Debian Bug report logs - #511559
aptitude: minesweeper crashes when compiled with -D_FORTIFY_SOURCE

version graph

Package: aptitude; Maintainer for aptitude is Aptitude Development Team <aptitude-devel@lists.alioth.debian.org>; Source for aptitude is src:aptitude.

Reported by: Vernon Tang <vt@foilhead.net>

Date: Mon, 12 Jan 2009 08:21:01 UTC

Severity: normal

Tags: patch

Found in version 0.4.11.10-1lenny1.1ubuntu1

Fixed in version aptitude/0.5.1-1

Done: Daniel Burrows <dburrows@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, vt@foilhead.net, Daniel Burrows <dburrows@debian.org>:
Bug#511559; Package aptitude. (Mon, 12 Jan 2009 08:21:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Vernon Tang <vt@foilhead.net>:
New Bug report received and forwarded. Copy sent to vt@foilhead.net, Daniel Burrows <dburrows@debian.org>. (Mon, 12 Jan 2009 08:21:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Vernon Tang <vt@foilhead.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: aptitude: minesweeper crashes when compiled with -D_FORTIFY_SOURCE
Date: Mon, 12 Jan 2009 16:17:07 +0800
[Message part 1 (text/plain, inline)]
Package: aptitude
Version: 0.4.11.10-1lenny1.1ubuntu1
Severity: normal
Tags: patch
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu jaunty ubuntu-patch

Due to an incorrect size argument to swprintf in src/mine/cmine.cc, 
aptitude crashes when starting minesweeper with a fortify abort if 
compiled with -D_FORTIFY_SOURCE, as it is on Ubuntu.

I've attached a patch that corrects the problem by passing the correct 
buffer size to swprintf.

-- Package-specific info:
aptitude 0.4.11.10 compiled at Nov 17 2008 10:48:38
Compiler: g++ 4.3.3 20081112 (prerelease)
Compiled against:
  apt version 4.6.0
  NCurses version 5.7
  libsigc++ version: 2.0.18
  Ept support enabled.

Current library versions:
  NCurses version: ncurses 5.7.20081220
  cwidget version: 0.5.12
  Apt version: 4.6.0
	linux-vdso.so.1 =>  (0x00007fffd25fe000)
	libapt-pkg-libc6.8-6.so.4.6 => /usr/lib/libapt-pkg-libc6.8-6.so.4.6 (0x00007fc9c9fda000)
	libncursesw.so.5 => /lib/libncursesw.so.5 (0x00007fc9c9d91000)
	libsigc-2.0.so.0 => /usr/lib/libsigc-2.0.so.0 (0x00007fc9c9b8b000)
	libcwidget.so.3 => /usr/lib/libcwidget.so.3 (0x00007fc9c98bc000)
	libept.so.0 => /usr/lib/libept.so.0 (0x00007fc9c9646000)
	libxapian.so.15 => /usr/lib/libxapian.so.15 (0x00007fc9c92e3000)
	libz.so.1 => /usr/lib/libz.so.1 (0x00007fc9c90cb000)
	libpthread.so.0 => /lib/libpthread.so.0 (0x00007fc9c8eaf000)
	libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00007fc9c8ba2000)
	libm.so.6 => /lib/libm.so.6 (0x00007fc9c891d000)
	libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x00007fc9c8705000)
	libc.so.6 => /lib/libc.so.6 (0x00007fc9c8393000)
	libutil.so.1 => /lib/libutil.so.1 (0x00007fc9c8190000)
	libdl.so.2 => /lib/libdl.so.2 (0x00007fc9c7f8c000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fc9ca299000)
Terminal: xterm-color
$DISPLAY not set.
`which aptitude`: /usr/bin/aptitude
aptitude version information:

aptitude linkage:

-- System Information:
Debian Release: 5.0
  APT prefers jaunty-updates
  APT policy: (500, 'jaunty-updates'), (500, 'jaunty-security'), (500, 'jaunty-backports'), (500, 'jaunty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.28-4-server (SMP w/2 CPU cores)
Locale: LANG=en_HK.UTF-8, LC_CTYPE=en_HK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages aptitude depends on:
ii  apt [libapt-pkg 0.7.19ubuntu1            Advanced front-end for dpkg
ii  libc6           2.9-0ubuntu7             GNU C Library: Shared libraries
ii  libcwidget3     0.5.12-3ubuntu1          high-level terminal interface libr
ii  libept0         0.5.26                   High-level library for managing De
ii  libgcc1         1:4.3.2-2ubuntu10        GCC support library
ii  libncursesw5    5.7+20081220-1ubuntu1    shared libraries for terminal hand
ii  libsigc++-2.0-0 2.0.18-2                 type-safe Signal Framework for C++
ii  libstdc++6      4.3.2-2ubuntu10          The GNU Standard C++ Library v3
ii  libxapian15     1.0.7-4                  Search engine library
ii  zlib1g          1:1.2.3.3.dfsg-12ubuntu1 compression library - runtime

Versions of packages aptitude recommends:
ii  libparse-debianchangelog-perl 1.1.1-2    parse Debian changelogs and output

Versions of packages aptitude suggests:
ii  aptitude-doc- 0.4.11.10-1lenny1.1ubuntu1 English manual for aptitude, a ter
pn  debtags       <none>                     (no description available)
ii  tasksel       2.73ubuntu13               Tool for selecting tasks for insta

-- no debconf information
[mine_fortify_crash (text/plain, attachment)]
[signature.asc (application/pgp-signature, inline)]

Tags added: pending Request was from Anibal Monsalve Salazar <anibal@debian.org> to control@bugs.debian.org. (Mon, 19 Jan 2009 19:06:08 GMT) Full text and rfc822 format available.

Reply sent to Daniel Burrows <dburrows@debian.org>:
You have taken responsibility. (Sat, 24 Jan 2009 16:12:13 GMT) Full text and rfc822 format available.

Notification sent to Vernon Tang <vt@foilhead.net>:
Bug acknowledged by developer. (Sat, 24 Jan 2009 16:12:14 GMT) Full text and rfc822 format available.

Message #12 received at 511559-close@bugs.debian.org (full text, mbox):

From: Daniel Burrows <dburrows@debian.org>
To: 511559-close@bugs.debian.org
Subject: Bug#511559: fixed in aptitude 0.5.1-1
Date: Sat, 24 Jan 2009 15:48:33 +0000
Source: aptitude
Source-Version: 0.5.1-1

We believe that the bug you reported is fixed in the latest version of
aptitude, which is due to be installed in the Debian FTP archive:

aptitude-dbg_0.5.1-1_i386.deb
  to pool/main/a/aptitude/aptitude-dbg_0.5.1-1_i386.deb
aptitude-doc-cs_0.5.1-1_all.deb
  to pool/main/a/aptitude/aptitude-doc-cs_0.5.1-1_all.deb
aptitude-doc-en_0.5.1-1_all.deb
  to pool/main/a/aptitude/aptitude-doc-en_0.5.1-1_all.deb
aptitude-doc-fi_0.5.1-1_all.deb
  to pool/main/a/aptitude/aptitude-doc-fi_0.5.1-1_all.deb
aptitude-doc-fr_0.5.1-1_all.deb
  to pool/main/a/aptitude/aptitude-doc-fr_0.5.1-1_all.deb
aptitude-doc-ja_0.5.1-1_all.deb
  to pool/main/a/aptitude/aptitude-doc-ja_0.5.1-1_all.deb
aptitude-gtk_0.5.1-1_i386.deb
  to pool/main/a/aptitude/aptitude-gtk_0.5.1-1_i386.deb
aptitude_0.5.1-1.diff.gz
  to pool/main/a/aptitude/aptitude_0.5.1-1.diff.gz
aptitude_0.5.1-1.dsc
  to pool/main/a/aptitude/aptitude_0.5.1-1.dsc
aptitude_0.5.1-1_i386.deb
  to pool/main/a/aptitude/aptitude_0.5.1-1_i386.deb
aptitude_0.5.1.orig.tar.gz
  to pool/main/a/aptitude/aptitude_0.5.1.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 511559@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Burrows <dburrows@debian.org> (supplier of updated aptitude package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 18 Jan 2009 17:22:10 -0800
Source: aptitude
Binary: aptitude aptitude-gtk aptitude-dbg aptitude-doc-cs aptitude-doc-en aptitude-doc-fi aptitude-doc-fr aptitude-doc-ja
Architecture: source i386 all
Version: 0.5.1-1
Distribution: experimental
Urgency: low
Maintainer: Daniel Burrows <dburrows@debian.org>
Changed-By: Daniel Burrows <dburrows@debian.org>
Description: 
 aptitude   - terminal-based package manager (terminal interface only)
 aptitude-dbg - Debug symbols for the aptitude package manager
 aptitude-doc-cs - Czech manual for aptitude, a terminal-based package manager
 aptitude-doc-en - English manual for aptitude, a terminal-based package manager
 aptitude-doc-fi - Finnish manual for aptitude, a terminal-based package manager
 aptitude-doc-fr - French manual for aptitude, a terminal-based package manager
 aptitude-doc-ja - Japanese manual for aptitude, a terminal-based package manager
 aptitude-gtk - terminal-based package manager (terminal interface only)
Closes: 505467 505675 505676 506651 508536 511559 511725
Changes: 
 aptitude (0.5.1-1) experimental; urgency=low
 .
   * New upstream release.
 .
     - Incremental search should work again in the curses UI.
       (Closes: #506651)
 .
     - Gives more feedback when dpkg finishes. (Closes: #508536)
 .
     - GTK+ interface split out into the package aptitude-gtk, sorry
       ftpmasters. (Closes: #511725, #505467)
 .
     - Fix fortify problems in minesweeper. (Closes: #511559)
 .
     - Fix several translations of plurals (Closes: #505675)
 .
     - Translation updates:
       + Slovak (Closes: #505676)
Checksums-Sha1: 
 94fd04b61821a01fe96b3bbd96c8eae6f47ce63e 1442 aptitude_0.5.1-1.dsc
 e2f25aab3824467008d66d75e644f4c98754d2dd 6722398 aptitude_0.5.1.orig.tar.gz
 3cc469b1a1343f2e959137bab191fb99c8800d0c 41654 aptitude_0.5.1-1.diff.gz
 d45073b6a7473afa68ff616f96ed5a83f15f1462 3125648 aptitude_0.5.1-1_i386.deb
 3cea7bb021aecd18094a4f21670b1c605f6fd67c 1251524 aptitude-gtk_0.5.1-1_i386.deb
 ac8b5c62f9f286901f831a2a01caf4d3a8e6d33b 14733638 aptitude-dbg_0.5.1-1_i386.deb
 7c90e9c7d970ef83f4fa1502a9c4bb6b6665801d 379488 aptitude-doc-cs_0.5.1-1_all.deb
 71e3b8ec048eb8399975d06a434622c4ee50aaf1 371822 aptitude-doc-en_0.5.1-1_all.deb
 206c48ff927942243c843d791f477963d4196acb 271782 aptitude-doc-fi_0.5.1-1_all.deb
 eae1a738d4006053cc53ab0bbc1d5e62f9cdf77b 317974 aptitude-doc-fr_0.5.1-1_all.deb
 fb15f150b8553dc557620d06c2127a55b9a32819 382194 aptitude-doc-ja_0.5.1-1_all.deb
Checksums-Sha256: 
 b4a9b47079fdf6024e681e7c4efd55ee93d7bc96b90fc175df25629e1eafaa56 1442 aptitude_0.5.1-1.dsc
 c4508ab9ef07807d9f9c6fd6348eb1f3973e9cc93ee284f6b8e452cb5c755ebc 6722398 aptitude_0.5.1.orig.tar.gz
 8b7a212a9e6e11d588dad4c964ae004663df072dfb8f7675a53ace53eaeddb29 41654 aptitude_0.5.1-1.diff.gz
 eab5b13af4b0861e1c2d6da3b311633e01ee6e9be5ce8e4d08838769e62de1ae 3125648 aptitude_0.5.1-1_i386.deb
 4ca3f7a9768ce1ab227edfd91071ff1b5e1aadc0146001d5b8b233720af29879 1251524 aptitude-gtk_0.5.1-1_i386.deb
 b317c3950546fddffaafac4966e9109d9e7b03ac886bdfdf42d7c2eb054483e0 14733638 aptitude-dbg_0.5.1-1_i386.deb
 266a014fc58a6b3874488525e599e43a6ab31276f7d2597e81466437cb3c0644 379488 aptitude-doc-cs_0.5.1-1_all.deb
 50194b93feeba1520670dc9c4a58a80625826ecf9bb44a56e109bb7773f02d72 371822 aptitude-doc-en_0.5.1-1_all.deb
 c2370531f44de27ae179ad828b640275d4cbb78235129b5718d4d2442ac9e136 271782 aptitude-doc-fi_0.5.1-1_all.deb
 330f65a207c37f9247b825bab40790d0089b6ad3117e19350bc599221d2dec34 317974 aptitude-doc-fr_0.5.1-1_all.deb
 24aaf447a8f74b69f0906068ea15a76ca25bf1d450e077daef7254607e04de94 382194 aptitude-doc-ja_0.5.1-1_all.deb
Files: 
 2b2a505c038533a0bb20e5e013cfa279 1442 admin - aptitude_0.5.1-1.dsc
 33ee244bdf41649338369b0724e023ba 6722398 admin - aptitude_0.5.1.orig.tar.gz
 f01a897170ad93b5c0b55e6844e58e5d 41654 admin - aptitude_0.5.1-1.diff.gz
 3faf27ec95aae3e849c4d4a7cc576c7d 3125648 admin important aptitude_0.5.1-1_i386.deb
 310492cd180e8ae4cbeb3d00a48d6780 1251524 admin important aptitude-gtk_0.5.1-1_i386.deb
 1db8242e3bb52c8947e419be1033b9c6 14733638 devel extra aptitude-dbg_0.5.1-1_i386.deb
 8d0236039f34d02c0d1e2570ff059731 379488 doc optional aptitude-doc-cs_0.5.1-1_all.deb
 881ede98cc200d456ed930a0e2a0d043 371822 doc optional aptitude-doc-en_0.5.1-1_all.deb
 f37270dab3e765ecbcc1b2e6d72788bb 271782 doc optional aptitude-doc-fi_0.5.1-1_all.deb
 cfddcbc78ff105cf188858efd2cf224a 317974 doc optional aptitude-doc-fr_0.5.1-1_all.deb
 9301891f3fe40df04416c389a3820811 382194 doc optional aptitude-doc-ja_0.5.1-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkl0MiQACgkQch6xsM7kSXh/kgCgpYfMnSLHjr8WQ3lBzyQmT+Js
9yMAn2ckWINq6WmJgNhbazefx1QpJBZt
=Bh66
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 22 Feb 2009 07:35:49 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 01:50:39 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.