Your message dated Wed, 03 Dec 2014 21:38:21 +0100
with message-id <[email protected]>
and subject line Re: Bug#771889: unblock: gettext/0.19.3-2
has caused the Debian Bug report #771889,
regarding unblock: gettext/0.19.3-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
771889: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771889
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
User: [email protected]
Usertags: unblock
Severity: normal
I'd like to ask the unblocking of gettext 0.19.3-2.
This release fixes three memory related bugs, in every case the fix
comes directly from upstream git.
debdiff follows.
Thanks.
diff -Nru gettext-0.19.3/debian/changelog gettext-0.19.3/debian/changelog
--- gettext-0.19.3/debian/changelog 2014-10-23 15:35:20.000000000 +0200
+++ gettext-0.19.3/debian/changelog 2014-11-30 12:10:51.000000000 +0100
@@ -1,3 +1,16 @@
+gettext (0.19.3-2) unstable; urgency=low
+
+ * xgettext: Fix double-free in singular/plural argument extraction.
+ See http://lists.gnu.org/archive/html/bug-gettext/2014-10/msg00028.html
+ Patch extracted from upstream commits 8137d2b and 84044b5.
+ * msgunfmt: Fix segfault on certain (slightly corrupted) .mo files.
+ Patch extracted from upstream commit abf93d1. Closes: #769901.
+ * msgfilter: Fix read buffer allocation for empty input.
+ See http://lists.gnu.org/archive/html/bug-gettext/2014-11/msg00008.html
+ Patch extracted from upstream commit 06e206f.
+
+ -- Santiago Vila <[email protected]> Sun, 30 Nov 2014 12:10:20 +0100
+
gettext (0.19.3-1) unstable; urgency=low
* New upstream release.
diff -Nru gettext-0.19.3/debian/patches/04-xgettext-fix-double-free
gettext-0.19.3/debian/patches/04-xgettext-fix-double-free
--- gettext-0.19.3/debian/patches/04-xgettext-fix-double-free 1970-01-01
01:00:00.000000000 +0100
+++ gettext-0.19.3/debian/patches/04-xgettext-fix-double-free 2014-11-30
12:04:00.000000000 +0100
@@ -0,0 +1,94 @@
+From: Daiki Ueno <[email protected]>
+Subject: Fix double-free in singular/plural argument extraction
+X-Debian-version: 0.19.3-2
+
+--- a/gettext-tools/src/xgettext.c
++++ b/gettext-tools/src/xgettext.c
+@@ -3099,9 +3099,9 @@
+ char *msgid = parser->parse (best_cp->msgid,
+ &best_cp->msgid_pos,
+ best_cp->msgid_escape);
+- free (best_cp->msgid);
+ if (best_cp->msgid_plural == best_cp->msgid)
+ best_cp->msgid_plural = msgid;
++ free (best_cp->msgid);
+ best_cp->msgid = msgid;
+ }
+ else
+@@ -3110,26 +3110,7 @@
+ CONVERT_STRING (best_cp->msgid, lc_string);
+ }
+
+- if (best_cp->msgid_comment != NULL)
+- {
+- refcounted_string_list_ty *msgid_comment =
+- savable_comment_convert_encoding (best_cp->msgid_comment,
+- &best_cp->msgid_pos);
+- drop_reference (best_cp->msgid_comment);
+- best_cp->msgid_comment = msgid_comment;
+- }
+-
+- /* best_cp->msgctxt and best_cp->msgid are already in
+- UTF-8. Prevent further conversion in remember_a_message. */
+- encoding = xgettext_current_source_encoding;
+- xgettext_current_source_encoding = po_charset_utf8;
+- mp = remember_a_message (ap->mlp, best_cp->msgctxt,
best_cp->msgid,
+- msgid_context,
+- &best_cp->msgid_pos,
+- NULL, best_cp->msgid_comment);
+- xgettext_current_source_encoding = encoding;
+-
+- if (mp != NULL && best_cp->msgid_plural != NULL)
++ if (best_cp->msgid_plural)
+ {
+ /* best_cp->msgid_plural may point to best_cp->msgid.
+ In that case, it is already interpreted and converted. */
+@@ -3152,14 +3133,41 @@
+ }
+ }
+
+- encoding = xgettext_current_source_encoding;
+- xgettext_current_source_encoding = po_charset_utf8;
+- remember_a_message_plural (mp, best_cp->msgid_plural,
+- msgid_plural_context,
+- &best_cp->msgid_plural_pos,
+- NULL);
+- xgettext_current_source_encoding = encoding;
++ /* If best_cp->msgid_plural equals to best_cp->msgid,
++ the ownership will be transferred to
++ remember_a_message before it is passed to
++ remember_a_message_plural.
++
++ Make a copy of the string in that case. */
++ if (best_cp->msgid_plural == best_cp->msgid)
++ best_cp->msgid_plural = xstrdup (best_cp->msgid);
++ }
++
++ if (best_cp->msgid_comment != NULL)
++ {
++ refcounted_string_list_ty *msgid_comment =
++ savable_comment_convert_encoding (best_cp->msgid_comment,
++ &best_cp->msgid_pos);
++ drop_reference (best_cp->msgid_comment);
++ best_cp->msgid_comment = msgid_comment;
+ }
++
++ /* best_cp->msgctxt, best_cp->msgid, and best_cp->msgid_plural
++ are already in UTF-8. Prevent further conversion in
++ remember_a_message. */
++ encoding = xgettext_current_source_encoding;
++ xgettext_current_source_encoding = po_charset_utf8;
++ mp = remember_a_message (ap->mlp, best_cp->msgctxt,
best_cp->msgid,
++ msgid_context,
++ &best_cp->msgid_pos,
++ NULL, best_cp->msgid_comment);
++ if (mp != NULL && best_cp->msgid_plural != NULL)
++ remember_a_message_plural (mp,
++ best_cp->msgid_plural,
++ msgid_plural_context,
++ &best_cp->msgid_plural_pos,
++ NULL);
++ xgettext_current_source_encoding = encoding;
+ }
+
+ if (best_cp->xcomments.nitems > 0)
diff -Nru gettext-0.19.3/debian/patches/05-msgunfmt-fix-segfault
gettext-0.19.3/debian/patches/05-msgunfmt-fix-segfault
--- gettext-0.19.3/debian/patches/05-msgunfmt-fix-segfault 1970-01-01
01:00:00.000000000 +0100
+++ gettext-0.19.3/debian/patches/05-msgunfmt-fix-segfault 2014-11-30
12:05:00.000000000 +0100
@@ -0,0 +1,26 @@
+From: Daiki Ueno <[email protected]>
+Subject: Fix segfault on certain (slightly corrupted) .mo files
+Bug-Debian: http://bugs.debian.org/769901
+X-Debian-version: 0.19.3-2
+
+--- a/gettext-tools/src/read-mo.c
++++ b/gettext-tools/src/read-mo.c
+@@ -38,6 +38,7 @@
+ #include "message.h"
+ #include "format.h"
+ #include "gettext.h"
++#include "xsize.h"
+
+ #define _(str) gettext (str)
+
+@@ -121,8 +122,9 @@
+ /* See 'struct string_desc'. */
+ nls_uint32 s_length = get_uint32 (bfp, offset);
+ nls_uint32 s_offset = get_uint32 (bfp, offset + 4);
++ size_t s_end = xsum3 (s_offset, s_length, 1);
+
+- if (s_offset + s_length + 1 > bfp->size)
++ if (size_overflow_p (s_end) || s_end > bfp->size)
+ error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
+ if (bfp->data[s_offset + s_length] != '\0')
+ error (EXIT_FAILURE, 0,
diff -Nru gettext-0.19.3/debian/patches/06-msgfilter-fix-read-buffer-allocation
gettext-0.19.3/debian/patches/06-msgfilter-fix-read-buffer-allocation
--- gettext-0.19.3/debian/patches/06-msgfilter-fix-read-buffer-allocation
1970-01-01 01:00:00.000000000 +0100
+++ gettext-0.19.3/debian/patches/06-msgfilter-fix-read-buffer-allocation
2014-11-30 12:06:00.000000000 +0100
@@ -0,0 +1,15 @@
+From: Daiki Ueno <[email protected]>
+Subject: Fix read buffer allocation for empty input
+X-Debian-version: 0.19.3-2
+
+--- a/gettext-tools/src/msgfilter.c
++++ b/gettext-tools/src/msgfilter.c
+@@ -554,7 +554,7 @@
+
+ if (l->length == l->allocated)
+ {
+- l->allocated = l->allocated + (l->allocated >> 1);
++ l->allocated = l->allocated + (l->allocated >> 1) + 1;
+ l->result = (char *) xrealloc (l->result, l->allocated);
+ }
+ *num_bytes_p = l->allocated - l->length;
diff -Nru gettext-0.19.3/debian/patches/series
gettext-0.19.3/debian/patches/series
--- gettext-0.19.3/debian/patches/series 2014-10-16 21:18:57.000000000
+0200
+++ gettext-0.19.3/debian/patches/series 2014-11-30 12:10:00.000000000
+0100
@@ -1,4 +1,7 @@
01-do-not-use-java-in-urlget
02-msgfmt-default-little-endian
03-libtool-powerpc-le
+04-xgettext-fix-double-free
+05-msgunfmt-fix-segfault
+06-msgfilter-fix-read-buffer-allocation
99-config-guess-config-sub
--- End Message ---
--- Begin Message ---
On 2014-12-03 09:50, Santiago Vila wrote:
> Package: release.debian.org
> User: [email protected]
> Usertags: unblock
> Severity: normal
>
> I'd like to ask the unblocking of gettext 0.19.3-2.
>
> This release fixes three memory related bugs, in every case the fix
> comes directly from upstream git.
>
> debdiff follows.
>
> Thanks.
>
> [...]
Unblocked, thanks.
~Niels
--- End Message ---
