[eso-midas] 08/16: Fix stack error if no "]" was there

Wed Mar 25 14:16:07 UTC 2015

This is an automated email from the git hooks/post-receive script.

olebole pushed a commit to branch debian
in repository eso-midas.

commit 343d0a0d10e9cb004ad22c489fb619dc69d23135
Author: Ole Streicher <debian at liska.ath.cx>
Date:   Wed Mar 25 13:41:58 2015 +0100

    Fix stack error if no "]" was there
---
 debian/patches/fix_cextrco_c.patch | 42 ++++++++++++++++++++++++++++++++++++++
 debian/patches/series              |  1 +
 2 files changed, 43 insertions(+)

diff --git a/debian/patches/fix_cextrco_c.patch b/debian/patches/fix_cextrco_c.patch
new file mode 100644
index 0000000..f853787
--- /dev/null
+++ b/debian/patches/fix_cextrco_c.patch
@@ -0,0 +1,42 @@
+Author: Ole Streicher <olebole at debian.org>
+Description: Fix stack error if no "]" was there
+ CGN_INDEXC() returns -1 if the search string was not found which needs
+ to be tested.
+ .
+ This fixes the following -fsanitizer=address error:
+ .
+  ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff67b0d89f at pc 0x46b47c bp 0x7fff6
+  WRITE of size 1 at 0x7fff67b0d89f thread T0
+    #0 0x46b47b in Convcoo prim/general/libsrc/cextrco.c:593
+    #1 0x41ed32 in PIXEL_ACCESS monit/prepc3.c:583
+    #2 0x45ff47 in IMMEDIATE monit/prepc4.c:816
+    #3 0x45136e in prepx monit/prepx.c:605
+    #4 0x404e39 in main monit/prepa.c:168
+    #5 0x7f9147501b44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)
+    #6 0x406874 (monit/prepa.exe+0x406874)
+ .
+  Address 0x7fff67b0d89f is located in stack of thread T0 at offset 351 in frame
+    #0 0x46b14f in Convcoo prim/general/libsrc/cextrco.c:547
+ .
+  This frame has 6 object(s):
+    [32, 36) 'iav'
+    [96, 100) 'uni'
+    [160, 164) 'nulo'
+    [224, 256) 'dd1'
+    [288, 320) 'dd2'
+    [352, 432) 'subst' <== Memory access at offset 351 underflows this variable
+
+--- a/prim/general/libsrc/cextrco.c
++++ b/prim/general/libsrc/cextrco.c
+@@ -590,7 +590,10 @@
+    if (bracket > 0) 
+       {
+       k = CGN_INDEXC(subst,']');
+-      subst[k] = '\0';
++      if (k >= 0)
++          {
++	  subst[k] = '\0';
++          }
+       }
+    else
+       {
diff --git a/debian/patches/series b/debian/patches/series
index 374776b..c781176 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -21,3 +21,4 @@ fix_esoext_c.patch
 fix_filepath_c.patch
 fix_mutil_h.patch
 fix_scc_c.patch
+fix_cextrco_c.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-astro/packages/eso-midas.git

