the master archive and
will not propagate to any mirrors until the next dinstall run at the
earliest.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].
Debian distribution maintenance software
pp.
Thorsten Alteholz (the ftpmaster behind the curtain)
--- End Message ---
