Package: xjdic Version: 24-10 Severity: normal xjdic may trigger a buffer overflow on long definitions when looking up plain form verbs, which occurs when fed an inflected verb in kanji form:
$ echo '出て' | xjdic [...] *** buffer overflow detected ***: xjdic terminated [...] Aborted The overflow happens in Vlookup(), at xjdfrontend.c, line 1155: vline is just too short, at 250 bytes, for some of the longest definitions. (出る seems to be the most extreme case, at 1129 bytes.) -- System Information: Debian Release: 9.0 APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.8.0-2-amd64 (SMP w/3 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages xjdic depends on: pn edict:all <none> pn kanjidic:all <none> ii libc6 2.24-9 Versions of packages xjdic recommends: ii kterm 6.2.0-46.2 xjdic suggests no packages. -- no debconf information
