Hi Andreas,
I think "simply waiting for the fixed version" is the best strategy. The
bug was something picked up as a warning by a research compiler as a
hypothetical concern, and does not actually cause a problem in real life.
Andy
On 3/19/13 3:22 AM, Andreas Tille wrote:
Hi Andy,
thanks for your helpful reply. Do you have any time estimation for
1.0.5? Please do not consider this question as nagging - I just want to
be able to decide whether "simply waiting for the fixed version" is the
proper strategy or whether we should apply a patch to 1.0.4 for the
Debian package meanwhile.
Many thanks
Andreas.
On Mon, Mar 18, 2013 at 11:24:01PM -0700, Andy Loening wrote:
Hi Andreas,
Thanks for the note, this will be corrected in 1.0.5.
The error doesn't actually trigger any problems because the variable
"color_table" is never used, so it won't be a problem even if it's
not fixed.
Thanks,
Andy
On 03/15/2013 02:50 AM, Andreas Tille wrote:
Hi Andy,
due to some QA checks in Debian the Amide package received a bug report
which I would like to inform you about. I admit we are lagging behind
your latest upstream version (because of Debian freeze for the next
release we hesitate to introduce other versions than currently beeing in
freeze) and the problem might be fixed or not but I would like to make
you aware of it in any case.
It would be great if you could issue some statement like
- Is fixed in 1.0.4 or
- Will be fixed in 1.0.5 or
- Please be more verbose / provide a patch or
- Something else
Kind regards and thanks for providing Amide as Free Software
Andreas.
On Thu, Mar 14, 2013 at 11:33:16PM +0000, Michael Tautschnig wrote:
Package: amide
Version: 1.0.1-1
Usertags: goto-cc
Building and type-checking the linked results using our research compiler
infrastructure showed the following wrong uses of amitk_color_table_menu_new:
./src/amitk_threshold.c: threshold->color_table_menu[i_view_mode] =
amitk_color_table_menu_new();
./src/ui_preferences_dialog.c: menu = amitk_color_table_menu_new();
./src/ui_render_dialog.c: menu = amitk_color_table_menu_new();
This conflicts with the actual definition of amitk_color_table_menu_new:
./src/amitk_color_table_menu.c:GtkWidget *
amitk_color_table_menu_new(AmitkColorTable color_table) {
The result will necessarily cause a stack underflow, with entirely undefined
consequences (for any application with elevated privileges this is a possibly
security issue).
Best,
Michael
PS.: It may be wise to also adjust the declaration of
amitk_color_table_menu_new:
./src/amitk_color_table_menu.h:GtkWidget* amitk_color_table_menu_new
();
(but this is actually entirely covered by the C standard and not necessarily a
bug - it just stops the compiler from producing proper diagnostics).
_______________________________________________
Debian-med-packaging mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-packaging
_______________________________________________
Debian-med-packaging mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-packaging
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
