[SCM] Minimal buy-in FITS library and utility package branch, debian, updated. c297842e63228f7abfee2c98dca1d0ae0e096318
Ole Streicher
debian at liska.ath.cx
Mon Jul 22 21:00:48 UTC 2013
The following commit has been merged in the debian branch:
commit abfc741360fdb8f49cc7e11c7461e61303348383
Author: Ole Streicher <debian at liska.ath.cx>
Date: Mon Jul 22 22:07:40 2013 +0200
Check command line input for funjoin and funimage. Closes: #715928, #715929
diff --git a/debian/changelog b/debian/changelog
index 11b1bba..972e2dd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+funtools (1.4.4-4) unstable; urgency=low
+
+ * Check command line input for funjoin and funimage. Closes: #715928, #715929
+
+ -- Ole Streicher <debian at liska.ath.cx> Mon, 22 Jul 2013 22:03:24 +0200
+
funtools (1.4.4-3) unstable; urgency=low
* Update ds9 patches from version 7.0
diff --git a/debian/patches/fix_crashes.patch b/debian/patches/fix_crashes.patch
new file mode 100644
index 0000000..75d6908
--- /dev/null
+++ b/debian/patches/fix_crashes.patch
@@ -0,0 +1,99 @@
+Author: Ole Streicher <debian at liska.ath.cx>
+Description: Check cmd line arguments for illegal input that caused crashes
+ found with the "Mayhem" tool.
+Bug: http://bugs.debian.org/715928
+Bug: http://bugs.debian.org/715929
+--- a/funjoin.c
++++ b/funjoin.c
+@@ -737,7 +737,7 @@ main(argc, argv)
+ case 'a':
+ if( argv[i][2] ){
+ j = atoi(&argv[i][2])-1;
+- if( (j >= 0) && (j < MAXIFILE) ){
++ if( (j >= 0) && (j < MAXIFILE) && (i < argc-1)){
+ files[j].actstr = argv[++i];
+ }
+ else{
+@@ -751,7 +751,7 @@ main(argc, argv)
+ case 'b':
+ if( argv[i][2] ){
+ j = atoi(&argv[i][2])-1;
+- if( (j >= 0) && (j < MAXIFILE) ){
++ if( (j >= 0) && (j < MAXIFILE) && (i < argc-1)){
+ files[j].bstr = argv[++i];
+ }
+ else{
+@@ -765,7 +765,7 @@ main(argc, argv)
+ case 'j':
+ if( argv[i][2] ){
+ j = atoi(&argv[i][2])-1;
+- if( (j >= 0) && (j < MAXIFILE) ){
++ if( (j >= 0) && (j < MAXIFILE) && (i < argc-1)){
+ files[j].jname = argv[++i];
+ }
+ else{
+@@ -773,25 +773,35 @@ main(argc, argv)
+ }
+ }
+ else{
+- defcol = argv[++i];
++ if (i < argc-1) {
++ defcol = argv[++i];
++ }
+ }
+ break;
+ case 'm':
+- minmatch = atoi(argv[++i])+1;
++ if (i < argc-1) {
++ minmatch = atoi(argv[++i])+1;
++ }
+ if( minmatch < 1 ) minmatch = 1;
+ break;
+ case 'M':
+- maxmatch = atoi(argv[++i])+1;
++ if (i < argc-1) {
++ maxmatch = atoi(argv[++i])+1;
++ }
+ if( maxmatch < 1 ) maxmatch = 1;
+ break;
+ case 's':
+ jfiles = JFILES_COL;
+ break;
+ case 'S':
+- jfiles = argv[++i];
++ if (i < argc-1) {
++ jfiles = argv[++i];
++ }
+ break;
+ case 't':
+- tol = atof(argv[++i]);
++ if (i < argc-1) {
++ tol = atof(argv[++i]);
++ }
+ if( tol <= 0 ){
+ gerror(stderr, "tolerance value must be positive\n");
+ }
+--- a/funimage.c
++++ b/funimage.c
+@@ -338,12 +338,16 @@ main(argc, argv)
+ t = strchr(s, ',');
+ strncat(newname, s, t-s);
+ strncat(newname, ",y:", SZ_LINE-strlen(newname));
+- s = ++t;
+- t = strchr(s, ',');
+- strncat(newname, s, t-s);
++ if (t != NULL) {
++ s = ++t;
++ t = strchr(s, ',');
++ strncat(newname, s, t-s);
++ }
+ strncat(newname, "),", SZ_LINE-strlen(newname));
+- s = ++t;
+- strncat(newname, s, SZ_LINE-strlen(newname));
++ if (t != NULL) {
++ s = ++t;
++ strncat(newname, s, SZ_LINE-strlen(newname));
++ }
+ iname = newname;
+ }
+
diff --git a/debian/patches/series b/debian/patches/series
index 18fb65f..b496ff8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,3 +7,4 @@ use_shared_libwcstools.patch
build_tclfun.patch
build_bsd+hurd.patch
ds9_fixes.diff
+fix_crashes.patch
--
Minimal buy-in FITS library and utility package
More information about the debian-science-commits
mailing list