Package: xsel Version: 1.2.0-2 Followup-For: Bug #758599 Control: tags -1 patch
Dear Maintainer, While going through the list of patches available for this package in Fedora, I found one that fixes this bug. There was another patch available for an unrelated bug, which has not been logged in Debian. I haven't tried reproducing this bug, but I do think it applies to Debian as well. The fix has apparently already been accepted upstream, but not yet released. You might want to include this in the next release as well. The patches are attached. Regards, Carlos -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (990, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages xsel depends on: ii libc6 2.19-15 ii libx11-6 2:1.6.2-3 xsel recommends no packages. xsel suggests no packages. -- no debconf information
From: Carlos Maddela <[email protected]> Date: Sun, 22 Feb 2015 03:53:37 +1100 Subject: Fix large pastes Description: Fix large pastes Fix memory corruption when selection > 4000 bytes. Author: Hans de Goede <[email protected]> Origin: Fedora, http://pkgs.fedoraproject.org/cgit/xsel.git/tree/xsel-1.2.0-fix-large-pastes.patch Bug: http://bugs.debian.org/758599 Forwarded: no Last-Update: 2015-02-22 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ --- xsel.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/xsel.c b/xsel.c index a0c7d4e..e6d1060 100644 --- a/xsel.c +++ b/xsel.c @@ -505,7 +505,8 @@ get_append_property (XSelectionEvent * xsl, unsigned char ** buffer, debug_property (D_TRACE, xsl->requestor, xsl->property, target, length); - if (target != XA_STRING) { + if (target != utf8_atom && target != XA_STRING && + target != compound_text_atom) { print_debug (D_OBSC, "target %s not XA_STRING in get_append_property()", get_atom_name (target)); free (*buffer);
From: Carlos Maddela <[email protected]> Date: Sun, 22 Feb 2015 04:29:45 +1100 Subject: Fix xsel overflow of supported_targets array Description: Fix xsel overflow of supported_targets array Author: Hans de Goede <[email protected]> Origin: Fedora, http://pkgs.fedoraproject.org/cgit/xsel.git/tree/xsel-1.2.0-MAX_NUM_TARGETS.patch Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=690214 Last-Update: 2015-02-22 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ --- xsel.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/xsel.c b/xsel.c index e6d1060..ce829aa 100644 --- a/xsel.c +++ b/xsel.c @@ -68,7 +68,7 @@ static Atom compound_text_atom; /* The COMPOUND_TEXT atom */ * NB. We do not currently serve COMPOUND_TEXT; we can retrieve it but do not * perform charset conversion. */ -#define MAX_NUM_TARGETS 8 +#define MAX_NUM_TARGETS 9 static int NUM_TARGETS; static Atom supported_targets[MAX_NUM_TARGETS]; @@ -2101,6 +2101,11 @@ main(int argc, char *argv[]) supported_targets[s++] = XA_STRING; NUM_TARGETS++; + if (NUM_TARGETS > MAX_NUM_TARGETS) { + exit_err ("internal error num-targets (%d) > max-num-targets (%d)\n", + NUM_TARGETS, MAX_NUM_TARGETS); + } + /* Get the COMPOUND_TEXT atom. * NB. We do not currently serve COMPOUND_TEXT; we can retrieve it but * do not perform charset conversion.

