Bug#712046: file: new magic: Delphi compiled form data
Package: file Version: 1:5.14-2 Severity: wishlist Tags: patch upstream Dear Maintainer, I wish file recognized correctly Borland Delphi compiled form resources. These files are currently recognized as data. They begin with a known string TPF0. The magic rule is: 0 string TPF0Delphi compiled form data Best regards Tomasz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#613367: jclassinfo: memory usage problems
Package: jclassinfo Version: 0.19.1-5 Severity: important Tags: upstream patch Parsing some classes results with a crash: (...) 81)CONSTANT_Utf8[1](too many bytes in \) *** glibc detected *** /tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo: free(): invalid next size (fast): 0x08cf5c08 *** === Backtrace: = /lib/i686/cmov/libc.so.6(+0x6b281)[0xb75bb281] /lib/i686/cmov/libc.so.6(+0x6cad8)[0xb75bcad8] /lib/i686/cmov/libc.so.6(cfree+0x6d)[0xb75bfbbd] /tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x804bf07] /tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x804bc41] /tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x804c34c] /tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x804d8bc] /lib/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb7566c76] /tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x8049a01] === Memory map: 08048000-0805 r-xp 08:05 2313111 /tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo 0805-08051000 rw-p 8000 08:05 2313111 /tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo 08cf4000-08d15000 rw-p 00:00 0 [heap] b740-b7421000 rw-p 00:00 0 b7421000-b750 ---p 00:00 0 b7517000-b7534000 r-xp 08:05 1157360/lib/libgcc_s.so.1 b7534000-b7535000 rw-p 0001c000 08:05 1157360/lib/libgcc_s.so.1 b754f000-b755 rw-p 00:00 0 b755-b769 r-xp 08:05 1610228/lib/i686/cmov/libc-2.11.2.so b769-b7692000 r--p 0013f000 08:05 1610228/lib/i686/cmov/libc-2.11.2.so b7692000-b7693000 rw-p 00141000 08:05 1610228/lib/i686/cmov/libc-2.11.2.so b7693000-b7696000 rw-p 00:00 0 b7696000-b76ba000 r-xp 08:05 1610150/lib/i686/cmov/libm-2.11.2.so b76ba000-b76bb000 r--p 00023000 08:05 1610150/lib/i686/cmov/libm-2.11.2.so b76bb000-b76bc000 rw-p 00024000 08:05 1610150/lib/i686/cmov/libPrzerwane I just increased the size of the char* new_string in jclass/jstring.c by 20 bytes when mallocing; not correct, but works for me. Additionally fixed some minor memory problems. To debug, use valgrind after exec in jclassinfo/jclassinfo: exec valgrind $progdir/$program ${1+$@} -- System Information: Debian Release: 6.0 APT prefers testing APT policy: (650, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Versions of packages jclassinfo depends on: ii libc6 2.11.2-10Embedded GNU C Library: Shared lib ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime jclassinfo recommends no packages. jclassinfo suggests no packages. diff -r -u jclass_orig//class_loader.c jclass/class_loader.c --- jclass_orig//class_loader.c 2011-02-14 10:40:01.0 +0100 +++ jclass/class_loader.c 2011-02-14 10:47:00.0 +0100 @@ -222,6 +222,7 @@ } } + free(class_filename); return absolute_class_filename; } diff -r -u jclass_orig//jstring.c jclass/jstring.c --- jclass_orig//jstring.c 2011-02-14 10:40:01.0 +0100 +++ jclass/jstring.c 2011-02-14 11:45:12.0 +0100 @@ -118,7 +118,7 @@ str_ptr++; } - new_string = (char*) malloc(string_length + 1); + new_string = (char*) malloc(string_length + 1 /* ugly fix: */ + 20); str_ptr = raw_string; to_ptr = new_string; @@ -199,8 +199,9 @@ number = strdup(0); else { - number = (char*) malloc(40); - number[40] = '\0'; + int max_size = 41; + number = (char*) malloc(max_size); + number[max_size - 1] = '\0'; /* set sign */ if (float_bytes 0x8000) @@ -247,8 +248,9 @@ number = strdup(0); else { - number = (char*) malloc(80); - number[40] = '\0'; + int max_size = 81; + number = (char*) malloc(max_size); + number[max_size - 1] = '\0'; /* set sign */ if ((double_bytes 63))
Bug#599190: cppcheck: no default enable checks value described in manual
Package: cppcheck Version: 1.44-1 Severity: normal Tags: upstream Option --enable=[id] is optional, but the default value is not specified in the manual. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#597824: timelimit: does not allow limiting to fraction of seconds
Package: timelimit Version: 1.6-1 Severity: wishlist Tags: upstream It would be great if I could limit execution to e.g. 0.3 seconds. Instead alarm(), set timer with setitimer(). -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#590942: netris: Memory leak - realloc
Package: netris Version: 0.52-8 Severity: normal Tags: patch Valgrind reports a memory leak in netris: 20 bytes in 1 blocks are definitely lost in loss record 5 of 43 at 0x4023D47: realloc (vg_replace_malloc.c:476) by 0x804AF7D: GetTermcapInfo (curses.c:152) by 0x804AD15: InitScreens (curses.c:68) by 0x804A84C: main (game.c:428) Fixed by removing hardly needed realloc. I added also an additional check for malloc returning NULL. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Versions of packages netris depends on: ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib ii libncurses5 5.7+20100313-2 shared libraries for terminal hand netris recommends no packages. netris suggests no packages. -- no debconf information diff -rU 10 netris-0.52//curses.c netris-0.52-fixes//curses.c --- netris-0.52//curses.c 2003-08-13 03:33:02.0 +0200 +++ netris-0.52-fixes//curses.c 2010-07-29 16:42:07.0 +0200 @@ -127,36 +127,35 @@ int bufSize = 10240; if (!(term = getenv(TERM))) return; if (tgetent(scratch, term) == 1) { /* * Make the buffer HUGE, since tgetstr is unsafe. * Allocate it on the heap too. */ data = buf = malloc(bufSize); + if (buf == NULL) + fatal(memory allocation error); /* * There is no standard include file for tgetstr, no prototype * definitions. I like casting better than using my own prototypes * because if I guess the prototype, I might be wrong, especially * with regards to const. */ term_vi = (char *)tgetstr(vi, data); term_ve = (char *)tgetstr(ve, data); /* Okay, so I'm paranoid; I just don't like unsafe routines */ if (data buf + bufSize) fatal(tgetstr overflow, you must have a very sick termcap); - - /* Trim off the unused portion of buffer */ - buf = realloc(buf, data - buf); } /* * If that fails, use hardcoded vt220 codes. * They don't seem to do anything bad on vt100's, so * we'll try them just in case they work. */ if (!term_vi || !term_ve) { static char *vts[] = { vt100, vt101, vt102,
Bug#575276: sqlite3: segmentation fault on specific SQL statement (INSERT DEFAULT VALUES with triggers)
Package: sqlite3 Version: 3.6.22-1 Severity: normal A bug resulting in a crash (segmentation fault) of sqlite3 has been detected. Please find attached the script causing problems and a debug session log. Tested to be vulnerable: linux 3.6.23 linux 3.6.22 linux 3.6.4 solaris 3.5.1 Tested to be invulnerable: linux 2.8.17 Attachments: SQL script, gdb session log. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-3-686 (SMP w/2 CPU cores) Shell: /bin/sh linked to /bin/dash BEGIN TRANSACTION; CREATE TABLE tab_s (src varchar, dst varchar, price decimal(10,2), PRIMARY KEY (src,dst)); INSERT INTO tab_s VALUES('POZNAN','ITALIA',10); CREATE TABLE current (src varchar, dst varchar, price decimal(10,2) NOT NULL, timestamp TEXT DEFAULT (DATETIME('NOW'))); CREATE TRIGGER update_tab_s after insert on current when (new.price (select price from tab_s where src=new.src AND dst=new.dst)) begin update tab_s set price=new.price where src=new.src AND dst=new.dst; end; CREATE TRIGGER entry_in_tab_s before insert on current begin insert or ignore into tab_s values (new.src, new.dst, 9); end; COMMIT; INSERT INTO current DEFAULT VALUES ('a', 'b', 30); /tmp/sqlite-3.6.23 CFLAGS=-O0 -ggdb ./configure /tmp/sqlite-3.6.23 make /tmp/sqlite-3.6.23 export LD_PRELOAD=.libs/libsqlite3.so /tmp/sqlite-3.6.23 gdb .libs/sqlite3 Reading symbols from /tmp/sqlite-3.6.23/.libs/sqlite3...done. (gdb) r -init script.sql [Thread debugging using libthread_db enabled] -- Loading resources from script.sql ___ eax: ebx:B7FDDA10 ecx:0008 edx:0007 eflags:00010246 esi:0804FE90 edi:080496E0 esp:BFFFD8F0 ebp:BFFFDA28 eip:B7F9D0A7 cs:0073 ds:007B es:007B fs: gs:0033 ss:007Bo d I t s Z a P c [007B:BFFFD8F0]-[stack] BFFFD920 : B8 35 05 08 00 00 00 00 - FC 03 00 00 D8 4C 06 08 .5...L.. BFFFD910 : 00 00 00 00 10 DA FD B7 - 48 D9 FF BF AD A3 F6 B7 H... BFFFD900 : 00 00 00 00 B8 35 05 08 - F8 35 05 08 00 00 00 00 .5...5.. BFFFD8F0 : C8 45 06 08 07 00 00 00 - FF FF FF FF 07 00 00 00 .E.. [007B:0804FE90]-[ data] 0804FE90 : 55 89 E5 57 56 53 E8 4F - 00 00 00 81 C3 75 22 00 U..WVS.O.u. 0804FEA0 : 00 83 EC 0C E8 1B 93 FF - FF 8D BB F0 FE FF FF 8D [0073:B7F9D0A7]-[ code] 0xb7f9d0a7 sqlite3Insert+3613:mov0xc(%eax),%esi 0xb7f9d0aa sqlite3Insert+3616:mov-0xac(%ebp),%edx 0xb7f9d0b0 sqlite3Insert+3622:mov%edx,%eax 0xb7f9d0b2 sqlite3Insert+3624:shl$0x2,%eax 0xb7f9d0b5 sqlite3Insert+3627:add%edx,%eax 0xb7f9d0b7 sqlite3Insert+3629:shl$0x2,%eax -- 0xb7f9d0a7 in sqlite3Insert (pParse=0x8064cd8, pTabList=0x8060358, pList=0x0, pSelect=0x0, pColumn=0x0, onError=0x63) at sqlite3.c:75798 75798 sqlite3ExprCodeAndCache(pParse, pList-a[j].pExpr, regCols+i+1); (gdb) bt #0 0xb7f9d0a7 in sqlite3Insert (pParse=0x8064cd8, pTabList=0x8060358, pList=0x0, pSelect=0x0, pColumn=0x0, onError=0x63) at sqlite3.c:75798 #1 0xb7fba1a2 in yy_reduce (yypParser=0x8065090, yyruleno=0xaf) at sqlite3.c:94450 #2 0xb7fbbef8 in sqlite3Parser (yyp=0x8065090, yymajor=0x16, yyminor=..., pParse=0x8064cd8) at sqlite3.c:95184 #3 0xb7fbcaad in sqlite3RunParser (pParse=0x8064cd8, zSql=0x8061598 INSERT INTO current DEFAULT VALUES ('a', 'b', 30);, pzErrMsg=0xbfffdc30) at sqlite3.c:96010 #4 0xb7fa45c8 in sqlite3Prepare (db=0x80531d0, zSql=0x8061598 INSERT INTO current DEFAULT VALUES ('a', 'b', 30);, nBytes=0x, saveSqlFlag=0x1, pReprepare=0x0, ppStmt=0xbfffdd1c, pzTail=0xbfffdd18) at sqlite3.c:79988 #5 0xb7fa4909 in sqlite3LockAndPrepare (db=0x80531d0, zSql=0x8061598 INSERT INTO current DEFAULT VALUES ('a', 'b', 30);, nBytes=0x, saveSqlFlag=0x1, pOld=0x0, ppStmt=0xbfffdd1c, pzTail=0xbfffdd18) at sqlite3.c:80083 #6 0xb7fa4ac1 in sqlite3_prepare_v2 (db=0x80531d0, zSql=0x8061598 INSERT INTO current DEFAULT VALUES ('a', 'b', 30);, nBytes=0x, ppStmt=0xbfffdd1c, pzTail=0xbfffdd18) at sqlite3.c:80158 #7 0x0804b452 in shell_exec (db=0x80531d0, zSql=0x8061598 INSERT INTO current DEFAULT VALUES ('a', 'b', 30);, xCallback=0x804a361 shell_callback, pArg=0xbfffde78, pzErrMsg=0xbfffddd4) at shell.c:990 #8 0x0804ef31 in process_input (p=0xbfffde78, in=0x8053008) at shell.c:2236 #9 0x0804f28b in process_sqliterc (p=0xbfffde78, sqliterc_override=0xb5f4 script.sql) at shell.c:2370 #10 0x0804f6af in main (argc=0x3, argv=0xb454) at shell.c:2508
Bug#556938: spout: wrong .desktop descriptor
Package: spout Version: 1.3-2 Severity: normal /usr/share/applications/spout.desktop: file contains Categories:Application:Game:ArcadeGame, should be Categories=Application:Game:ArcadeGame. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Versions of packages spout depends on: ii libc6 2.10.1-7 GNU C Library: Shared libraries ii libsdl1.2debian 1.2.13-5 Simple DirectMedia Layer -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#535172: dhcp-probe: package doesn't install
Package: dhcp-probe Version: 1.3.0-2 Severity: grave Justification: renders package unusable When configuring package: Setting up dhcp-probe (1.3.0-2) ... dpkg: error processing dhcp-probe (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: dhcp-probe E: Sub-process /usr/bin/dpkg returned an error code (1) -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Shell: /bin/sh linked to /bin/bash Versions of packages dhcp-probe depends on: ii libc6 2.9-12 GNU C Library: Shared libraries ii libnet1 1.1.4-1library for the construction and h ii libpcap0.81.0.0-2system interface for user-level pa ii ucf 3.0018 Update Configuration File: preserv dhcp-probe recommends no packages. dhcp-probe suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#534700: simple radare /bin/ls doesn't work
Package: radare Version: 1.4-1 Severity: important This version has several serious bugs which make this package hardly usable. Please bump the package to latest hg, radare 1.4.2b works well. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#527762: yersinia: only libpcap-dev
Package: yersinia Version: 0.7.1-1 Severity: normal This error appears by just installing libpcap-dev. Without it ./configure says: checking for a complete set of pcap headers... no !!! couldn't find a complete set of pcap headers -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#533170: lsat: checkpasswd module closes random file
Package: lsat Version: 0.9.7.1-1 Severity: normal Tags: patch Uninitialized local variable fileval is passed to close - random file descriptor is closed. strace shows: close(134556941)= -1 EBADF (Bad file descriptor) --- checkpasswd.c.orig 2009-06-15 12:12:47.0 +0200 +++ checkpasswd.c 2009-06-15 12:13:03.0 +0200 # uninitialized local variable fileval # sample run with strace shows: # close(134556941)= -1 EBADF (Bad file descriptor) @@ -38,7 +38,6 @@ char temparray[2][128]; /*temparray. */ int j=0;/* counter variable */ int field; /* field counter */ -int fileval; /* return val */ const char * tmp_file = /tmp/lsat2.lsat; /* temp file for storage */ const char * tempfile =NULL; @@ -153,7 +152,6 @@ remove(tempfile); /* close the tmpfile */ fclose(fileptr); -close(fileval); /* note dostuff below will rm tmpfile */ header = Please consider removing these system accounts.\nCheck to see if you need them for your system applications before removing.\nAlso, consult the securitylinks.txt file for more information.\n;
Bug#532582: lsat: Proposed patch
Package: lsat Version: 0.9.7.1-1 Severity: normal I prepared a quick fix against buffer overflows. Some fixes against 'unsecure practices' are also included. --- lsatmain.c.orig 2009-06-12 11:15:32.0 +0200 +++ lsatmain.c 2009-06-12 11:58:59.0 +0200 # remove unnecessary constants @@ -73,7 +73,7 @@ char *token; char tempstring[26]; char line[256]; -char thelist[33][12] = { {pkgs}, {rpm}, {inetd}, {inittab}, {logging}, {set}, {write}, {dotfiles}, {passwd}, {files}, {umask}, {ftpusers}, {rc}, {kbd}, {limits}, {ssh}, {open}, {issue}, {www}, {md5}, {modules}, {securetty}, {perms}, {net}, {forward}, {promisc}, {listening}, {cfg}, {bpass}, {ipv4}, {startx}, {ftp}, {disk} }; +static char *thelist[] = { pkgs, rpm, inetd, inittab, logging, set, write, dotfiles, passwd, files, umask, ftpusers, rc, kbd, limits, ssh, open, issue, www, md5, modules, securetty, perms, net, forward, promisc, listening, cfg, bpass, ipv4, startx, ftp, disk }; if ((fileptr = fopen(xlisting, r))==NULL) { @@ -101,7 +101,7 @@ /* see if they match. If they do, the user does */ /* not want to run that module, so we put it in */ /* another array of ints to look through later. */ - for (i=0;i33;i++) + for (i=0;isizeof(thelist);i++) { if ((strcmp(thelist[i], tempstring)) == 0) { # duplicated flag @@ -155,7 +155,7 @@ /* this is silly, I should know how to do this more easily */ -if ((fileval = open(/tmp/lsat1.lsat, O_RDWR | O_CREAT | O_EXCL | O_EXCL, 0600)) 0) +if ((fileval = open(/tmp/lsat1.lsat, O_RDWR | O_CREAT | O_EXCL, 0600)) 0) { perror(Could not make file w/perms 0600...\n); perror(Possible link attack while creating/opening file!\n); # series of quick patches against segfaults @@ -308,11 +308,11 @@ */ char release[50]; /* array for release level */ char kernel[50]; /* what kernel user is running */ -static char *man_distro; /* if the user specifies a distribution */ +char *man_distro; /* if the user specifies a distribution */ const char * header =NULL; /* to print out the header */ -static char *out_file = lsat.out; /* output filename var */ +char *out_file = lsat.out; /* output filename var */ char xlist[100]; /* modules to exclude */ # always initialized to zero -int xarray[33] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; +int xarray[33] = {}; int somethinginxlist = 0; /* note if no filename given, default = lsat.out */ FILE *tempptr;/* a temp file pointer */ @@ -350,10 +350,16 @@ diff = 1; break; case 'm': - strcpy(man_distro, argv[i]+3); + if (argv[i][2] != '\0') { + usage(); + } + man_distro = argv[i]+3; break; case 'o': - strcpy(out_file, argv[i]+3); + if (argv[i][2] != '\0') { + usage(); + } + out_file = argv[i]+3; break; case 'r': rpmmodule = 1; @@ -368,7 +374,11 @@ html = 1; out_file=lsat.html; break; - case 'x': strcpy(xlist,argv[i]+3); + case 'x': + if (argv[i][2] != '\0') { + usage(); + } + strncpy(xlist,argv[i]+3,sizeof(xlist)); somethinginxlist = 1; break; default :
Bug#532582: lsat: My patch has a mistake
Package: lsat Version: 0.9.7.1-1 Severity: normal Please don't use the patch on lines 76 and 104, it introduces another problem! Thanks -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#532582: lsat: corrected patch
Package: lsat Version: 0.9.7.1-1 Severity: normal The part corrected looks like this: @@ -101,7 +101,7 @@ /* see if they match. If they do, the user does */ /* not want to run that module, so we put it in */ /* another array of ints to look through later. */ - for (i=0;i33;i++) + for (i=0;isizeof(thelist)/sizeof(char*);i++) { if ((strcmp(thelist[i], tempstring)) == 0) { -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#532575: lsat: Hardcoded number of accounts too low
Package: lsat Version: 0.9.7.1-1 Severity: normal Tags: patch LSAT's checkftpusers module hardcodes max number of users to check in many places. The amount (100) is too low for servers. I include a patch that extracts the value to a #defined constant, and set to 4000. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) --- checkftpusers.c.origczw lut 5 14:31:59 2009 +++ checkftpusers.c czw lut 5 14:36:25 2009 @@ -14,6 +14,8 @@ #include fcntl.h #include unistd.h +#define MAX_FTP_USERS 4000 + int checkftpusers(filename, verbose, html) const char *const filename; int verbose; @@ -26,8 +28,8 @@ /* the passwd list... we ass|u|me that a username */ /* will be 120 chars. :O = line[120]*/ char line[120];/* array for a line */ -char temparray[100][120]; /*temparray. */ -char tempstring[100][120]; /* string to hold ftpusername */ +char temparray[MAX_FTP_USERS][120]; /*temparray. */ +char tempstring[MAX_FTP_USERS][120]; /* string to hold ftpusername */ int i=0; /* counter variable */ int j=0; /* counter variable */ int k=0; /* counter variable */ @@ -46,7 +48,7 @@ const char * header =NULL; /* init temparray */ -for (i=0; i100; i++) +for (i=0; iMAX_FTP_USERS; i++) { for (j=0; j120; j++) { @@ -179,7 +181,7 @@ } /* end if (passptr != NULL) */ /* inc the counter */ i++; - if (i100) + if (iMAX_FTP_USERS) { perror(Error in module checkftpusers: Too much data.\n); return(-1); @@ -235,7 +237,7 @@ } /* end if (ftpptr != NULL) */ /* inc the linec ounter */ linecount++; - if (linecount100) + if (linecountMAX_FTP_USERS) { perror(Error in checkftpusers: Too much data.); return(-1); @@ -245,7 +247,7 @@ /* ok, now compare an entry in the userlist */ /* we have against the entries in ftpusers */ -i = 100; +i = MAX_FTP_USERS; for (j = 0; j i; j++) { for (k=0; k linecount; k++)
Bug#532582: lsat: segmentation fault when setting output file
Package: lsat Version: 0.9.7.1-1 Severity: important SIGSEGV is raised when you run lsat -o OUTFILE.TXT, because unsafe string handling is used. Classic buffer overflow. static char *out_file = lsat.out; /* output filename var */ 356 strcpy(out_file, argv[i]+3); Program terminated with signal SIGSEGV, Segmentation fault. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Versions of packages lsat depends on: ii libc6 2.9-12 GNU C Library: Shared libraries -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#532615: lsat: awk invocation in checknet for sunos doesn't work
Package: lsat Version: 0.9.7.1-1 Severity: normal Tags: patch On SunOS 5.10 checknet module doesn't work: awk: can't open length($1) 0 {print $1} I changed the shellcode: * it sorts results numerically instead of using AWK * it passes -n to netstat to avoid long lookups --- checknet.c.orig czw lut 5 15:05:43 2009 +++ checknet.c czw lut 5 15:06:55 2009 @@ -149,7 +149,7 @@ /* we are on Solaris, begin getting funky */ { tempfile = /tmp/lsat1.lsat; -shellcode = netstat -a -f inet |grep LISTEN |awk -F\ \ 'length($1) 0 {print $1}' 2/dev/null /tmp/lsat1.lsat; +shellcode = netstat -a -f inet -n |grep LISTEN | sort -n 2/dev/null /tmp/lsat1.lsat; header = These ports were found to be listening on the system.\nClose all ports or services you do not need.; if ((dostuff(tempfile, filename, shellcode, header, html)) 0) {
Bug#519235: pdfsam: requires openjdk-6-jre, but works with sun-6-jre
Package: pdfsam Severity: important I am using the Sun JDK/JRE and don't want to install OpenJDK to use pdfsam. Pdfsam works with Sun Java. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org