Bug#920569: php-yaml: Segfault when YAML array merge syntax is used with yaml_parse

2019-01-26 Thread Michael Billington 
Package: php-yaml
Version: 2.0.2+1.3.1-4
Severity: normal

Dear Maintainer,

I'm observing a repeatable PHP segfault then php-yaml attempts to parse any
file that uses the "<<" array-merge syntax. A minimal example:

- <<:
foo: bar

After placing this text in a file called "demo.yml", the markup can be parsed
via this command-line invovation of PHP:

php -r 'yaml_parse(file_get_contents("demo.yml"));'

The above command prints "Segmentation fault", and exits with code
139. A GDB session showing the stack trace:

$ gdb php
GNU gdb (Debian 8.2-1) 8.2
...
(gdb) run -r 'yaml_parse(file_get_contents("demo.yml"));'
Starting program: /usr/bin/php -r 'yaml_parse(file_get_contents("demo.yml"));'
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x5580b82c in zend_hash_merge ()
(gdb) bt
#0  0x5580b82c in zend_hash_merge ()
#1  0x71023b49 in handle_mapping () from /usr/lib/php/20180731/yaml.so
#2  0x71023d16 in handle_sequence () from /usr/lib/php/20180731/yaml.so
#3  0x7102329b in handle_document () from /usr/lib/php/20180731/yaml.so
#4  0x7102350f in php_yaml_read_partial () from
/usr/lib/php/20180731/yaml.so
#5  0x71022983 in ?? () from /usr/lib/php/20180731/yaml.so
#6  0x74d598d5 in xdebug_execute_internal
(current_execute_data=0x74a1c0a0, return_value=0x7fffc868)
at ./build-7.3/xdebug.c:1977
#7  0x55651f16 in ?? ()
#8  0x5587ab67 in execute_ex ()
#9  0x74d58f03 in xdebug_execute_ex
(execute_data=0x74a1c030) at ./build-7.3/xdebug.c:1868
#10 0x55881097 in zend_execute ()
#11 0x557ed017 in zend_eval_stringl ()
#12 0x557ed0f9 in zend_eval_stringl_ex ()
#13 0x55883212 in ?? ()
#14 0x5566184f in ?? ()
#15 0x7703a09b in __libc_start_main (main=0x556613c0,
argc=3, argv=0x7fffe128, init=,
fini=, rtld_fini=,
stack_end=0x7fffe118) at ../csu/libc-start.c:308
#16 0x5566194a in _start ()
(gdb) quit

A file that does not use this syntax does not exhibit the issue, eg:

-  foo: bar

There are similarities between this crash and an upstream bug which is
reportedly fixed in 1.3.2:

- https://bugs.php.net/bug.php?id=74886

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8),
LANGUAGE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages php-yaml depends on:
ii  libapache2-mod-php7.3 [phpapi-20180731]  7.3.1-1
ii  libc62.28-5
ii  libyaml-0-2  0.2.1-1
ii  php-common   2:69
ii  php7.3-cli [phpapi-20180731] 7.3.1-1
ii  php7.3-phpdbg [phpapi-20180731]  7.3.1-1

php-yaml recommends no packages.

php-yaml suggests no packages.

Bug#721811: Florence does not release keys when terminated

2013-09-04 Thread Michael Billington 
Package: florence
Version: florence_0.6.0-2
Severity: minor

If florence is killed/terminated, any keys which are down will remain down.
I think that the program should release anything it's holding when it is
closed.

Can be replicated easily by using florence to Ctrl+C itself:

$ florence
Florence version 0.6.0
XRecord extension found version=1.13
Your screen does not support alpha channel. Semi-transparency is disabled
DBus name aquired: org.florence.Keyboard
$ ^C
$ ^C
$ ^C
...

Or if you kill it while holding down 'd':
$ sleep 5; killall florence;
ddd... (keeps going)

Could probably be fixed by adding something to flo_terminate() to release
pressed keys.

-Michael

Bug#714431: github-backup should depend on git

2013-06-29 Thread Michael Billington 
Package: github-backup
Version: 1.20120628.1

When using github-backup for the first time, I invoked it using the command:

   github-backup (my github username)

It fizzled out after a moment with the error:

   github-backup: git: executeFile: does not exist (No such file or
directory)
   github-backup: clone failed

I tried to clone the repo manually, and found that git was not installed,
so ran
   apt-get install git

After this, github-backup worked with the same invocation, in the same
directory.

I would guess that this means that 'git' should be added as a dependency.

-Michael Billington