Debian Bug report logs - #117177
dialog: segfault if run from su'd shell in xterm

version graph

Package: dialog; Maintainer for dialog is Santiago Vila <sanvila@debian.org>; Source for dialog is src:dialog.

Reported by: Richard Braakman <dark@ssh.com>

Date: Fri, 26 Oct 2001 12:48:01 UTC

Severity: normal

Tags: patch

Found in version 0.9a-20010811-1

Fixed in version dialog/0.9a-20011014-2

Done: Santiago Vila <sanvila@debian.org>

Bug is archived. No further changes may be made.

Forwarded to Thomas Dickey <dickey@invisible-island.net>

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@debian.org>:
Bug#117177; Package dialog. Full text and rfc822 format available.

Acknowledgement sent to Richard Braakman <dark@ssh.com>:
New Bug report received and forwarded. Copy sent to Santiago Vila <sanvila@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Richard Braakman <dark@ssh.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: dialog: segfault if run from su'd shell in xterm
Date: Fri, 26 Oct 2001 15:35:01 +0300
Package: dialog
Version: 0.9a-20010811-1
Severity: normal
Tags: patch

The following sequence makes dialog crash on my system, if it's run in
an xterm:

dark% su -
Password:
root% su nobody
nobody% dialog --infobox Foo 0 0
Segmentation fault

I traced it down to a problem in util.c.  Dialog tries to open the
current terminal device, and after the sequence of su commands shown
above, it doesn't have permission to do that.  The result is that
the variable my_output does not get initialized.  This causes the
function my_putc to crash, and it happens that this function is called
if (and only if) TERM=xterm.

The fix is simple:

diff -u -r1.1.1.1 -r1.1.1.1.2.1
--- util.c      2001/10/05 11:51:12     1.1.1.1
+++ util.c      2001/10/26 12:22:37     1.1.1.1.2.1
@@ -268,6 +268,7 @@
             exiterr("cannot initialize curses");
         }
     } else {
+        my_output = stdout;
         (void) initscr();
     }
 #ifdef NCURSES_VERSION


Richard Braakman


-- System Information
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux makaroni 2.4.7 #1 Wed Aug 22 14:48:01 EEST 2001 i686
Locale: LANG=C, LC_CTYPE=fi_FI

Versions of packages dialog depends on:
ii  debianutils               1.15           Miscellaneous utilities specific t
ii  libc6                     2.2.4-3        GNU C Library: Shared libraries an
ii  libncurses5               5.2.20010318-3 Shared libraries for terminal hand




Reply sent to Santiago Vila <sanvila@unex.es>:
You have marked Bug as forwarded. Full text and rfc822 format available.

Message #8 received at 117177-forwarded@bugs.debian.org (full text, mbox):

From: Santiago Vila <sanvila@unex.es>
To: Thomas Dickey <dickey@invisible-island.net>
Cc: <117177-forwarded@bugs.debian.org>, Richard Braakman <dark@ssh.com>
Subject: Bug#117177: dialog: segfault if run from su'd shell in xterm (fwd)
Date: Fri, 26 Oct 2001 15:07:19 +0200 (CEST)
Hello.

I received this report (with patch) from the Debian Bug System.
I've checked and 0.9a-20011014 still has the bug.

---------- Forwarded message ----------
Date: Fri, 26 Oct 2001 15:35:01 +0300
From: Richard Braakman <dark@ssh.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#117177: dialog: segfault if run from su'd shell in xterm

Package: dialog
Version: 0.9a-20010811-1
Severity: normal
Tags: patch

The following sequence makes dialog crash on my system, if it's run in
an xterm:

dark% su -
Password:
root% su nobody
nobody% dialog --infobox Foo 0 0
Segmentation fault

I traced it down to a problem in util.c.  Dialog tries to open the
current terminal device, and after the sequence of su commands shown
above, it doesn't have permission to do that.  The result is that
the variable my_output does not get initialized.  This causes the
function my_putc to crash, and it happens that this function is called
if (and only if) TERM=xterm.

The fix is simple:

diff -u -r1.1.1.1 -r1.1.1.1.2.1
--- util.c      2001/10/05 11:51:12     1.1.1.1
+++ util.c      2001/10/26 12:22:37     1.1.1.1.2.1
@@ -268,6 +268,7 @@
             exiterr("cannot initialize curses");
         }
     } else {
+        my_output = stdout;
         (void) initscr();
     }
 #ifdef NCURSES_VERSION


Richard Braakman


-- System Information
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux makaroni 2.4.7 #1 Wed Aug 22 14:48:01 EEST 2001 i686
Locale: LANG=C, LC_CTYPE=fi_FI

Versions of packages dialog depends on:
ii  debianutils               1.15           Miscellaneous utilities specific t
ii  libc6                     2.2.4-3        GNU C Library: Shared libraries an
ii  libncurses5               5.2.20010318-3 Shared libraries for terminal hand




Message #9 received at 117177-forwarded@bugs.debian.org (full text, mbox):

From: "Thomas E. Dickey" <dickey@herndon4.his.com>
To: Santiago Vila <sanvila@unex.es>
Cc: Thomas Dickey <dickey@invisible-island.net>, <117177-forwarded@bugs.debian.org>, Richard Braakman <dark@ssh.com>
Subject: Re: Bug#117177: dialog: segfault if run from su'd shell in xterm (fwd)
Date: Fri, 26 Oct 2001 10:22:43 -0400 (EDT)
On Fri, 26 Oct 2001, Santiago Vila wrote:

> Hello.
>
> I received this report (with patch) from the Debian Bug System.
> I've checked and 0.9a-20011014 still has the bug.

thanks (though offhand I thought an "su -" would allow that, this one was
something I did overlook).

-- 
T.E.Dickey <dickey@herndon4.his.com>
http://invisible-island.net
ftp://invisible-island.net




Reply sent to Santiago Vila <sanvila@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Richard Braakman <dark@ssh.com>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #14 received at 117177-close@bugs.debian.org (full text, mbox):

From: Santiago Vila <sanvila@debian.org>
To: 117177-close@bugs.debian.org
Subject: Bug#117177: fixed in dialog 0.9a-20011014-2
Date: Sat, 27 Oct 2001 14:55:30 -0400
We believe that the bug you reported is fixed in the latest version of
dialog, which has been installed in the Debian FTP archive:

dialog_0.9a-20011014-2_i386.deb
  to pool/main/d/dialog/dialog_0.9a-20011014-2_i386.deb
dialog_0.9a-20011014-2.diff.gz
  to pool/main/d/dialog/dialog_0.9a-20011014-2.diff.gz
dialog_0.9a-20011014-2.dsc
  to pool/main/d/dialog/dialog_0.9a-20011014-2.dsc



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 117177@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Santiago Vila <sanvila@debian.org> (supplier of updated dialog package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.6
Date: Sat, 27 Oct 2001 18:58:56 +0200
Source: dialog
Binary: dialog
Architecture: source i386
Version: 0.9a-20011014-2
Distribution: unstable
Urgency: medium
Maintainer: Santiago Vila <sanvila@debian.org>
Description: 
 dialog     - Displays user-friendly dialog boxes from shell scripts
Closes: 117177
Changes: 
 dialog (0.9a-20011014-2) unstable; urgency=medium
 .
   * Fixed uninitialized use of my_output in util.c (Closes: #117177).
     Thanks a lot to Richard Braakman for the report and the patch.
Files: 
 06e2167b8395d5bd1c059e282ccf129d 628 misc optional dialog_0.9a-20011014-2.dsc
 d994a8127c4da46e0f1bbb87150c88fb 5450 misc optional dialog_0.9a-20011014-2.diff.gz
 c82655d5e6018acc0f839c3bc4905a56 97910 misc optional dialog_0.9a-20011014-2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE72ukvd9Uuvj7yPNYRAr+fAJ9hSJOW6ev6pfPJmeb7JPTubGmKZQCgkDcQ
vqnR+es1DKWx2Mmnh387gt4=
=UDNl
-----END PGP SIGNATURE-----




Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 20:04:29 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.