Debian Bug report logs - #527584
findutils: -prune fails to request stat information

version graph

Package: findutils; Maintainer for findutils is Andreas Metzler <ametzler@debian.org>; Source for findutils is src:findutils (PTS, buildd, popcon).

Reported by: Colin Watson <cjwatson@ubuntu.com>

Date: Fri, 8 May 2009 09:42:01 UTC

Severity: important

Tags: patch

Found in version findutils/4.4.1-1

Fixed in version findutils/4.4.2-1

Done: Andreas Metzler <ametzler@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Andreas Metzler <ametzler@debian.org>:
Bug#527584; Package findutils. (Fri, 08 May 2009 09:42:09 GMT) (full text, mbox, link).

Acknowledgement sent to Colin Watson <cjwatson@ubuntu.com>:
New Bug report received and forwarded. Copy sent to Andreas Metzler <ametzler@debian.org>. (Fri, 08 May 2009 09:42:30 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@ubuntu.com>
To: submit@bugs.debian.org
Subject: findutils: -prune fails to request stat information
Date: Fri, 8 May 2009 10:35:33 +0100
[Message part 1 (text/plain, inline)]
Package: findutils
Version: 4.4.1-1
Severity: important
Tags: patch
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu ubuntu-patch karmic

find's parser fails to declare that -prune needs stat information, so
it's possible for it to end up reading uninitialised data when
determining whether the to-be-pruned path is a directory. This happened
to break Ubuntu's kernel package build in such a way that
/usr/include/asm/* went missing! I don't know whether the same thing
would happen with Debian's kernel package build, but it might be prudent
to incorporate the patch anyway just in case Debian ends up having to
recover build-essential manually as Ubuntu is currently having to do ...

  https://bugs.launchpad.net/ubuntu/+source/findutils/+bug/373214

I've sent this upstream and it sounds from James Youngman's reply as
though he's provisionally accepted it, but it may have to wait on me
getting copyright assignment sorted out, so I thought I'd submit a
Debian bug as well. See:

  http://lists.gnu.org/archive/html/bug-findutils/2009-05/msg00003.html
    (and thread, which isn't in the archives yet but should appear
    shortly)

Attached is a reduced patch suitable for the Debian package, with the
test case removed to save on having to rerun automake.

Thanks,

-- 
Colin Watson                                       [cjwatson@ubuntu.com]

[find.prune-stat.patch (text/x-diff, attachment)]

Reply sent to Andreas Metzler <ametzler@debian.org>:
You have taken responsibility. (Sat, 06 Jun 2009 16:12:32 GMT) (full text, mbox, link).

Notification sent to Colin Watson <cjwatson@ubuntu.com>:
Bug acknowledged by developer. (Sat, 06 Jun 2009 16:12:34 GMT) (full text, mbox, link).

Message #10 received at 527584-close@bugs.debian.org (full text, mbox, reply):

From: Andreas Metzler <ametzler@debian.org>
To: 527584-close@bugs.debian.org
Subject: Bug#527584: fixed in findutils 4.4.2-1
Date: Sat, 06 Jun 2009 15:47:17 +0000
Source: findutils
Source-Version: 4.4.2-1

We believe that the bug you reported is fixed in the latest version of
findutils, which is due to be installed in the Debian FTP archive:

findutils_4.4.2-1.diff.gz
  to pool/main/f/findutils/findutils_4.4.2-1.diff.gz
findutils_4.4.2-1.dsc
  to pool/main/f/findutils/findutils_4.4.2-1.dsc
findutils_4.4.2-1_i386.deb
  to pool/main/f/findutils/findutils_4.4.2-1_i386.deb
findutils_4.4.2.orig.tar.gz
  to pool/main/f/findutils/findutils_4.4.2.orig.tar.gz
locate_4.4.2-1_i386.deb
  to pool/main/f/findutils/locate_4.4.2-1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 527584@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Metzler <ametzler@debian.org> (supplier of updated findutils package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Format: 1.8
Date: Sat, 06 Jun 2009 16:56:11 +0200
Source: findutils
Binary: findutils locate
Architecture: source i386
Version: 4.4.2-1
Distribution: unstable
Urgency: low
Maintainer: Andreas Metzler <ametzler@debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description: 
 findutils  - utilities for finding files--find, xargs
 locate     - maintain and query an index of a directory tree
Closes: 526939 527584
Changes: 
 findutils (4.4.2-1) unstable; urgency=low
 .
   * debian/locate-cron.daily: Test if called by root. (Thank's, Michael Vogt).
     Closes: #526939
   * New upstream version.
     + find -prune now makes sure it has valid stat() information.
       Closes: #527584
     + Drop patches/10_typo_525263.dpatch, included upstream.
Checksums-Sha1: 
 3622adc09d120b14ed40e032a8333790747341cd 1239 findutils_4.4.2-1.dsc
 e8dd88fa2cc58abffd0bfc1eddab9020231bb024 2149838 findutils_4.4.2.orig.tar.gz
 56ebc242bf4bb09158d5cb97a823c90490ae2551 20429 findutils_4.4.2-1.diff.gz
 1718f797e020bb949e2fe042a436b33d0a493cb9 601438 findutils_4.4.2-1_i386.deb
 5a2a7ce400dbd706712be681dbbc92b6aa9069b4 152198 locate_4.4.2-1_i386.deb
Checksums-Sha256: 
 f9b4563eac2ec7d004f01ec8fca396b2155c5f6be520e6214056a29573e50761 1239 findutils_4.4.2-1.dsc
 434f32d171cbc0a5e72cfc5372c6fc4cb0e681f8dce566a0de5b6fccd702b62a 2149838 findutils_4.4.2.orig.tar.gz
 eea0ec4682aaf70cd8e21fd8d12eb56eb3d2e5f4b58a96b4fcce883b1edf16d5 20429 findutils_4.4.2-1.diff.gz
 6af076a066aec57561401359e97f062131f348c33491d58bbc08dfa3fe446295 601438 findutils_4.4.2-1_i386.deb
 8d5f4522ed231f88494e63658348148a6ff7366c030dc9589478d66cb5535df4 152198 locate_4.4.2-1_i386.deb
Files: 
 d67e1fbfbae1423cdb75eaf39e717ab8 1239 utils required findutils_4.4.2-1.dsc
 351cc4adb07d54877fa15f75fb77d39f 2149838 utils required findutils_4.4.2.orig.tar.gz
 93a7fb3cff2847e75d076876daa102c0 20429 utils required findutils_4.4.2-1.diff.gz
 547a667c282fe5cbb32c9c8e82d7b08e 601438 utils required findutils_4.4.2-1_i386.deb
 94eb72e3cc1cd2554e92e3b68a4195fa 152198 utils optional locate_4.4.2-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEAREDAAYFAkoqhtYACgkQHTOcZYuNdmOeYgCcDgaP+wDGNqsexNsRBTyaKzG2
1M8AmwTkBVwDKoheyJmfC2LMAG2WRDVx
=0vvo
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 28 Dec 2009 07:37:01 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Dec 23 16:43:03 2023; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.