Package: diction Version: 1.10~rc4-1 Severity: important Tags: patch When supplied a specific text file (taken from The Register), the 'style' tool accesses memory beyond an array. The code fails to account for the fact that the 'size' of the array is exclusive, not inclusive. When the number of lengths is not a power of 2 (*3) this isn't a problem because the next entry in the array is 0. When the number of sentences in the array is exactly that (eg 3* (2^8) = 48) an invalid access occurs.
The text which was a problem should be attached. The text is sourced from http://www.theregister.co.uk/2011/10/26/michael_posner_at_svhrc/ Example output from 'style test.txt': ... 48% (14) short sentences (at most 18 words) 65606038% (147874770) long sentences (at least 33 words) 17 paragraphs, average length 1.7 sentences ... Example output from 'valgrind style test.txt': ... 48% (14) short sentences (at most 18 words) ==24891== Invalid read of size 4 ==24891== at 0x8049833: main (style.c:975) ==24891== Address 0x41910a8 is 0 bytes after a block of size 192 alloc'd ==24891== at 0x4023E8C: realloc (vg_replace_malloc.c:429) ==24891== by 0x804A2BB: style (style.c:83) ==24891== by 0x804AFB7: sentence (sentence.c:265) ==24891== by 0x80490AF: main (style.c:927) 20% (6) long sentences (at least 33 words) 17 paragraphs, average length 1.7 sentences ... A small change to the calculation code to not exceed the limits of the array is necessary. At the same time the initial point at which the length of lines are counted from needs to be corrected as the array is 0-based, such that the count of 1 lines is at [0]. My fix patch was: ----8<---- diff -wu diction-1.10~rc4/style.c diction-1.10~rc4jf/style.c --- diction-1.10~rc4/style.c 2006-06-09 08:31:33.000000000 +0100 +++ diction-1.10~rc4jf/style.c 2011-10-26 19:57:34.000000000 +0100 @@ -969,7 +969,7 @@ for (i=0,shortSent=0; i<=shortLength; ++i) shortSent+=lengths.data[i]; printf(_(" %d%% (%d) short sentences (at most %d words)\n"),100*shortSent/sentences,shortSent,shortLength); longLength=((double)words)/sentences+10.5; - for (i=longLength,longSent=0; i<=lengths.size; ++i) longSent+=lengths.data[i]; + for (i=longLength-1,longSent=0; i<lengths.size; ++i) longSent+=lengths.data[i]; printf(_(" %d%% (%d) long sentences (at least %d words)\n"),100*longSent/sentences,longSent,longLength); printf(_(" %d paragraphs, average length %.1f sentences\n"),paragraphs,((double)sentences)/paragraphs); printf(_(" %d%% (%d) questions\n"),100*questions/sentences,questions); ----8<---- after application of patch valgrind does not show invalid accesses and the figures look sensible. -- System Information: Debian Release: 5.0.7 APT prefers oldstable APT policy: (500, 'oldstable') Architecture: i386 (i686) Kernel: Linux 2.6.38 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages diction depends on: ii libc6 2.7-18lenny7 GNU C Library: Shared libraries diction recommends no packages. diction suggests no packages. -- no debconf information
A top US government official believes that the internet is under fierce attack by authoritarian governments worldwide, and that the situation is rapidly deteriorating. "Today we face a series of challenges at the intersection of human rights, connected technologies, business, and government. It's a busy intersection - and a lot of people want to put up traffic lights," said US Assistant Secretary of State Michael Posner, speaking at the Silicon Valley Human Rights Conference in San Francisco on Tuesday. While the so-called "Arab Spring" may have proved the power of the internet to inform and unite repressed populations - an idea that Google's public policy honcho dismissed as "hype" - Posner believes that it also awakened repressive governments to the need to more tightly control communication among their citizens. "The result has been more censorship, more surveillance, and more restrictions," Posner said. Michael Posner, US Assistant Secretary of State for Democracy, Human Rights, and Labor In the past, those governments were content to set up firewalls to block content they disliked - or feared - from coming into their countries. Now, Posner said, they're using many more - and more sophisticated - tools, including deep-packet inspection and key-logger software. "They are exerting over-broad state control over content, users, and over companies," he said, "and they're trying to change national and international legal standards to legitimize it all." As an example of an attempt at usurping control, he cited an effort at the UN last month in which China and Russia were joined by Tajikistan and Uzbeckistan in an effort to impose what Posner called "an international code of conduct for information security." According to Posner, that effort - if successful - would "shift cyberspace away from being a multi-stakeholder, people-driven model, to a system dominated by centralized government control." Iran, for example, hides its internet-controlling effort under the warm, fuzzy, Muslim term "halal internet". Posner also warned against various groups' calls for a "hate-free internet" - whether they be well-intentioned or motivated by a desire for thought control. And as information communications technology moves ever deeper into less-developed countries, Posner sees the problems increasing. "These are the places where repressive regimes are getting hold of the latest, greatest Western technologies and using them to spy on their own citizens for purposes of silencing dissent," he said. "Journalists, bloggers and activists are of course the primary targets." >From his point of view, governments in some of these emerging markets "appear fiercely determined to control what people do online." Tweets without Twitter Directing his remarks to the industry members in his audience, he suggested that they stay in touch with the other half of the crowd: activists, journalists, and bloggers who can provide early warnings of oppression and surveillence. Those worthies, Posner said, are "the canaries in your coal mine." He noted that "for the record, I offer that same advice to the very governments who often shoot the instant messenger by going out and jailing bloggers instead of listening to the valuable information they convey." The private sector has a reponsibility to defend personal freedom, Posner said - adding that "the private sector is more powerful than ever." He praised the vibrancy of the tech sector, and of its global reach. "Many people here have made it their life's work not only to develop transformative technologies but also to put them in the hands of people in places where digital empowerment is leaps ahead of political or financial or educational empowerment," he said. "Never have great ideas gone from dream to global distribution so quickly." But it's not enough to make great products. Creative minds also need to protect the freedom of the internet. "So I challenge each of you to work with us to help figure out what can happen next, what must happen next, to preserve the Internet as we know it," he said. "Or the autocrats will figure it out for us." After all, he said, "With great code comes great responsibility." A transcript of Posner's remarks can be found on the US Department of State website. (R)
