Your message dated Sun, 04 Mar 2012 09:24:27 +0000
with message-id <[email protected]>
and subject line Bug#612762: fixed in stopmotion 0.6.2-1.2
has caused the Debian Bug report #612762,
regarding stopmotion: Crash when read single jpg files.
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
612762: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612762
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: stopmotion
Version: 0.6.2-1.1
Justification: renders package unusable
Severity: grave
Tags: patch
*** Please type your report below this line ***
Hi,
I found that stopmotion crash when I tries to import a 640x480 jpg file
from my disk.
After tracing the code, I found that
in src/application/modelhandler.cpp:100
char *f = new char[fileName.length()];
strcpy(f, fileName.toLatin1().data());
So it causes an invalid write in 1 byte.
I think we should increase the size of f by 1 byte:
char *f = new char[fileName.length()+1];
I'm attaching a patch to fix this bug.
Please consider to include it.
Many Thanks,
Paul
-- System Information:
Debian Release: 6.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages stopmotion depends on:
ii libc6 2.11.2-10 Embedded GNU C Library:
Shared lib
ii libgcc1 1:4.4.5-10 GCC support library
ii libqtcore4 4:4.6.3-4 Qt 4 core module
ii libqtgui4 4:4.6.3-4 Qt 4 GUI module
ii libsdl-image1.2 1.2.10-2+b2 image loading library for
Simple D
ii libsdl1.2debian 1.2.14-6.1 Simple DirectMedia Layer
ii libstdc++6 4.4.5-10 The GNU Standard C++ Library v3
ii libtar 1.2.11-6 C library for manipulating
tar arc
ii libvorbisfile3 1.3.1-1 The Vorbis General Audio
Compressi
ii libx11-6 2:1.3.3-4 X11 client-side library
ii libxml2 2.7.8.dfsg-2 GNOME XML library
Versions of packages stopmotion recommends:
ii dvgrab 3.5-1+b1 grab digital video data via
IEEE13
ii ffmpeg 4:0.5.2-6 multimedia player, server
and enco
ii vgrabbj 0.9.6-3.2 grabs a image from a camera
and pu
Versions of packages stopmotion suggests:
ii gimp 2.6.11-1 The GNU Image Manipulation
Program
-- no debconf information
--
PaulLiu (劉穎駿)
E-mail: Ying-Chun Liu (PaulLiu) <[email protected]>
--- stopmotion-0.6.2.orig/src/application/modelhandler.cpp
+++ stopmotion-0.6.2/src/application/modelhandler.cpp
@@ -97,7 +97,7 @@
QStringList::Iterator it = names.begin();
while (it != names.end() ) {
QString fileName = *it;
- char *f = new char[fileName.length()];
+ char *f = new char[fileName.length()+1];
strcpy(f, fileName.toLatin1().data());
fNames.push_back(f);
++it;
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: stopmotion
Source-Version: 0.6.2-1.2
We believe that the bug you reported is fixed in the latest version of
stopmotion, which is due to be installed in the Debian FTP archive:
stopmotion_0.6.2-1.2.diff.gz
to main/s/stopmotion/stopmotion_0.6.2-1.2.diff.gz
stopmotion_0.6.2-1.2.dsc
to main/s/stopmotion/stopmotion_0.6.2-1.2.dsc
stopmotion_0.6.2-1.2_amd64.deb
to main/s/stopmotion/stopmotion_0.6.2-1.2_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mahyuddin Susanto <[email protected]> (supplier of updated stopmotion package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 10 Jan 2012 19:26:27 +0700
Source: stopmotion
Binary: stopmotion
Architecture: source amd64
Version: 0.6.2-1.2
Distribution: unstable
Urgency: low
Maintainer: Bjoern Erik Nilsen <[email protected]>
Changed-By: Mahyuddin Susanto <[email protected]>
Description:
stopmotion - program for creating stop motion animations
Closes: 565056 606721 612762
Changes:
stopmotion (0.6.2-1.2) unstable; urgency=low
.
* Non-maintainer upload.
* debian/rules: add math and x11 library to fix FTBFS, Patch from Matthias
Klose <[email protected]>. (Closes: #565056, #606721)
* Fix Crash when read single jpg files. Patch from Ying-Chun Liu (PaulLiu)
<[email protected]>. (Closes: #612762)
Checksums-Sha1:
db85737ce534a2fb0514b170f93acffd2631a52f 1160 stopmotion_0.6.2-1.2.dsc
60faf31cab0c8288ea0ef7a6ba837c0ddaa049c7 6077 stopmotion_0.6.2-1.2.diff.gz
322644b46ea02ebbe6ecdaa117fb3590f4f03aaf 2341992 stopmotion_0.6.2-1.2_amd64.deb
Checksums-Sha256:
9baeb36e43a4fb9f915594f45beab6e1216e402cdc999066d2654c474210def1 1160
stopmotion_0.6.2-1.2.dsc
21e7701ab676c91fdadeb3a8e4d6ca2bc5c3d4d114f9fb9efad1b6e04dc1df19 6077
stopmotion_0.6.2-1.2.diff.gz
295b9cf566844df31ff7cecba93e119932dfbb820d291572baafac0ac65a13ad 2341992
stopmotion_0.6.2-1.2_amd64.deb
Files:
a793841ff2557f714ae6dcf8e0fde603 1160 x11 optional stopmotion_0.6.2-1.2.dsc
741fe66e697975d796e137997cbc0dd3 6077 x11 optional stopmotion_0.6.2-1.2.diff.gz
bc6dc5585ef2def6105134620b565760 2341992 x11 optional
stopmotion_0.6.2-1.2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk9TLgkACgkQLz4Gnv7CP7LaUQCfXwGJskxJIjKxmuGT/U29VtiL
OI0AnjEysEeXHgLKKnLY3fwpVkW0MI7U
=QC6/
-----END PGP SIGNATURE-----
--- End Message ---
