Control: tags -1 - moreinfo
Hello,
A new patch turned up and I decided to only cherry-pick the three most
important patches from the stable-1.16 tree.
Debdiff is attached.
If you agree on the changes I will upload via unstable.
Thanks,
Gregor
diff -Nru v4l-utils-1.16.3/debian/changelog v4l-utils-1.16.3/debian/changelog
--- v4l-utils-1.16.3/debian/changelog 2018-12-15 19:34:33.0 +0100
+++ v4l-utils-1.16.3/debian/changelog 2019-04-14 14:30:26.0 +0200
@@ -1,3 +1,9 @@
+v4l-utils (1.16.3-2) unstable; urgency=medium
+
+ * Fix double-free and uninitailized memory issue. LP: #1819650
+
+ -- Gregor Jasny Sun, 14 Apr 2019 14:30:26 +0200
+
v4l-utils (1.16.3-1) unstable; urgency=medium
* Imported Upstream version 1.16.3
diff -Nru v4l-utils-1.16.3/debian/gbp.conf v4l-utils-1.16.3/debian/gbp.conf
--- v4l-utils-1.16.3/debian/gbp.conf2018-10-06 13:53:55.0 +0200
+++ v4l-utils-1.16.3/debian/gbp.conf2019-04-14 14:23:39.0 +0200
@@ -1,6 +1,6 @@
[DEFAULT]
upstream-branch = upstream
-debian-branch = master
+debian-branch = buster
upstream-tag = upstream/%(version)s
debian-tag = debian/%(version)s
pristine-tar = True
diff -Nru
v4l-utils-1.16.3/debian/patches/0003-dvbv5-tools-be-sure-to-zero-struct-arguments.patch
v4l-utils-1.16.3/debian/patches/0003-dvbv5-tools-be-sure-to-zero-struct-arguments.patch
---
v4l-utils-1.16.3/debian/patches/0003-dvbv5-tools-be-sure-to-zero-struct-arguments.patch
1970-01-01 01:00:00.0 +0100
+++
v4l-utils-1.16.3/debian/patches/0003-dvbv5-tools-be-sure-to-zero-struct-arguments.patch
2019-04-14 14:28:27.0 +0200
@@ -0,0 +1,50 @@
+Subject: dvbv5-tools: be sure to zero struct arguments
+Author: Mauro Carvalho Chehab
+Origin: upstream,
https://git.linuxtv.org/v4l-utils.git/commit/?h=stable-1.16=faef148b1b67bd17f879fd71746532c86e90
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1819650
+
+From 23e5056b0487acdaa56e5569952b5a8f344cf49b Mon Sep 17 00:00:00 2001
+Date: Thu, 14 Mar 2019 19:23:38 -0300
+
+Let's not let the arguments struct with some random value.
+
+Signed-off-by: Mauro Carvalho Chehab
+---
+ utils/dvb/dvb-format-convert.c | 2 +-
+ utils/dvb/dvbv5-scan.c | 2 +-
+ utils/dvb/dvbv5-zap.c | 2 +-
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/utils/dvb/dvb-format-convert.c
b/utils/dvb/dvb-format-convert.c
+@@ -123,7 +123,7 @@
+
+ int main(int argc, char **argv)
+ {
+- struct arguments args;
++ struct arguments args = {};
+ int idx = -1, missing = 0;
+ const struct argp argp = {
+ .options = options,
+--- a/utils/dvb/dvbv5-scan.c
b/utils/dvb/dvbv5-scan.c
+@@ -450,7 +450,7 @@
+
+ int main(int argc, char **argv)
+ {
+- struct arguments args;
++ struct arguments args = {};
+ int err, lnb = -1,idx = -1;
+ struct dvb_device *dvb;
+ struct dvb_dev_list *dvb_dev;
+--- a/utils/dvb/dvbv5-zap.c
b/utils/dvb/dvbv5-zap.c
+@@ -1018,7 +1018,7 @@
+
+ int main(int argc, char **argv)
+ {
+- struct arguments args;
++ struct arguments args = {};
+ char *homedir = getenv("HOME");
+ char *channel = NULL;
+ int lnb = -1, idx = -1;
diff -Nru
v4l-utils-1.16.3/debian/patches/0005-libdvbv5-leaks-and-double-free-in-dvb_fe_open_fname.patch
v4l-utils-1.16.3/debian/patches/0005-libdvbv5-leaks-and-double-free-in-dvb_fe_open_fname.patch
---
v4l-utils-1.16.3/debian/patches/0005-libdvbv5-leaks-and-double-free-in-dvb_fe_open_fname.patch
1970-01-01 01:00:00.0 +0100
+++
v4l-utils-1.16.3/debian/patches/0005-libdvbv5-leaks-and-double-free-in-dvb_fe_open_fname.patch
2019-04-14 14:28:25.0 +0200
@@ -0,0 +1,93 @@
+Subject: libdvbv5: leaks and double free in dvb_fe_open_fname()
+Author: Sean Young
+Origin: upstream,
https://git.linuxtv.org/v4l-utils.git/commit/?h=stable-1.16=c82608ca1595427c2bdbd4abb9aca9163e1df60a
+Bug-Ubuntu: https://bugs.launchpad.net/raspbian/+bug/1819650
+
+dvb_fe_open_fname() takes ownership of fname if the function succeeds, but
+also in two of the error paths (e.g. if the ioctl FE_GET_PROPERTY fails).
+
+Adjust dvb_fe_open_fname() so it copies fname rather than taking ownership
+(and passing that to params). This makes the code cleaner.
+
+Signed-off-by: Sean Young
+---
+ lib/libdvbv5/dvb-dev-local.c | 2 +-
+ lib/libdvbv5/dvb-fe.c| 18 --
+ 2 files changed, 9 insertions(+), 11 deletions(-)
+
+--- a/lib/libdvbv5/dvb-dev-local.c
b/lib/libdvbv5/dvb-dev-local.c
+@@ -467,7 +467,7 @@
+ flags &= ~O_NONBLOCK;
+ }
+
+- ret = dvb_fe_open_fname(parms, strdup(dev->path), flags);
++ ret = dvb_fe_open_fname(parms, dev->path, flags);
+ if (ret) {
+ free(open_dev);
+ return NULL;
+--- a/lib/libdvbv5/dvb-fe.c
b/lib/libdvbv5/dvb-fe.c
+@@ -133,7 +133,6 @@
+ int flags)
+ {
+