Andreas Tille pushed to branch master at Debian Med / fermi-lite
Commits: d48f314f by Andreas Tille at 2020-03-28T19:32:47+01:00 Ensure that our variable checking for >= 0 is signed - - - - - e6ad3623 by Andreas Tille at 2020-03-28T19:34:34+01:00 routine-update: Ready to upload to unstable - - - - - 3 changed files: - debian/changelog - + debian/patches/ensure-signed-comparison.patch - debian/patches/series Changes: ===================================== debian/changelog ===================================== @@ -1,3 +1,11 @@ +fermi-lite (0.1-11) unstable; urgency=medium + + [ Steve Langasek ] + * Ensure that our variable checking for >= 0 is signed + Closes: #954127 + + -- Andreas Tille <[email protected]> Sat, 28 Mar 2020 19:33:46 +0100 + fermi-lite (0.1-10) unstable; urgency=medium * Team upload. ===================================== debian/patches/ensure-signed-comparison.patch ===================================== @@ -0,0 +1,22 @@ +Description: Ensure that our variable checking for >= 0 is signed + The type of v->n is size_t, which is an unsigned type, and we are assigning + v->n - 1 to i and looping while this is >= 0. If v->n == 0, on some + architectures (armhf) this results in i being set to a positive value + (specifically, UINT32_MAX). +Author: Steve Langasek <[email protected]> +Last-Update: 2020-03-17 +Bug-Debian: https://bugs.debian.org/954127 + +Index: fermi-lite-0.1/mag.c +=================================================================== +--- fermi-lite-0.1.orig/mag.c ++++ fermi-lite-0.1/mag.c +@@ -506,7 +506,7 @@ + + for (j = 0; j < 2; ++j) { + sum_n = sum_l = 0; +- for (i = v->n - 1; i >= 0; --i) { ++ for (i = (int64_t)v->n - 1; i >= 0; --i) { + const magv_t *p = &v->a[srt[i]<<32>>32]; + int tmp1, tmp2; + tmp1 = tmp2 = 0; ===================================== debian/patches/series ===================================== @@ -3,4 +3,5 @@ hardening rename_bseq1_t.patch bcf_seqlib.patch simde +ensure-signed-comparison.patch # sync_instead_of_atomic View it on GitLab: https://salsa.debian.org/med-team/fermi-lite/-/compare/ce658f8f9f2e9fc65fe68297ab03acb1e80d9d24...e6ad3623bea78984a8c9013f027d29132008e2e6 -- View it on GitLab: https://salsa.debian.org/med-team/fermi-lite/-/compare/ce658f8f9f2e9fc65fe68297ab03acb1e80d9d24...e6ad3623bea78984a8c9013f027d29132008e2e6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-med-commit mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-med-commit
