Package: xpilot-ng-client-x11 Version: 1:4.7.3-1.4 This bug is due to me triaging the ubuntu bug https://bugs.launchpad.net/debian/+source/xpilot-ng/+bug/1033250
On ubuntu, with xpilot-ng built with fortify, there is a crash when asking for an internet game. This is due to a 1 char too short buffer for holding the pingtime to the server; there is a use of a magic constant (10000) that when printed into the 5 char buffer for the ping time overruns by 1 due to the terminating \0 I submitted this trivial patch to Ubuntu and upstream: ## Description: pingtime_str must be large enough for the PING_UNKNOWN response ## Origin/Author: d...@treblig.org ## Bug: https://bugs.launchpad.net/ubuntu/+source/xpilot-ng/+bug/1033250 Index: bug-1033250/src/client/meta.h =================================================================== --- bug-1033250.orig/src/client/meta.h 2012-12-03 00:31:16.401262000 +0000 +++ bug-1033250/src/client/meta.h 2012-12-03 00:47:07.749565028 +0000 @@ -41,6 +41,7 @@ #define NUM_META_DATA_FIELDS 18 #define META_INIT_SOCK {-2, {0, 0}, 0, {0, 0, 0}, NULL, NULL} +/* Note: pingtime_str must be long enough to hold these constants and a NIL */ #define PING_UNKNOWN 10000 /* never transmitted a ping to it */ #define PING_NORESP 9999 /* never responded to our ping */ #define PING_SLOW 9998 /* responded to first ping after @@ -72,7 +73,7 @@ *playlist, *sound, *teambases_str, - *timing, *ip_str, *freebases, *queue_str, *domain, pingtime_str[5]; + *timing, *ip_str, *freebases, *queue_str, *domain, pingtime_str[6]; unsigned port, ip, users, bases, fps, uptime, teambases, queue, pingtime; struct timeval start; -- -----Open up your eyes, open up your mind, open up your code ------- / Dr. David Alan Gilbert | Running GNU/Linux | Happy \ \ gro.gilbert @ treblig.org | | In Hex / \ _________________________|_____ http://www.treblig.org |_______/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
