Your message dated Sat, 12 Nov 2005 13:36:25 +0100
with message-id <[EMAIL PROTECTED]>
has caused the Debian Bug report #338720,
regarding ydpdict: Passing user input directly to the printf-like function
causes SEGFAULT
to be marked as having been forwarded to the upstream software
author(s) Wojtek Kaniewski <[EMAIL PROTECTED]>.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
---------------------------------------
Received: (at 338720-forwarded) by bugs.debian.org; 12 Nov 2005 12:37:12 +0000
>From [EMAIL PROTECTED] Sat Nov 12 04:37:12 2005
Return-path: <[EMAIL PROTECTED]>
Received: from starnet.skynet.com.pl ([213.25.173.230]
helo=skynet.skynet.com.pl)
by spohr.debian.org with esmtp (Exim 4.50)
id 1Eaud5-0002Yz-Jj
for [EMAIL PROTECTED]; Sat, 12 Nov 2005 04:37:12 -0800
Received: from system858917513.mtvk.pl ([85.89.175.13] helo=localhost)
by skynet.skynet.com.pl with asmtp (Exim 3.35 #1 (Debian))
id 1Eaucx-00045G-00; Sat, 12 Nov 2005 13:37:03 +0100
Received: from porridge by localhost with local (Exim 4.54)
id 1EaucL-0007Ze-NY; Sat, 12 Nov 2005 13:36:25 +0100
Date: Sat, 12 Nov 2005 13:36:25 +0100
From: Marcin Owsiany <[EMAIL PROTECTED]>
To: Wojtek Kaniewski <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: [EMAIL PROTECTED]: Bug#338720: ydpdict: Passing user input directly to
the printf-like function causes SEGFAULT]
Message-ID: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="45Z9DzgjV8m4Oswq"
Content-Disposition: inline
User-Agent: Mutt/1.5.11
X-Scanner: exiscan *1Eaucx-00045G-00*6WxWKMpV2FE*
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER,
HAS_PACKAGE autolearn=ham version=2.60-bugs.debian.org_2005_01_02
--45Z9DzgjV8m4Oswq
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Hi Wojtek!
Attached is a format string bug report I received. Please keep the CC
line when replying.
Marcin
--
Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/
GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
"Every program in development at MIT expands until it can read mail."
-- Unknown
--45Z9DzgjV8m4Oswq
Content-Type: message/rfc822
Content-Disposition: inline
Return-path: <[EMAIL PROTECTED]>
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on kufelek
X-Spam-Level:
X-Spam-Status: No, score=-0.8 required=4.2 tests=BAYES_00,
DATE_IN_FUTURE_06_12,FORGED_RCVD_HELO,UNPARSEABLE_RELAY autolearn=no
version=3.1.0
Envelope-to: [EMAIL PROTECTED]
Delivery-date: Sat, 12 Nov 2005 12:49:40 +0100
Received: from [127.0.0.1] (helo=localhost)
by localhost with esmtp (Exim 4.54)
id 1Eats9-0004VQ-CK
for [EMAIL PROTECTED]; Sat, 12 Nov 2005 12:48:41 +0100
Received: from skynet.com.pl [213.25.173.230]
by localhost with POP3 (fetchmail-6.2.5)
for [EMAIL PROTECTED] (single-drop); Sat, 12 Nov 2005 12:48:41 +0100
(CET)
Received: from spohr.debian.org ([140.211.166.43] ident=Debian-exim)
by skynet.skynet.com.pl with esmtp (Exim 3.35 #1 (Debian))
id 1EatOa-0001fZ-00
for <[EMAIL PROTECTED]>; Sat, 12 Nov 2005 12:18:08 +0100
Received: from debbugs by spohr.debian.org with local (Exim 4.50)
id 1EatOW-0004t8-96; Sat, 12 Nov 2005 03:18:04 -0800
X-Loop: [EMAIL PROTECTED]
Subject: Bug#338720: ydpdict: Passing user input directly to the printf-like
function causes SEGFAULT
Reply-To: Jakub Wilk <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Resent-From: Jakub Wilk <[EMAIL PROTECTED]>
Resent-To: [email protected]
Resent-CC: [EMAIL PROTECTED], Marcin Owsiany <[EMAIL PROTECTED]>
Resent-Date: Sat, 12 Nov 2005 11:18:02 UTC
Resent-Message-ID: <[EMAIL PROTECTED]>
X-Debian-PR-Message: report 338720
X-Debian-PR-Package: ydpdict
X-Debian-PR-Keywords: patch
Received: via spool by [EMAIL PROTECTED] id=B.113179297028429
(code B ref -1); Sat, 12 Nov 2005 11:18:02 UTC
Received: (at submit) by bugs.debian.org; 12 Nov 2005 10:56:10 +0000
Received: from mx.go2.pl ([193.17.41.41] helo=poczta.o2.pl)
by spohr.debian.org with esmtp (Exim 4.50)
id 1Eat3J-0007CB-Fl
for [EMAIL PROTECTED]; Sat, 12 Nov 2005 02:56:09 -0800
Received: from localhost (chello212186156216.chello.pl [212.186.156.216])
(using TLSv1 with cipher AES256-SHA (256/256 bits))
(No client certificate requested)
by poczta.o2.pl (Postfix) with ESMTP id C30221376C1;
Sat, 12 Nov 2005 11:56:05 +0100 (CET)
Date: Sat, 12 Nov 2005 11:56:04 +0100
From: Jakub Wilk <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
X-Compose-Date: Sat, 12 Nov 2005 11:53:36 +0100
X-Reportbug-Version: 3.17
User-Agent: Mutt/1.5.9i
Delivered-To: [EMAIL PROTECTED]
X-Non-Melina-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Non-Melina-Spam-Level:
X-Non-Melina-Spam-Status: No, hits=-10.5 required=4.0
tests=BAYES_00,HAS_PACKAGE,
RCVD_IN_SORBS,X_DEBBUGS_CC autolearn=ham
version=2.60-bugs.debian.org_2005_01_02
Resent-Sender: Debian BTS <[EMAIL PROTECTED]>
Resent-Date: Sat, 12 Nov 2005 03:18:04 -0800
X-Scanner: exiscan *1EatOa-0001fZ-00*hIK/yehfwec*
X-PolSpam: nie
Package: ydpdict
Version: 0.63-1
Severity: normal
Tags: patch
Calling
ydpdict -w %s
causes SEGFAULT.
The patch below fixes this bug.
diff -ur ydpdict-0.63-org/src/ydpdict.c ydpdict-0.63-new/src/ydpdict.c
--- ydpdict-0.63-org/src/ydpdict.c 2004-05-31 11:44:37.000000000 +0200
+++ ydpdict-0.63-new/src/ydpdict.c 2005-11-12 11:16:50.000000000 +0100
@@ -822,12 +822,12 @@
for (y = 0; y < (ysize - 4); y++) {
wattrset(wordwin, y == menu ? A_REVERSE : A_NORMAL);
mvwprintw(wordwin, y + 1, 0, " ");
- mvwprintw(wordwin, y + 1, 1, convert_plain(strncpy(buf,
words[pos + y], sizeof(buf) - 1), charset, 0));
+ mvwprintw(wordwin, y + 1, 1, "%s", convert_plain(strncpy(buf,
words[pos + y], sizeof(buf) - 1), charset, 0));
}
wattrset(wordwin, exact ? A_BOLD : A_NORMAL);
mvwprintw(wordwin, 0, 0, "[__________________]");
- mvwprintw(wordwin, 0, 1, convert_plain(strncpy(buf, input, sizeof(buf)
- 1), charset, 0));
+ mvwprintw(wordwin, 0, 1, "%s", convert_plain(strncpy(buf, input,
sizeof(buf) - 1), charset, 0));
wattrset(wordwin, A_NORMAL);
wmove(wordwin, 0, menux + 1);
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (900, 'testing'), (600, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/dash
Kernel: Linux 2.6.14
Locale: LANG=C, LC_CTYPE=pl_PL (charmap=ISO-8859-2)
Versions of packages ydpdict depends on:
ii libc6 2.3.5-6 GNU C Library: Shared libraries an
ii libncurses5 5.4-9 Shared libraries for terminal hand
ydpdict recommends no packages.
-- no debconf information
--
Jakub Wilk
--45Z9DzgjV8m4Oswq--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
