Bug#1041166: Source debdiff

RW Penney Mon, 17 Jul 2023 21:51:13 -0700

Apologies - original submission did not include a debdiff on the*source* packages.


Hopefully this attachment will remedy that.

diff -Nru cryptmount-6.2.0/debian/changelog cryptmount-6.2.0/debian/changelog
--- cryptmount-6.2.0/debian/changelog   2023-01-07 16:30:00.000000000 +0000
+++ cryptmount-6.2.0/debian/changelog   2023-07-15 10:41:30.000000000 +0100
@@ -1,3 +1,11 @@
+cryptmount (6.2.0-1+deb12u1) bookworm; urgency=low
+
+  * Fix for memory-initialization in command-line parser (bug#1038384)
+    - one-line change to source-code, replacing malloc() with calloc()
+    - reduces risk of SEGV crashes when handling unrecognized command-line 
options
+
+ -- RW Penney <rwpen...@users.sourceforge.net>  Sat, 15 Jul 2023 10:30:00 +0000
+
 cryptmount (6.2.0-1) unstable; urgency=low
 
   * New upstream release
diff -Nru cryptmount-6.2.0/debian/patches/getopt-initialization.patch 
cryptmount-6.2.0/debian/patches/getopt-initialization.patch
--- cryptmount-6.2.0/debian/patches/getopt-initialization.patch 1970-01-01 
01:00:00.000000000 +0100
+++ cryptmount-6.2.0/debian/patches/getopt-initialization.patch 2023-07-01 
08:05:21.000000000 +0100
@@ -0,0 +1,14 @@
+Description: Fix memory initialization error in command-line parser
+Author: RW Penney <rwpen...@users.sourceforge.net>
+Forwarded: not-needed
+--- a/cryptmount.c
++++ b/cryptmount.c
+@@ -1372,7 +1372,7 @@
+ #ifdef _GNU_SOURCE
+     struct option *longopts;
+ 
+-    longopts = (struct option*)malloc((n_options + 1) * sizeof(struct 
option));
++    longopts = (struct option*)calloc(n_options + 1, sizeof(struct option));
+     for (i=0; i<n_options; ++i) {
+         longopts[i].name =      opt_table[i].longopt;
+         longopts[i].has_arg =   ((opt_table[i].flags & NEEDS_ARG)
diff -Nru cryptmount-6.2.0/debian/patches/series 
cryptmount-6.2.0/debian/patches/series
--- cryptmount-6.2.0/debian/patches/series      2023-01-07 16:30:00.000000000 
+0000
+++ cryptmount-6.2.0/debian/patches/series      2023-07-15 10:47:36.000000000 
+0100
@@ -1,4 +1,5 @@
 docfiles-pathnames.patch
+getopt-initialization.patch
 systemd-paths.patch
 install-example-cmtab.patch
 init.d-script.patch
diff -Nru cryptmount-6.2.0/debian/watch cryptmount-6.2.0/debian/watch
--- cryptmount-6.2.0/debian/watch       2023-01-07 16:30:00.000000000 +0000
+++ cryptmount-6.2.0/debian/watch       2023-07-15 10:33:54.000000000 +0100
@@ -8,4 +8,4 @@
 # Location of cryptographic signature of upstream package:
 opts=pgpsigurlmangle=s/$/.asc/ \
 https://github.com/rwpenney/cryptmount/tags \
-(?:|.*/)[vV]?(\d\S*)@ARCHIVE_EXT@
+(?:|.*/)cryptmount-[vV]?(\d\S*)@ARCHIVE_EXT@

Bug#1041166: Source debdiff

Reply via email to