r43840 - in /packages/gmp/trunk/debian: changelog patches/series patches/upstream-dcpi1_bdiv_q.patch

smr at users.alioth.debian.org smr at users.alioth.debian.org
Tue Aug 30 01:58:20 UTC 2011 

Author: smr
Date: Tue Aug 30 01:58:20 2011
New Revision: 43840

URL: http://svn.debian.org/wsvn/debian-science/?sc=1&rev=43840
Log:
Incorporate upstream patch.

Added:
    packages/gmp/trunk/debian/patches/upstream-dcpi1_bdiv_q.patch
Modified:
    packages/gmp/trunk/debian/changelog
    packages/gmp/trunk/debian/patches/series

Modified: packages/gmp/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/debian-science/packages/gmp/trunk/debian/changelog?rev=43840&op=diff
==============================================================================
--- packages/gmp/trunk/debian/changelog (original)
+++ packages/gmp/trunk/debian/changelog Tue Aug 30 01:58:20 2011
@@ -8,8 +8,17 @@
   * patches/s390x.patch: New. 
   * rules: Patches to enable building on s390x (thanks, Andreas Krebbel).
     Closes: #635461.
-
- -- Steve M. Robbins <smr at debian.org>  Mon, 29 Aug 2011 20:51:09 -0500
+  
+  * patches/upstream-dcpi1_bdiv_q.patch.  New.  Upstream fix: There is a
+    GMP bug in mpn/generic/dcpi1_bdiv_q.c that causes incorrect
+    computation with extremely low probability, for unnormalised
+    dividends. The bug might also result in a decrement of memory above
+    dividends, with some potential security impact. The bug might affect
+    several user-level routines, e.g., mpz_invert, but only for operands
+    of at least 3000 bits (for smaller operands, a simpler algorithm is
+    used).
+
+ -- Steve M. Robbins <smr at debian.org>  Mon, 29 Aug 2011 20:58:05 -0500
 
 gmp (2:5.0.1+dfsg-7) unstable; urgency=low
 

Modified: packages/gmp/trunk/debian/patches/series
URL: http://svn.debian.org/wsvn/debian-science/packages/gmp/trunk/debian/patches/series?rev=43840&op=diff
==============================================================================
--- packages/gmp/trunk/debian/patches/series (original)
+++ packages/gmp/trunk/debian/patches/series Tue Aug 30 01:58:20 2011
@@ -1,1 +1,2 @@
 s390x.patch
+upstream-dcpi1_bdiv_q.patch

Added: packages/gmp/trunk/debian/patches/upstream-dcpi1_bdiv_q.patch
URL: http://svn.debian.org/wsvn/debian-science/packages/gmp/trunk/debian/patches/upstream-dcpi1_bdiv_q.patch?rev=43840&op=file
==============================================================================
--- packages/gmp/trunk/debian/patches/upstream-dcpi1_bdiv_q.patch (added)
+++ packages/gmp/trunk/debian/patches/upstream-dcpi1_bdiv_q.patch Tue Aug 30 01:58:20 2011
@@ -1,0 +1,47 @@
+Description: Upstream bug fix
+ There is a GMP bug in mpn/generic/dcpi1_bdiv_q.c that causes
+ incorrect computation with extremely low probability, for
+ unnormalised dividends. The bug might also result in a decrement of
+ memory above dividends, with some potential security impact. The bug
+ might affect several user-level routines, e.g., mpz_invert, but only
+ for operands of at least 3000 bits (for smaller operands, a simpler
+ algorithm is used).
+Origin: http://gmplib.org:8000/gmp-5.0/raw-rev/538dfce27f41
+
+# HG changeset patch
+# User Torbjorn Granlund <tege at gmplib.org>
+# Date 1310730221 -7200
+# Node ID 538dfce27f410b910d5e2f011119269e224d16a3
+# Parent  03ed209dd7efd4f4fff0ce297bb3a8f7e7ba2366
+(mpn_dcpi1_bdiv_q): Get mpn_sub_1 size argument right.
+
+diff -r 03ed209dd7ef -r 538dfce27f41 mpn/generic/dcpi1_bdiv_q.c
+--- a/mpn/generic/dcpi1_bdiv_q.c	Thu Jun 16 12:22:24 2011 +0200
++++ b/mpn/generic/dcpi1_bdiv_q.c	Fri Jul 15 13:43:41 2011 +0200
+@@ -7,7 +7,7 @@
+    SAFE TO REACH THEM THROUGH DOCUMENTED INTERFACES.  IN FACT, IT IS ALMOST
+    GUARANTEED THAT THEY WILL CHANGE OR DISAPPEAR IN A FUTURE GMP RELEASE.
+ 
+-Copyright 2006, 2007, 2009, 2010 Free Software Foundation, Inc.
++Copyright 2006, 2007, 2009, 2010, 2011 Free Software Foundation, Inc.
+ 
+ This file is part of the GNU MP Library.
+ 
+@@ -28,7 +28,6 @@
+ #include "gmp-impl.h"
+ 
+ 
+-
+ mp_size_t
+ mpn_dcpi1_bdiv_q_n_itch (mp_size_t n)
+ {
+@@ -130,7 +129,7 @@
+       qn = nn - qn;
+       while (qn > dn)
+ 	{
+-	  mpn_sub_1 (np + dn, np + dn, qn, cy);
++	  mpn_sub_1 (np + dn, np + dn, qn - dn, cy);
+ 	  cy = mpn_dcpi1_bdiv_qr_n (qp, np, dp, dn, dinv, tp);
+ 	  qp += dn;
+ 	  np += dn;
+

More information about the debian-science-commits mailing list