Bug#712046: file: new magic: Delphi compiled form data
Package: file Version: 1:5.14-2 Severity: wishlist Tags: patch upstream Dear Maintainer, I wish file recognized correctly Borland Delphi compiled form resources. These files are currently recognized as data. They begin with a known string TPF0. The magic rule is: 0 string TPF0Delphi compiled form data Best regards Tomasz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#613367: jclassinfo: memory usage problems
Package: jclassinfo
Version: 0.19.1-5
Severity: important
Tags: upstream patch
Parsing some classes results with a crash:
(...)
81)CONSTANT_Utf8[1](too many bytes in \)
*** glibc detected *** /tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo:
free(): invalid next size (fast): 0x08cf5c08 ***
=== Backtrace: =
/lib/i686/cmov/libc.so.6(+0x6b281)[0xb75bb281]
/lib/i686/cmov/libc.so.6(+0x6cad8)[0xb75bcad8]
/lib/i686/cmov/libc.so.6(cfree+0x6d)[0xb75bfbbd]
/tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x804bf07]
/tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x804bc41]
/tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x804c34c]
/tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x804d8bc]
/lib/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb7566c76]
/tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo[0x8049a01]
=== Memory map:
08048000-0805 r-xp 08:05 2313111
/tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo
0805-08051000 rw-p 8000 08:05 2313111
/tmp/jclassinfo-0.19.1/jclassinfo/.libs/lt-jclassinfo
08cf4000-08d15000 rw-p 00:00 0 [heap]
b740-b7421000 rw-p 00:00 0
b7421000-b750 ---p 00:00 0
b7517000-b7534000 r-xp 08:05 1157360/lib/libgcc_s.so.1
b7534000-b7535000 rw-p 0001c000 08:05 1157360/lib/libgcc_s.so.1
b754f000-b755 rw-p 00:00 0
b755-b769 r-xp 08:05 1610228/lib/i686/cmov/libc-2.11.2.so
b769-b7692000 r--p 0013f000 08:05 1610228/lib/i686/cmov/libc-2.11.2.so
b7692000-b7693000 rw-p 00141000 08:05 1610228/lib/i686/cmov/libc-2.11.2.so
b7693000-b7696000 rw-p 00:00 0
b7696000-b76ba000 r-xp 08:05 1610150/lib/i686/cmov/libm-2.11.2.so
b76ba000-b76bb000 r--p 00023000 08:05 1610150/lib/i686/cmov/libm-2.11.2.so
b76bb000-b76bc000 rw-p 00024000 08:05 1610150/lib/i686/cmov/libPrzerwane
I just increased the size of the char* new_string in jclass/jstring.c by 20
bytes when mallocing; not correct, but works for me.
Additionally fixed some minor memory problems.
To debug, use valgrind after exec in jclassinfo/jclassinfo:
exec valgrind $progdir/$program ${1+$@}
-- System Information:
Debian Release: 6.0
APT prefers testing
APT policy: (650, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Versions of packages jclassinfo depends on:
ii libc6 2.11.2-10Embedded GNU C Library: Shared lib
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
jclassinfo recommends no packages.
jclassinfo suggests no packages.
diff -r -u jclass_orig//class_loader.c jclass/class_loader.c
--- jclass_orig//class_loader.c 2011-02-14 10:40:01.0 +0100
+++ jclass/class_loader.c 2011-02-14 10:47:00.0 +0100
@@ -222,6 +222,7 @@
}
}
+ free(class_filename);
return absolute_class_filename;
}
diff -r -u jclass_orig//jstring.c jclass/jstring.c
--- jclass_orig//jstring.c 2011-02-14 10:40:01.0 +0100
+++ jclass/jstring.c 2011-02-14 11:45:12.0 +0100
@@ -118,7 +118,7 @@
str_ptr++;
}
- new_string = (char*) malloc(string_length + 1);
+ new_string = (char*) malloc(string_length + 1 /* ugly fix: */ + 20);
str_ptr = raw_string;
to_ptr = new_string;
@@ -199,8 +199,9 @@
number = strdup(0);
else
{
- number = (char*) malloc(40);
- number[40] = '\0';
+ int max_size = 41;
+ number = (char*) malloc(max_size);
+ number[max_size - 1] = '\0';
/* set sign */
if (float_bytes 0x8000)
@@ -247,8 +248,9 @@
number = strdup(0);
else
{
- number = (char*) malloc(80);
- number[40] = '\0';
+ int max_size = 81;
+ number = (char*) malloc(max_size);
+ number[max_size - 1] = '\0';
/* set sign */
if ((double_bytes 63))
Bug#599190: cppcheck: no default enable checks value described in manual
Package: cppcheck Version: 1.44-1 Severity: normal Tags: upstream Option --enable=[id] is optional, but the default value is not specified in the manual. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#597824: timelimit: does not allow limiting to fraction of seconds
Package: timelimit Version: 1.6-1 Severity: wishlist Tags: upstream It would be great if I could limit execution to e.g. 0.3 seconds. Instead alarm(), set timer with setitimer(). -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#590942: netris: Memory leak - realloc
Package: netris
Version: 0.52-8
Severity: normal
Tags: patch
Valgrind reports a memory leak in netris:
20 bytes in 1 blocks are definitely lost in loss record 5 of 43
at 0x4023D47: realloc (vg_replace_malloc.c:476)
by 0x804AF7D: GetTermcapInfo (curses.c:152)
by 0x804AD15: InitScreens (curses.c:68)
by 0x804A84C: main (game.c:428)
Fixed by removing hardly needed realloc. I added also an additional check for
malloc returning NULL.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Versions of packages netris depends on:
ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib
ii libncurses5 5.7+20100313-2 shared libraries for terminal hand
netris recommends no packages.
netris suggests no packages.
-- no debconf information
diff -rU 10 netris-0.52//curses.c netris-0.52-fixes//curses.c
--- netris-0.52//curses.c 2003-08-13 03:33:02.0 +0200
+++ netris-0.52-fixes//curses.c 2010-07-29 16:42:07.0 +0200
@@ -127,36 +127,35 @@
int bufSize = 10240;
if (!(term = getenv(TERM)))
return;
if (tgetent(scratch, term) == 1) {
/*
* Make the buffer HUGE, since tgetstr is unsafe.
* Allocate it on the heap too.
*/
data = buf = malloc(bufSize);
+ if (buf == NULL)
+ fatal(memory allocation error);
/*
* There is no standard include file for tgetstr, no prototype
* definitions. I like casting better than using my own prototypes
* because if I guess the prototype, I might be wrong, especially
* with regards to const.
*/
term_vi = (char *)tgetstr(vi, data);
term_ve = (char *)tgetstr(ve, data);
/* Okay, so I'm paranoid; I just don't like unsafe routines */
if (data buf + bufSize)
fatal(tgetstr overflow, you must have a very sick termcap);
-
- /* Trim off the unused portion of buffer */
- buf = realloc(buf, data - buf);
}
/*
* If that fails, use hardcoded vt220 codes.
* They don't seem to do anything bad on vt100's, so
* we'll try them just in case they work.
*/
if (!term_vi || !term_ve) {
static char *vts[] = {
vt100, vt101, vt102,
Bug#575276: sqlite3: segmentation fault on specific SQL statement (INSERT DEFAULT VALUES with triggers)
Package: sqlite3
Version: 3.6.22-1
Severity: normal
A bug resulting in a crash (segmentation fault) of sqlite3 has been
detected. Please find attached the script causing problems and a debug
session log.
Tested to be vulnerable:
linux 3.6.23
linux 3.6.22
linux 3.6.4
solaris 3.5.1
Tested to be invulnerable:
linux 2.8.17
Attachments: SQL script, gdb session log.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-3-686 (SMP w/2 CPU cores)
Shell: /bin/sh linked to /bin/dash
BEGIN TRANSACTION;
CREATE TABLE tab_s (src varchar, dst varchar, price decimal(10,2), PRIMARY KEY
(src,dst));
INSERT INTO tab_s VALUES('POZNAN','ITALIA',10);
CREATE TABLE current (src varchar, dst varchar, price decimal(10,2) NOT NULL,
timestamp TEXT DEFAULT (DATETIME('NOW')));
CREATE TRIGGER update_tab_s after insert on current when (new.price (select
price from tab_s where src=new.src AND dst=new.dst)) begin update tab_s set
price=new.price where src=new.src AND dst=new.dst; end;
CREATE TRIGGER entry_in_tab_s before insert on current begin insert or ignore
into tab_s values (new.src, new.dst, 9); end;
COMMIT;
INSERT INTO current DEFAULT VALUES ('a', 'b', 30);
/tmp/sqlite-3.6.23 CFLAGS=-O0 -ggdb ./configure
/tmp/sqlite-3.6.23 make
/tmp/sqlite-3.6.23 export LD_PRELOAD=.libs/libsqlite3.so
/tmp/sqlite-3.6.23 gdb .libs/sqlite3
Reading symbols from /tmp/sqlite-3.6.23/.libs/sqlite3...done.
(gdb) r -init script.sql
[Thread debugging using libthread_db enabled]
-- Loading resources from script.sql
___
eax: ebx:B7FDDA10 ecx:0008 edx:0007 eflags:00010246
esi:0804FE90 edi:080496E0 esp:BFFFD8F0 ebp:BFFFDA28 eip:B7F9D0A7
cs:0073 ds:007B es:007B fs: gs:0033 ss:007Bo d I t s Z a P c
[007B:BFFFD8F0]-[stack]
BFFFD920 : B8 35 05 08 00 00 00 00 - FC 03 00 00 D8 4C 06 08 .5...L..
BFFFD910 : 00 00 00 00 10 DA FD B7 - 48 D9 FF BF AD A3 F6 B7 H...
BFFFD900 : 00 00 00 00 B8 35 05 08 - F8 35 05 08 00 00 00 00 .5...5..
BFFFD8F0 : C8 45 06 08 07 00 00 00 - FF FF FF FF 07 00 00 00 .E..
[007B:0804FE90]-[ data]
0804FE90 : 55 89 E5 57 56 53 E8 4F - 00 00 00 81 C3 75 22 00 U..WVS.O.u.
0804FEA0 : 00 83 EC 0C E8 1B 93 FF - FF 8D BB F0 FE FF FF 8D
[0073:B7F9D0A7]-[ code]
0xb7f9d0a7 sqlite3Insert+3613:mov0xc(%eax),%esi
0xb7f9d0aa sqlite3Insert+3616:mov-0xac(%ebp),%edx
0xb7f9d0b0 sqlite3Insert+3622:mov%edx,%eax
0xb7f9d0b2 sqlite3Insert+3624:shl$0x2,%eax
0xb7f9d0b5 sqlite3Insert+3627:add%edx,%eax
0xb7f9d0b7 sqlite3Insert+3629:shl$0x2,%eax
--
0xb7f9d0a7 in sqlite3Insert (pParse=0x8064cd8, pTabList=0x8060358, pList=0x0,
pSelect=0x0, pColumn=0x0, onError=0x63) at sqlite3.c:75798
75798 sqlite3ExprCodeAndCache(pParse, pList-a[j].pExpr, regCols+i+1);
(gdb) bt
#0 0xb7f9d0a7 in sqlite3Insert (pParse=0x8064cd8, pTabList=0x8060358,
pList=0x0, pSelect=0x0, pColumn=0x0, onError=0x63) at sqlite3.c:75798
#1 0xb7fba1a2 in yy_reduce (yypParser=0x8065090, yyruleno=0xaf) at
sqlite3.c:94450
#2 0xb7fbbef8 in sqlite3Parser (yyp=0x8065090, yymajor=0x16, yyminor=...,
pParse=0x8064cd8) at sqlite3.c:95184
#3 0xb7fbcaad in sqlite3RunParser (pParse=0x8064cd8, zSql=0x8061598 INSERT
INTO current DEFAULT VALUES ('a', 'b', 30);, pzErrMsg=0xbfffdc30) at
sqlite3.c:96010
#4 0xb7fa45c8 in sqlite3Prepare (db=0x80531d0, zSql=0x8061598 INSERT INTO
current DEFAULT VALUES ('a', 'b', 30);, nBytes=0x, saveSqlFlag=0x1,
pReprepare=0x0, ppStmt=0xbfffdd1c, pzTail=0xbfffdd18) at sqlite3.c:79988
#5 0xb7fa4909 in sqlite3LockAndPrepare (db=0x80531d0, zSql=0x8061598 INSERT
INTO current DEFAULT VALUES ('a', 'b', 30);, nBytes=0x,
saveSqlFlag=0x1, pOld=0x0, ppStmt=0xbfffdd1c, pzTail=0xbfffdd18) at
sqlite3.c:80083
#6 0xb7fa4ac1 in sqlite3_prepare_v2 (db=0x80531d0, zSql=0x8061598 INSERT INTO
current DEFAULT VALUES ('a', 'b', 30);, nBytes=0x, ppStmt=0xbfffdd1c,
pzTail=0xbfffdd18) at sqlite3.c:80158
#7 0x0804b452 in shell_exec (db=0x80531d0, zSql=0x8061598 INSERT INTO current
DEFAULT VALUES ('a', 'b', 30);, xCallback=0x804a361 shell_callback,
pArg=0xbfffde78, pzErrMsg=0xbfffddd4) at shell.c:990
#8 0x0804ef31 in process_input (p=0xbfffde78, in=0x8053008) at shell.c:2236
#9 0x0804f28b in process_sqliterc (p=0xbfffde78, sqliterc_override=0xb5f4
script.sql) at shell.c:2370
#10 0x0804f6af in main (argc=0x3, argv=0xb454) at shell.c:2508
Bug#556938: spout: wrong .desktop descriptor
Package: spout Version: 1.3-2 Severity: normal /usr/share/applications/spout.desktop: file contains Categories:Application:Game:ArcadeGame, should be Categories=Application:Game:ArcadeGame. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Versions of packages spout depends on: ii libc6 2.10.1-7 GNU C Library: Shared libraries ii libsdl1.2debian 1.2.13-5 Simple DirectMedia Layer -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#535172: dhcp-probe: package doesn't install
Package: dhcp-probe Version: 1.3.0-2 Severity: grave Justification: renders package unusable When configuring package: Setting up dhcp-probe (1.3.0-2) ... dpkg: error processing dhcp-probe (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: dhcp-probe E: Sub-process /usr/bin/dpkg returned an error code (1) -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Shell: /bin/sh linked to /bin/bash Versions of packages dhcp-probe depends on: ii libc6 2.9-12 GNU C Library: Shared libraries ii libnet1 1.1.4-1library for the construction and h ii libpcap0.81.0.0-2system interface for user-level pa ii ucf 3.0018 Update Configuration File: preserv dhcp-probe recommends no packages. dhcp-probe suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#534700: simple radare /bin/ls doesn't work
Package: radare Version: 1.4-1 Severity: important This version has several serious bugs which make this package hardly usable. Please bump the package to latest hg, radare 1.4.2b works well. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#527762: yersinia: only libpcap-dev
Package: yersinia Version: 0.7.1-1 Severity: normal This error appears by just installing libpcap-dev. Without it ./configure says: checking for a complete set of pcap headers... no !!! couldn't find a complete set of pcap headers -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#533170: lsat: checkpasswd module closes random file
Package: lsat Version: 0.9.7.1-1 Severity: normal Tags: patch Uninitialized local variable fileval is passed to close - random file descriptor is closed. strace shows: close(134556941)= -1 EBADF (Bad file descriptor) --- checkpasswd.c.orig 2009-06-15 12:12:47.0 +0200 +++ checkpasswd.c 2009-06-15 12:13:03.0 +0200 # uninitialized local variable fileval # sample run with strace shows: # close(134556941)= -1 EBADF (Bad file descriptor) @@ -38,7 +38,6 @@ char temparray[2][128]; /*temparray. */ int j=0;/* counter variable */ int field; /* field counter */ -int fileval; /* return val */ const char * tmp_file = /tmp/lsat2.lsat; /* temp file for storage */ const char * tempfile =NULL; @@ -153,7 +152,6 @@ remove(tempfile); /* close the tmpfile */ fclose(fileptr); -close(fileval); /* note dostuff below will rm tmpfile */ header = Please consider removing these system accounts.\nCheck to see if you need them for your system applications before removing.\nAlso, consult the securitylinks.txt file for more information.\n;
Bug#532582: lsat: Proposed patch
Package: lsat
Version: 0.9.7.1-1
Severity: normal
I prepared a quick fix against buffer overflows. Some fixes against 'unsecure
practices' are also included.
--- lsatmain.c.orig 2009-06-12 11:15:32.0 +0200
+++ lsatmain.c 2009-06-12 11:58:59.0 +0200
# remove unnecessary constants
@@ -73,7 +73,7 @@
char *token;
char tempstring[26];
char line[256];
-char thelist[33][12] = { {pkgs}, {rpm}, {inetd}, {inittab}, {logging}, {set}, {write}, {dotfiles}, {passwd}, {files}, {umask}, {ftpusers}, {rc}, {kbd}, {limits}, {ssh}, {open}, {issue}, {www}, {md5}, {modules}, {securetty}, {perms}, {net}, {forward}, {promisc}, {listening}, {cfg}, {bpass}, {ipv4}, {startx}, {ftp}, {disk} };
+static char *thelist[] = { pkgs, rpm, inetd, inittab, logging, set, write, dotfiles, passwd, files, umask, ftpusers, rc, kbd, limits, ssh, open, issue, www, md5, modules, securetty, perms, net, forward, promisc, listening, cfg, bpass, ipv4, startx, ftp, disk };
if ((fileptr = fopen(xlisting, r))==NULL)
{
@@ -101,7 +101,7 @@
/* see if they match. If they do, the user does */
/* not want to run that module, so we put it in */
/* another array of ints to look through later. */
- for (i=0;i33;i++)
+ for (i=0;isizeof(thelist);i++)
{
if ((strcmp(thelist[i], tempstring)) == 0)
{
# duplicated flag
@@ -155,7 +155,7 @@
/* this is silly, I should know how to do this more easily */
-if ((fileval = open(/tmp/lsat1.lsat, O_RDWR | O_CREAT | O_EXCL | O_EXCL, 0600)) 0)
+if ((fileval = open(/tmp/lsat1.lsat, O_RDWR | O_CREAT | O_EXCL, 0600)) 0)
{
perror(Could not make file w/perms 0600...\n);
perror(Possible link attack while creating/opening file!\n);
# series of quick patches against segfaults
@@ -308,11 +308,11 @@
*/
char release[50]; /* array for release level */
char kernel[50]; /* what kernel user is running */
-static char *man_distro; /* if the user specifies a distribution */
+char *man_distro; /* if the user specifies a distribution */
const char * header =NULL; /* to print out the header */
-static char *out_file = lsat.out; /* output filename var */
+char *out_file = lsat.out; /* output filename var */
char xlist[100]; /* modules to exclude */
# always initialized to zero
-int xarray[33] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+int xarray[33] = {};
int somethinginxlist = 0;
/* note if no filename given, default = lsat.out */
FILE *tempptr;/* a temp file pointer */
@@ -350,10 +350,16 @@
diff = 1;
break;
case 'm':
- strcpy(man_distro, argv[i]+3);
+ if (argv[i][2] != '\0') {
+ usage();
+ }
+ man_distro = argv[i]+3;
break;
case 'o':
- strcpy(out_file, argv[i]+3);
+ if (argv[i][2] != '\0') {
+ usage();
+ }
+ out_file = argv[i]+3;
break;
case 'r':
rpmmodule = 1;
@@ -368,7 +374,11 @@
html = 1;
out_file=lsat.html;
break;
- case 'x': strcpy(xlist,argv[i]+3);
+ case 'x':
+ if (argv[i][2] != '\0') {
+ usage();
+ }
+ strncpy(xlist,argv[i]+3,sizeof(xlist));
somethinginxlist = 1;
break;
default :
Bug#532582: lsat: My patch has a mistake
Package: lsat Version: 0.9.7.1-1 Severity: normal Please don't use the patch on lines 76 and 104, it introduces another problem! Thanks -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#532582: lsat: corrected patch
Package: lsat
Version: 0.9.7.1-1
Severity: normal
The part corrected looks like this:
@@ -101,7 +101,7 @@
/* see if they match. If they do, the user does */
/* not want to run that module, so we put it in */
/* another array of ints to look through later. */
- for (i=0;i33;i++)
+ for (i=0;isizeof(thelist)/sizeof(char*);i++)
{
if ((strcmp(thelist[i], tempstring)) == 0)
{
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#532575: lsat: Hardcoded number of accounts too low
Package: lsat
Version: 0.9.7.1-1
Severity: normal
Tags: patch
LSAT's checkftpusers module hardcodes max number of users to check in many
places. The amount (100) is too low for servers. I include a patch that
extracts the value to a #defined constant, and set to 4000.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
--- checkftpusers.c.origczw lut 5 14:31:59 2009
+++ checkftpusers.c czw lut 5 14:36:25 2009
@@ -14,6 +14,8 @@
#include fcntl.h
#include unistd.h
+#define MAX_FTP_USERS 4000
+
int checkftpusers(filename, verbose, html)
const char *const filename;
int verbose;
@@ -26,8 +28,8 @@
/* the passwd list... we ass|u|me that a username */
/* will be 120 chars. :O = line[120]*/
char line[120];/* array for a line */
-char temparray[100][120]; /*temparray. */
-char tempstring[100][120]; /* string to hold ftpusername */
+char temparray[MAX_FTP_USERS][120]; /*temparray. */
+char tempstring[MAX_FTP_USERS][120]; /* string to hold ftpusername */
int i=0; /* counter variable */
int j=0; /* counter variable */
int k=0; /* counter variable */
@@ -46,7 +48,7 @@
const char * header =NULL;
/* init temparray */
-for (i=0; i100; i++)
+for (i=0; iMAX_FTP_USERS; i++)
{
for (j=0; j120; j++)
{
@@ -179,7 +181,7 @@
} /* end if (passptr != NULL) */
/* inc the counter */
i++;
- if (i100)
+ if (iMAX_FTP_USERS)
{
perror(Error in module checkftpusers: Too much data.\n);
return(-1);
@@ -235,7 +237,7 @@
} /* end if (ftpptr != NULL) */
/* inc the linec ounter */
linecount++;
- if (linecount100)
+ if (linecountMAX_FTP_USERS)
{
perror(Error in checkftpusers: Too much data.);
return(-1);
@@ -245,7 +247,7 @@
/* ok, now compare an entry in the userlist */
/* we have against the entries in ftpusers */
-i = 100;
+i = MAX_FTP_USERS;
for (j = 0; j i; j++)
{
for (k=0; k linecount; k++)
Bug#532582: lsat: segmentation fault when setting output file
Package: lsat Version: 0.9.7.1-1 Severity: important SIGSEGV is raised when you run lsat -o OUTFILE.TXT, because unsafe string handling is used. Classic buffer overflow. static char *out_file = lsat.out; /* output filename var */ 356 strcpy(out_file, argv[i]+3); Program terminated with signal SIGSEGV, Segmentation fault. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Versions of packages lsat depends on: ii libc6 2.9-12 GNU C Library: Shared libraries -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#532615: lsat: awk invocation in checknet for sunos doesn't work
Package: lsat
Version: 0.9.7.1-1
Severity: normal
Tags: patch
On SunOS 5.10 checknet module doesn't work:
awk: can't open length($1) 0 {print $1}
I changed the shellcode:
* it sorts results numerically instead of using AWK
* it passes -n to netstat to avoid long lookups
--- checknet.c.orig czw lut 5 15:05:43 2009
+++ checknet.c czw lut 5 15:06:55 2009
@@ -149,7 +149,7 @@
/* we are on Solaris, begin getting funky */
{
tempfile = /tmp/lsat1.lsat;
-shellcode = netstat -a -f inet |grep LISTEN |awk -F\ \ 'length($1) 0 {print $1}' 2/dev/null /tmp/lsat1.lsat;
+shellcode = netstat -a -f inet -n |grep LISTEN | sort -n 2/dev/null /tmp/lsat1.lsat;
header = These ports were found to be listening on the system.\nClose all ports or services you do not need.;
if ((dostuff(tempfile, filename, shellcode, header, html)) 0)
{
Bug#519235: pdfsam: requires openjdk-6-jre, but works with sun-6-jre
Package: pdfsam Severity: important I am using the Sun JDK/JRE and don't want to install OpenJDK to use pdfsam. Pdfsam works with Sun Java. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
