Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package openarena:
unblock openarena/0.8.8-5+deb7u1
which fixes a remotely triggerable crash (NULL dereference) on servers.
diffstat for openarena-0.8.8 openarena-0.8.8
changelog | 7 +++
patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch | 20
++++++++++
patches/series | 1
3 files changed, 28 insertions(+)
diff -Nru openarena-0.8.8/debian/changelog openarena-0.8.8/debian/changelog
--- openarena-0.8.8/debian/changelog 2012-06-23 00:38:36.000000000 +0100
+++ openarena-0.8.8/debian/changelog 2012-09-14 08:02:50.000000000 +0100
@@ -1,3 +1,10 @@
+openarena (0.8.8-5+deb7u1) unstable; urgency=low
+
+ * Add patch from upstream to fix a client-triggerable server crash.
+ Thanks to Poul Sander and Markus Koschany (Closes: #681812)
+
+ -- Simon McVittie <[email protected]> Fri, 14 Sep 2012 07:52:53 +0100
+
openarena (0.8.8-5) unstable; urgency=low
* Don't refuse to start a new openarena-server if there's a stale
diff -Nru
openarena-0.8.8/debian/patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch
openarena-0.8.8/debian/patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch
---
openarena-0.8.8/debian/patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch
1970-01-01 01:00:00.000000000 +0100
+++
openarena-0.8.8/debian/patches/0002-Fix-callvote-kick-player-does-not-exist-crash.patch
2012-09-14 08:02:50.000000000 +0100
@@ -0,0 +1,20 @@
+Description: Fix for crashing the server by making a callvote to kick a player
which does not exist
+Author: Poul Sander <[email protected]>
+Origin: upstream
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681812
+Applied-Upstream: http://code.google.com/p/oax/source/detail?r=304
+Last-Update: 2012-09-13
+Tested-by: Markus Koschany <[email protected]>
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/code/game/g_cmds.c
++++ b/code/game/g_cmds.c
+@@ -1812,7 +1812,7 @@ void Cmd_CallVote_f( gentity_t *ent ) {
+ Com_sprintf( level.voteDisplayString, sizeof(
level.voteDisplayString ), "Shuffle teams?" );
+ } else if ( !Q_stricmp( arg1, "kick" ) ) {
+ i = 0;
+- while(Q_stricmp(arg2,(g_entities+i)->client->pers.netname)) {
++ while( !(g_entities+i) || !((g_entities+i)->client) ||
Q_stricmp(arg2,(g_entities+i)->client->pers.netname)) {
+ //Not client i, try next
+ i++;
+ if(i>=MAX_CLIENTS){ //Only numbers <128 is clients
diff -Nru openarena-0.8.8/debian/patches/series
openarena-0.8.8/debian/patches/series
--- openarena-0.8.8/debian/patches/series 2012-06-23 00:38:36.000000000
+0100
+++ openarena-0.8.8/debian/patches/series 2012-09-14 08:02:50.000000000
+0100
@@ -1,3 +1,4 @@
0001-Use-a-cpp-macro-for-the-game-code-version-so-package.patch
+0002-Fix-callvote-kick-player-does-not-exist-crash.patch
0031-Fix-FTBFS-on-kFreeBSD.patch
0040-Add-OPENARENA_081_COMPATIBLE-define-for-network-comp.patch
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive:
http://lists.debian.org/[email protected]
