Your message dated Sun, 07 May 2017 16:30:00 +0000 with message-id <fdb3f457-907c-0544-1702-1d6b83fa3...@thykier.net> and subject line Re: Bug#861800: unblock: hydra/8.3-3 has caused the Debian Bug report #861800, regarding unblock: hydra/8.3-3 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 861800: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861800 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock Hi, Please unblock package hydra. The updated package fixes a problem observed on amd64: Restoring a session using `hydra -R` will sometimes cause all forked processes to die with a "double free or corruption" error. The newly included patch (also merged by upstream) allocates the required size to store pointers (which is not generally sizeof(int)) correctly, fixing the bug described above. The patch is quite small (only changes three lines) and fixes Debian bug #861058 which has severity important. The upload also includes a minor update to the man page. The changelog entry is: hydra (8.3-3) unstable; urgency=medium * Team upload. [ Gianfranco Costamagna ] * Fix newline in manpage (Closes: #853807) [ Lukas Schwaighofer ] * Allocate required pointer size correctly. This fixes an issue with session restore (`hydra -R`) causing the forked hydra processes to die with a "double free or corruption" error. (Closes: #861058) -- Lukas Schwaighofer <lu...@schwaighofer.name> Wed, 03 May 2017 19:06:30 +0200 The source debdiff between the versions 8.3-2 and 8.3-3 is attached. Thank you Lukas Schwaighofer unblock hydra/8.3-3diff -Nru hydra-8.3/debian/changelog hydra-8.3/debian/changelog --- hydra-8.3/debian/changelog 2016-11-27 17:17:26.000000000 +0100 +++ hydra-8.3/debian/changelog 2017-05-03 20:47:26.000000000 +0200 @@ -1,3 +1,17 @@ +hydra (8.3-3) unstable; urgency=medium + + * Team upload. + + [ Gianfranco Costamagna ] + * Fix newline in manpage (Closes: #853807) + + [ Lukas Schwaighofer ] + * Allocate required pointer size correctly. This fixes an issue with + session restore (`hydra -R`) causing the forked hydra processes to die + with a "double free or corruption" error. (Closes: #861058) + + -- Lukas Schwaighofer <lu...@schwaighofer.name> Wed, 03 May 2017 19:06:30 +0200 + hydra (8.3-2) unstable; urgency=medium * Team upload. diff -Nru hydra-8.3/debian/patches/10_fix_typos_in_manpage.diff hydra-8.3/debian/patches/10_fix_typos_in_manpage.diff --- hydra-8.3/debian/patches/10_fix_typos_in_manpage.diff 2016-11-27 17:17:26.000000000 +0100 +++ hydra-8.3/debian/patches/10_fix_typos_in_manpage.diff 2017-04-26 00:38:31.000000000 +0200 @@ -1,5 +1,6 @@ Description: Fix typos in manpage -Forwarded: no +Forwarded: https://github.com/vanhauser-thc/thc-hydra/pull/188 + https://github.com/vanhauser-thc/thc-hydra/pull/187 Author: Daniel Echeverry <epsilo...@gmail.com> Last-Update: 2016-06-16 --- a/xhydra.1 diff -Nru hydra-8.3/debian/patches/11_fix_man_typo.patch hydra-8.3/debian/patches/11_fix_man_typo.patch --- hydra-8.3/debian/patches/11_fix_man_typo.patch 1970-01-01 01:00:00.000000000 +0100 +++ hydra-8.3/debian/patches/11_fix_man_typo.patch 2017-04-26 00:38:31.000000000 +0200 @@ -0,0 +1,16 @@ +Description: Fix typo preventiing -d from being correctly displayed +Author: Gianfranco Costamagna <locutusofb...@debian.org> +Bug-Debian: https://bugs.debian.org/853807 + +Forwarded: https://github.com/vanhauser-thc/thc-hydra/pull/186 + +--- hydra-8.3.orig/hydra.1 ++++ hydra-8.3/hydra.1 +@@ -105,6 +105,7 @@ prefer IPv4 (default) or IPv6 addresses + .TP + .B \-v / \-V + verbose mode / show login+pass combination for each attempt ++.TP + .B \-d + debug mode + .TP diff -Nru hydra-8.3/debian/patches/12_allocate-pointer-size-correctly.path hydra-8.3/debian/patches/12_allocate-pointer-size-correctly.path --- hydra-8.3/debian/patches/12_allocate-pointer-size-correctly.path 1970-01-01 01:00:00.000000000 +0100 +++ hydra-8.3/debian/patches/12_allocate-pointer-size-correctly.path 2017-05-03 20:47:26.000000000 +0200 @@ -0,0 +1,46 @@ +Author: Lukas Schwaighofer <lu...@schwaighofer.name> +Date: Tue, 25 Apr 2017 23:31:39 +0200 +Description: do not assume that sizeof(int) is the same as the pointer size +Bug: https://github.com/vanhauser-thc/thc-hydra/issues/27 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861058 +Forwarded: https://github.com/vanhauser-thc/thc-hydra/pull/209 + +Allocate required pointer size correctly. This fixes an issue with session +restore (`hydra -R`) causing the forked hydra processes to die with a "double +free or corruption" error. + +--- + hydra.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/hydra.c b/hydra.c +index 0704f49..1a49d30 100644 +--- a/hydra.c ++++ b/hydra.c +@@ -929,7 +929,7 @@ void hydra_restore_read() { + } + if (debug) + printf("[DEBUG] reading restore file: Step 11 complete\n"); +- hydra_heads = malloc((hydra_options.max_use + 2) * sizeof(int) + 16); ++ hydra_heads = malloc(sizeof(hydra_head*) * hydra_options.max_use); + for (j = 0; j < hydra_options.max_use; j++) { + hydra_heads[j] = malloc(sizeof(hydra_head)); + fck = (int) fread(hydra_heads[j], sizeof(hydra_head), 1, f); +@@ -3350,7 +3350,7 @@ int main(int argc, char *argv[]) { + if (tmpptr != NULL) + *tmpptr = 0; + countservers = hydra_brains.targets = 1; +- hydra_targets = malloc(sizeof(int) * 4); ++ hydra_targets = malloc(sizeof(hydra_target*) * 4); + hydra_targets[0] = malloc(sizeof(hydra_target)); + memset(hydra_targets[0], 0, sizeof(hydra_target)); + hydra_targets[0]->target = servers_ptr = hydra_options.server; +@@ -3408,7 +3408,7 @@ int main(int argc, char *argv[]) { + } + } else { // standard: single target on command line + countservers = hydra_brains.targets = 1; +- hydra_targets = malloc(sizeof(int) * 4); ++ hydra_targets = malloc(sizeof(hydra_target*) * 4); + hydra_targets[0] = malloc(sizeof(hydra_target)); + memset(hydra_targets[0], 0, sizeof(hydra_target)); + hydra_targets[0]->target = servers_ptr = hydra_options.server; diff -Nru hydra-8.3/debian/patches/series hydra-8.3/debian/patches/series --- hydra-8.3/debian/patches/series 2016-11-27 17:17:26.000000000 +0100 +++ hydra-8.3/debian/patches/series 2017-05-03 20:47:26.000000000 +0200 @@ -8,3 +8,5 @@ 07_remove_troubled_files.diff 08_fix_spelling_mistakes.diff 10_fix_typos_in_manpage.diff +11_fix_man_typo.patch +12_allocate-pointer-size-correctly.path
pgpYRWBEBBgW5.pgp
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---Lukas Schwaighofer: > Package: release.debian.org > Severity: normal > User: release.debian....@packages.debian.org > Usertags: unblock > > Hi, > > Please unblock package hydra. The updated package fixes a problem > observed on amd64: Restoring a session using `hydra -R` will sometimes > cause all forked processes to die with a "double free or corruption" > error. > > [...] > > Thank you > Lukas Schwaighofer > > > unblock hydra/8.3-3 > Unblocked, thanks. ~Niels
--- End Message ---
