[Pkg-cracklib-commits] [SCM] Git repository for pkg-cracklib branch, master, updated. debian/2.8.16-2-6-g1dcd391

Jan Dittberner jandd at debian.org
Fri Sep 10 16:58:03 UTC 2010 

The following commit has been merged in the master branch:
commit 769c5436771c88f863e816c8e0fa8fd16a327e63
Author: Jan Dittberner <jandd at debian.org>
Date:   Fri Sep 10 18:26:35 2010 +0200

    add patch for segfault in Python extension (#596281)

diff --git a/debian/changelog b/debian/changelog
index 2e77712..058bfe1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,13 @@ cracklib2 (2.8.16-3) UNRELEASED; urgency=low
   * debian/control: update to Standards-Version to 3.9.1
    - update Standards-Version field
    - use Breaks instead of Conflicts
+  * add debian/patches/596281-fix-python-extension-segfault.patch: in
+    cracklib-python's C module, make sure we initialize defaultdict to
+    NULL at the start of _cracklib_FascistCheck. This fixes a bug where
+    that variable was freed when not NULL without ever having been
+    assigned any value to.  This happened when we called FascistCheck()
+    with a dictionary path of our own. Thanks to Peter Palfrader for the
+    patch (Closes: #596281).
 
  -- Jan Dittberner <jandd at debian.org>  Fri, 02 Jul 2010 17:23:57 +0200
 
diff --git a/debian/patches/596281-fix-python-extension-segfault.patch b/debian/patches/596281-fix-python-extension-segfault.patch
new file mode 100644
index 0000000..e29bba7
--- /dev/null
+++ b/debian/patches/596281-fix-python-extension-segfault.patch
@@ -0,0 +1,26 @@
+Subject: Fix for segmentation fault in the Python extension
+Author: Peter Palfrader <weasel at debian.org>
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596281
+--- a/python/_cracklibmodule.c
++++ b/python/_cracklibmodule.c
+@@ -64,7 +64,8 @@
+ static PyObject *
+ _cracklib_FascistCheck(PyObject *self, PyObject *args, PyObject *kwargs)
+ {
+-    char *candidate, *dict, *defaultdict;
++    char *candidate, *dict;
++    char *defaultdict = NULL;
+     const char *result;
+     struct stat st;
+     char *keywords[] = {"pw", "dictpath", NULL};
+--- a/python/Makefile.am
++++ b/python/Makefile.am
+@@ -1,7 +1,7 @@
+ if BUILD_PYTHON
+ python_PYTHON = cracklib.py
+ pyexec_LTLIBRARIES = _cracklibmodule.la
+-AM_CFLAGS = -I$(top_srcdir)/lib
++AM_CFLAGS = -I$(top_srcdir)/lib -Wall
+ _cracklibmodule_la_LDFLAGS = -module -avoid-version $(top_builddir)/lib/libcrack.la
+ DEFS += '-DDEFAULT_CRACKLIB_DICT="$(DEFAULT_CRACKLIB_DICT)"'
+ DEFS += '-DPYTHON_H="python at PYTHON_VERSION@/Python.h"'
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..4e4bcc5
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+596281-fix-python-extension-segfault.patch

-- 
Git repository for pkg-cracklib

More information about the Pkg-cracklib-commits mailing list