Apologies - original submission did not include a debdiff on the
*source* packages.
Hopefully this attachment will remedy that.
diff -Nru cryptmount-6.2.0/debian/changelog cryptmount-6.2.0/debian/changelog
--- cryptmount-6.2.0/debian/changelog 2023-01-07 16:30:00.000000000 +0000
+++ cryptmount-6.2.0/debian/changelog 2023-07-15 10:41:30.000000000 +0100
@@ -1,3 +1,11 @@
+cryptmount (6.2.0-1+deb12u1) bookworm; urgency=low
+
+ * Fix for memory-initialization in command-line parser (bug#1038384)
+ - one-line change to source-code, replacing malloc() with calloc()
+ - reduces risk of SEGV crashes when handling unrecognized command-line
options
+
+ -- RW Penney <rwpen...@users.sourceforge.net> Sat, 15 Jul 2023 10:30:00 +0000
+
cryptmount (6.2.0-1) unstable; urgency=low
* New upstream release
diff -Nru cryptmount-6.2.0/debian/patches/getopt-initialization.patch
cryptmount-6.2.0/debian/patches/getopt-initialization.patch
--- cryptmount-6.2.0/debian/patches/getopt-initialization.patch 1970-01-01
01:00:00.000000000 +0100
+++ cryptmount-6.2.0/debian/patches/getopt-initialization.patch 2023-07-01
08:05:21.000000000 +0100
@@ -0,0 +1,14 @@
+Description: Fix memory initialization error in command-line parser
+Author: RW Penney <rwpen...@users.sourceforge.net>
+Forwarded: not-needed
+--- a/cryptmount.c
++++ b/cryptmount.c
+@@ -1372,7 +1372,7 @@
+ #ifdef _GNU_SOURCE
+ struct option *longopts;
+
+- longopts = (struct option*)malloc((n_options + 1) * sizeof(struct
option));
++ longopts = (struct option*)calloc(n_options + 1, sizeof(struct option));
+ for (i=0; i<n_options; ++i) {
+ longopts[i].name = opt_table[i].longopt;
+ longopts[i].has_arg = ((opt_table[i].flags & NEEDS_ARG)
diff -Nru cryptmount-6.2.0/debian/patches/series
cryptmount-6.2.0/debian/patches/series
--- cryptmount-6.2.0/debian/patches/series 2023-01-07 16:30:00.000000000
+0000
+++ cryptmount-6.2.0/debian/patches/series 2023-07-15 10:47:36.000000000
+0100
@@ -1,4 +1,5 @@
docfiles-pathnames.patch
+getopt-initialization.patch
systemd-paths.patch
install-example-cmtab.patch
init.d-script.patch
diff -Nru cryptmount-6.2.0/debian/watch cryptmount-6.2.0/debian/watch
--- cryptmount-6.2.0/debian/watch 2023-01-07 16:30:00.000000000 +0000
+++ cryptmount-6.2.0/debian/watch 2023-07-15 10:33:54.000000000 +0100
@@ -8,4 +8,4 @@
# Location of cryptographic signature of upstream package:
opts=pgpsigurlmangle=s/$/.asc/ \
https://github.com/rwpenney/cryptmount/tags \
-(?:|.*/)[vV]?(\d\S*)@ARCHIVE_EXT@
+(?:|.*/)cryptmount-[vV]?(\d\S*)@ARCHIVE_EXT@