[cpl] 01/01: Fix cpl_table crash found with sanitize
Ole Streicher
olebole at moszumanska.debian.org
Mon Apr 27 08:31:30 UTC 2015
This is an automated email from the git hooks/post-receive script.
olebole pushed a commit to branch debian
in repository cpl.
commit a9d335caf1d3eaa56308bbb7d738822c03c50d95
Author: Ole Streicher <debian at liska.ath.cx>
Date: Mon Apr 27 10:31:07 2015 +0200
Fix cpl_table crash found with sanitize
---
debian/patches/fix_cpltable.patch | 38 ++++++++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 39 insertions(+)
diff --git a/debian/patches/fix_cpltable.patch b/debian/patches/fix_cpltable.patch
new file mode 100644
index 0000000..d84df53
--- /dev/null
+++ b/debian/patches/fix_cpltable.patch
@@ -0,0 +1,38 @@
+Author: Ole Streicher <olebole at debian.org>
+Description: Fix cpl_table crash found with sanitize
+ Don't try to process sdata[j] past the terminating '\0' character.
+ This fixes the following crash:
+ .
+ ERROR: AddressSanitizer: global-buffer-overflow on address 0x7fc23ba80ca1 at pc 0x7fc23b96173f bp 0x7fff53ff6e90 sp 0x7fff53ff6e88
+ READ of size 1 at 0x7fc23ba80ca1 thread T0
+ #0 0x7fc23b96173e in _cpl_table_save_legacy cplcore/cpl_table.c:25999
+ #1 0x7fc23b96ad9f in cpl_table_save cplcore/cpl_table.c:31602
+ #2 0x41206e in cpl_table_test_main cplcore/tests/cpl_table-test.c:812
+ #3 0x404657 in main cplcore/tests/cpl_table-test.c:216
+ #4 0x7fc23a499b44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)
+ #5 0x404568 (cplcore/tests/.libs/lt-cpl_table-test+0x404568)
+ .
+ 0x7fc23ba80ca1 is located 63 bytes to the left of global variable '*.LC54' from 'cpl_table.c' (0x7fc23ba80ce0) of size 7
+ '*.LC54' is ascii string '%lld%c'
+ 0x7fc23ba80ca1 is located 0 bytes to the right of global variable '*.LC53' from 'cpl_table.c' (0x7fc23ba80ca0) of size 1
+ '*.LC53' is ascii string ''
+--- a/cplcore/cpl_table.c
++++ b/cplcore/cpl_table.c
+@@ -25996,7 +25996,7 @@
+ for (m = 0, j = 0; j < depth; j++) {
+ eccolo = 0;
+ for (n = 0; n < field_size; n++, m++) {
+- if (sdata[j][n] == '\0') {
++ if (!eccolo && (sdata[j][n] == '\0')) {
+ eccolo = 1;
+ }
+ if (eccolo) {
+@@ -29281,7 +29281,7 @@
+ for (m = 0, j = 0; j < depth; j++) {
+ eccolo = 0;
+ for (n = 0; n < field_size; n++, m++) {
+- if (sdata[j][n] == '\0') {
++ if (!eccolo && (sdata[j][n] == '\0')) {
+ eccolo = 1;
+ }
+ if (eccolo) {
diff --git a/debian/patches/series b/debian/patches/series
index d365b07..2be7f9e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@ no_compiletime_cpucheck.patch
fix_required_versions.patch
serial-tests
reproducible_build.patch
+fix_cpltable.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-astro/packages/cpl.git
More information about the debian-science-commits
mailing list