Package: release.debian.org User: release.debian....@packages.debian.org Usertags: pu Tags: wheezy Severity: normal
Dear RT, Here are a couple of jessie patches, cherry-picked from upstream, that I believe are worth having in wheezy: * memo_zero_len_multipage fixes a buffer overflow while handling some memo fields. * bin_output_fix fixes blob output, because of a source destination inversion in a memcpy. Attached is a debdiff of 0.7-1+deb7u2 against 0.7-1+deb7u1. Can I upload it to stable ? -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (990, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)
diff -Nru mdbtools-0.7/debian/changelog mdbtools-0.7/debian/changelog
--- mdbtools-0.7/debian/changelog 2015-03-14 16:27:10.000000000 +0100
+++ mdbtools-0.7/debian/changelog 2015-03-14 16:33:12.000000000 +0100
@@ -1,3 +1,11 @@
+mdbtools (0.7-1+deb7u2) wheezy; urgency=medium
+
+ * memo_zero_len_multipage: Fix overflow in some memo fields. Thanks to
+ lovelytwo@github.
+ * bin_output_fix: Fix output of binary data. Thanks to tyzhaoqi.
+
+ -- Jean-Michel Nirgal Vourgère <jmv_...@nirgal.com> Sat, 14 Mar 2015 16:33:09 +0100
+
mdbtools (0.7-1+deb7u1) wheezy; urgency=low
* Version libiodbc Breaks now that it can load multiarch drivers, drop
diff -Nru mdbtools-0.7/debian/patches/bin_output_fix mdbtools-0.7/debian/patches/bin_output_fix
--- mdbtools-0.7/debian/patches/bin_output_fix 1970-01-01 01:00:00.000000000 +0100
+++ mdbtools-0.7/debian/patches/bin_output_fix 2015-03-14 16:33:04.000000000 +0100
@@ -0,0 +1,19 @@
+Description: Fix binary outout
+Author: tyzhaoqi <tyzha...@gmail.com>
+Last-Update: 2014-07-24
+Reviewed-by: Jean-Michel Vourgère <jmv_...@nirgal.com>
+Applied-Upstream: commit:9ab40e83e6789015c965c92bdb62f92f8cdd0dbd
+
+Index: mdbtools/src/libmdb/data.c
+===================================================================
+--- mdbtools.orig/src/libmdb/data.c
++++ mdbtools/src/libmdb/data.c
+@@ -931,7 +931,7 @@ char *mdb_col_to_string(MdbHandle *mdb,
+ text = g_strdup("");
+ } else {
+ text = g_malloc(size);
+- memcpy((char*)buf+start, text, size);
++ memcpy(text, (char*)buf+start, size);
+ }
+ break;
+ case MDB_TEXT:
diff -Nru mdbtools-0.7/debian/patches/memo_zero_len_multipage mdbtools-0.7/debian/patches/memo_zero_len_multipage
--- mdbtools-0.7/debian/patches/memo_zero_len_multipage 1970-01-01 01:00:00.000000000 +0100
+++ mdbtools-0.7/debian/patches/memo_zero_len_multipage 2015-03-14 16:33:04.000000000 +0100
@@ -0,0 +1,29 @@
+Description: Segfault fix on memo zero length multiple page
+ .
+ While converting memo field to string, stop processing on zero length
+ multiple page.
+Author: lovelytwo <>
+Reviewed-by: Jean-Michel Vourgère <jmv_...@nirgal.com>
+Last-Update: 2014-05-02
+Applied-Upstream: commit:a89baeacf5976daf196e6f902fa84ca176d399db
+
+Index: mdbtools/src/libmdb/data.c
+===================================================================
+--- mdbtools.orig/src/libmdb/data.c
++++ mdbtools/src/libmdb/data.c
+@@ -732,9 +732,13 @@ static char *mdb_memo_to_string(MdbHandl
+ printf("row num %d start %d len %d\n",
+ pg_row & 0xff, row_start, len);
+ #endif
+- if (tmpoff + len - 4 > memo_len) {
++ if (tmpoff + len - 4 > memo_len)
+ break;
+- }
++
++ /* Stop processing on zero length multiple page memo fields */
++ if (!len)
++ break;
++
+ memcpy(tmp + tmpoff, buf + row_start + 4, len - 4);
+ tmpoff += len - 4;
+ } while (( pg_row = mdb_get_int32(buf, row_start) ));
diff -Nru mdbtools-0.7/debian/patches/series mdbtools-0.7/debian/patches/series
--- mdbtools-0.7/debian/patches/series 2015-03-14 16:27:10.000000000 +0100
+++ mdbtools-0.7/debian/patches/series 2015-03-14 16:33:04.000000000 +0100
@@ -3,3 +3,5 @@
export_repid_uuid_as_string_use_char_38_in_mysql
gmdb2_double_free
binaries_to_string
+memo_zero_len_multipage
+bin_output_fix
signature.asc
Description: OpenPGP digital signature
