Bug#456235: emacs22: Wrong encoding of UTF-8 characters

Nico Golde Sat, 15 Dec 2007 11:16:40 -0800

Hi,
attached are the NMU patches for emacs21 and emacs22 to fix 
this.
Kind regards
Nico


-- 
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

diff -u emacs22-22.1+1/debian/changelog emacs22-22.1+1/debian/changelog
--- emacs22-22.1+1/debian/changelog
+++ emacs22-22.1+1/debian/changelog
@@ -1,3 +1,12 @@
+emacs22 (22.1+1-2.3) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Updated CVE-2007-6109.diff to fix UTF-8 encoding
+    regression introduced by the previous patch from vendor-sec
+    which was incomplete (Closes: #456235).
+
+ -- Nico Golde <[EMAIL PROTECTED]>  Sat, 15 Dec 2007 15:24:43 +0100
+
 emacs22 (22.1+1-2.2) unstable; urgency=high
 
   * Non-maintainer upload by testing-security team.
diff -u emacs22-22.1+1/debian/patches/CVE-2007-6109.diff emacs22-22.1+1/debian/patches/CVE-2007-6109.diff
--- emacs22-22.1+1/debian/patches/CVE-2007-6109.diff
+++ emacs22-22.1+1/debian/patches/CVE-2007-6109.diff
@@ -1,5 +1,6 @@
---- a/src/editfns.c	2007/08/08 07:49:19	1.439.2.3
-+++ b/src/editfns.c	2007/11/16 00:18:55	1.439.2.8
+diff -Nurad emacs22-22.1+1~/src/editfns.c emacs22-22.1+1/src/editfns.c
+--- emacs22-22.1+1~/src/editfns.c	2007-12-15 15:15:24.000000000 +0100
++++ emacs22-22.1+1/src/editfns.c	2007-12-15 15:17:47.000000000 +0100
 @@ -3543,8 +3543,10 @@
  	      precision[n+1] = 10 * precision[n+1] + *format - '0';
  	  }
@@ -22,7 +23,7 @@
  	    if (*format == 'c')
  	      {
  		if (! SINGLE_BYTE_CHAR_P (XINT (args[n]))
-@@ -3803,23 +3805,35 @@
+@@ -3803,23 +3805,39 @@
  		     format - this_format_start);
  	      this_format[format - this_format_start] = 0;
  
@@ -34,7 +35,7 @@
 -		  if (format[-1] == 'd')
 -		    sprintf (p, this_format, XINT (args[n]));
 -		  /* Don't sign-extend for octal or hex printing.  */
-+		  if (sizeof (EMACS_INT) > sizeof (int))
++		  if (sizeof (EMACS_INT) > sizeof (int) && format[-1] != 'c')
 +		    {
 +		      /* Insert 'l' before format spec.  */
 +		      this_format[format - this_format_start]
@@ -45,12 +46,16 @@
 +
 +		  if (INTEGERP (args[n]))
 +		    {
-+		      if (format[-1] == 'd')
++		      if (format[-1] == 'c')
++			sprintf (p, this_format, (int) XINT (args[n]));
++		      else if (format[-1] == 'd')
 +			sprintf (p, this_format, XINT (args[n]));
 +		      /* Don't sign-extend for octal or hex printing.  */
 +		      else
 +			sprintf (p, this_format, XUINT (args[n]));
 +		    }
++		  else if (format[-1] == 'c')
++		    sprintf (p, this_format, (int) XFLOAT_DATA (args[n]));
 +		  else if (format[-1] == 'd')
 +		    /* Maybe we should use "%1.0f" instead so it also works
 +		       for values larger than MAXINT.  */

diff -u emacs21-21.4a+1/debian/changelog emacs21-21.4a+1/debian/changelog
--- emacs21-21.4a+1/debian/changelog
+++ emacs21-21.4a+1/debian/changelog
@@ -1,3 +1,12 @@
+emacs21 (21.4a+1-5.3) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Updated CVE-2007-6109.diff to fix UTF-8 encoding
+    regression introduced by the previous patch from vendor-sec
+    which was incomplete (Closes: #456235).
+
+ -- Nico Golde <[EMAIL PROTECTED]>  Sat, 15 Dec 2007 15:27:27 +0100
+
 emacs21 (21.4a+1-5.2) unstable; urgency=high
 
   * Non-maintainer upload by testing-security team.
diff -u emacs21-21.4a+1/debian/patches/CVE-2007-6109.diff emacs21-21.4a+1/debian/patches/CVE-2007-6109.diff
--- emacs21-21.4a+1/debian/patches/CVE-2007-6109.diff
+++ emacs21-21.4a+1/debian/patches/CVE-2007-6109.diff
@@ -1,6 +1,6 @@
 diff -Nurad emacs21-21.4a+1~/src/editfns.c emacs21-21.4a+1/src/editfns.c
---- emacs21-21.4a+1~/src/editfns.c	2007-12-10 17:41:03.000000000 +0100
-+++ emacs21-21.4a+1/src/editfns.c	2007-12-10 17:49:05.000000000 +0100
+--- emacs21-21.4a+1~/src/editfns.c	2007-12-15 15:18:58.000000000 +0100
++++ emacs21-21.4a+1/src/editfns.c	2007-12-15 15:21:39.000000000 +0100
 @@ -3209,8 +3209,11 @@
  	      precision = 10 * precision + *format - '0';
  	  }
@@ -24,7 +24,7 @@
  	    if (*format == 'c'
  		&& (! SINGLE_BYTE_CHAR_P (XINT (args[n]))
  		    || XINT (args[n]) == 0))
-@@ -3414,10 +3417,35 @@
+@@ -3414,10 +3417,37 @@
  		     format - this_format_start);
  	      this_format[format - this_format_start] = 0;
  
@@ -36,7 +36,7 @@
 +			  sprintf (p, this_format, XFLOAT_DATA (args[n]));
 +		  else
 +		  {
-+			  if (sizeof (EMACS_INT) > sizeof (int))
++			  if (sizeof (EMACS_INT) > sizeof (int) && format[-1] != 'c')
 +			  {
 +				  /* Insert 'l' before format spec.  */
 +				  this_format[format - this_format_start]
@@ -53,6 +53,8 @@
 +				  else
 +					  sprintf (p, this_format, XUINT (args[n]));
 +			  }
++			  else if (format[-1] == 'c')
++				sprintf (p, this_format, (int) XFLOAT_DATA (args[n]));
 +			  else if (format[-1] == 'd')
 +				  /* Maybe we should use "%1.0f" instead so it also works
 +					 for values larger than MAXINT.  */

pgpl11KCO9MCp.pgp
Description: PGP signature

Bug#456235: emacs22: Wrong encoding of UTF-8 characters

Reply via email to