Your message dated Sun, 03 Apr 2022 18:34:46 +0000 with message-id <[email protected]> and subject line Bug#620375: fixed in mathtex 1.03-1.1 has caused the Debian Bug report #620375, regarding mathtex: may hang due to use of strcpy() on overlapping region to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 620375: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620375 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: mathtex Version: 1.03-1 Severity: important Here is a patch for mathtex 1.03: root@ct101:/home/latex/public_html/mathtex/123# diff -u mathtex.c patched.c --- mathtex.c 2010-06-11 23:34:25.000000000 +0000 +++ patched.c 2011-04-01 14:28:44.000000000 +0000 @@ -3630,7 +3630,7 @@ shift from left or right to accommodate replacement of its nfirst chars by to -------------------------------------------------------------------------- */ if ( tolen < nfirst ) /* shift left is easy */ - strcpy(from,from+nshift); /* because memory doesn't overlap */ + memmove(from,from+nshift,strlen(from+nshift)+1); if ( tolen > nfirst ) /* need more room at start of from */ { char *pfrom = from+strlen(from); /* ptr to null terminating from */ for ( ; pfrom>=from; pfrom-- ) /* shift all chars including null */ What regards this line: - strcpy(from,from+nshift); /* because memory doesn't overlap */ The memory overlaps, indeed. Strings `from` and `from+nshift` shares strlen(from) - nshift common bytes! Sometimes it may work (it worked on my Debian Lenny), but on Debian Squeeze amd64 it produces malformed string as a result. Using memmove fixes this problem. + memmove(from,from+nshift,strlen(from+nshift)+1); -- System Information: Debian Release: 6.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-openvz-amd64 (SMP w/8 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages mathtex depends on: ii dvipng 1.13-1 convert DVI files to PNG graphics ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii texlive 2009-11 TeX Live: A decent selection of th mathtex recommends no packages. mathtex suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: mathtex Source-Version: 1.03-1.1 Done: Marcos Talau <[email protected]> We believe that the bug you reported is fixed in the latest version of mathtex, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Marcos Talau <[email protected]> (supplier of updated mathtex package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 31 Mar 2022 22:07:51 -0300 Source: mathtex Architecture: source Version: 1.03-1.1 Distribution: unstable Urgency: medium Maintainer: Johan Henriksson <[email protected]> Changed-By: Marcos Talau <[email protected]> Closes: 620375 999194 Changes: mathtex (1.03-1.1) unstable; urgency=medium . * Non-maintainer upload. * Add patch to fix a hang due to use of strcpy() on overlapping region. Thanks to Steven McDonald. Closes: #620375. * debian/rules: Add build-{arch,indep} (Closes: #999194). Checksums-Sha1: cd1201a7ede03268398e71bfadeb2812b3731646 1713 mathtex_1.03-1.1.dsc 3e95480dee051e922482b9d726430ff5a720b66b 4009 mathtex_1.03-1.1.diff.gz 3bc6f573d46d9ebfd511055231d0ecb3961bcfd1 5807 mathtex_1.03-1.1_source.buildinfo Checksums-Sha256: cb8b1e74ee94caf82a6146ff6aba2b5db6bcc8072034c0c2f58de070a3e127f8 1713 mathtex_1.03-1.1.dsc 02b93371a9cc1593d7ec62c682932887d5c8349e81dcaaf1bff3bda1309e6b74 4009 mathtex_1.03-1.1.diff.gz f1dc24bfd9590365805515d50600a36c79225885a6ddf9f8be82f8c82ce9ccdb 5807 mathtex_1.03-1.1_source.buildinfo Files: 57b883f3c173bc11f811098f925b46e0 1713 graphics optional mathtex_1.03-1.1.dsc 0ea42bd49c621edf6c4524d1fa727d36 4009 graphics optional mathtex_1.03-1.1.diff.gz 509eebbebfe540a4f9ffd0dd60f8f20f 5807 graphics optional mathtex_1.03-1.1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEENX3LDuyVoBrrofDS3mO5xwTr6e8FAmJHPLwACgkQ3mO5xwTr 6e+YZhAAiyiF548+Wx4Baa7H9JUL8RQYwWv7uQvaSZTGn6GBx/Knd8sa1yMMhRxO o9eLyCFalOSGD6xq6GfbtZuuD73ijcM0Jdog+DDcn5zVqny5IeLHoekSPqUk9R2B NJ6LeSpHuUj0T4dYtF4Aw8JI7Ic56ghClSgbWdEw5jz8/NYSR3e1311iM03+f8WI Dm22rFxvyKyHyvGzv2p9hWdPD58vcPSPHNaBdn2MCT7wqfX6HHDRxHcIqtxweuAQ 4YvkUWmKI9EqgWqmIbPTEKDg+UX7vzM7rB60l71EOH0gv64qFHn7B17bWRMkEIer D2UvWQ28SMLIc3Af2xKO5B3JsbxqprFFqQoYdc9VPQX1b/Zvd8eCC+tL+Tlt5gWc Xf81PaQce5Lo1RfZE1aK5o8A1HLv9o9o+JYWWqXrwxvhhPW1F0wtvtaLQdwRBhBY +y4A6UgMhcUqwxFr4uC32mZK4fp3X3VB0SFafXD3LmPx1obte7e7k7Fj5eTC2VBM k3T6qw3I3hp0xdxTBmfURKTJtQ/R6RX/CdszD78safsy9R4uc9qU8DY3SotNAZ+Q 3jAECuQbzBjpSwN3SAZBnOIy6sP/zU09GhnrmtI05Jh10XtbO3HQM61R18KhsVpn Vrw5OK+ZGl5dM+tZQ12PnVehjQwDxZzTGRPBLglvaSdpGOcDrUQ= =X3GE -----END PGP SIGNATURE-----
--- End Message ---
