[med-svn] [Git][med-team/gdpc][master] buffer-overflow.patch: New; fix buffer overflows and some other issues.

[Yavor Doganov (@yavor-guest)]

Yavor Doganov pushed to branch master at Debian Med / gdpc


Commits:
444204e5 by Yavor Doganov at 2026-01-25T18:57:22+02:00
buffer-overflow.patch: New; fix buffer overflows and some other issues.

- - - - -


3 changed files:

- debian/changelog
- + debian/patches/buffer-overflow.patch
- debian/patches/series


Changes:

=====================================
debian/changelog
=====================================
@@ -2,6 +2,8 @@ gdpc (2.2.5-17) UNRELEASED; urgency=medium
 
   * Team upload.
   * debian/patches/gtk3.patch: New; port to GTK 3 (Closes: #967379).
+  * debian/patches/buffer-overflow.patch: New; fix buffer overflows,
+    unitialized variables and some other issues.
   * debian/control (Build-Depends): Replace libgtk2.0-dev with
     libgtk-3-dev.
     (Suggests): Remove gqview, no longer in Debian (Closes: #1118130).


=====================================
debian/patches/buffer-overflow.patch
=====================================
@@ -0,0 +1,79 @@
+Description: Fix global buffer overflow.
+ Also uninitialized variables and potential overflow.
+Author: Yavor Doganov <yavor at gnu.org>
+Forwarded: no
+Last-Update: 2026-01-25
+---
+
+--- gdpc.orig/colors.c
++++ gdpc/colors.c
+@@ -155,21 +155,21 @@
+     }
+ 
+     if (colorset==1) {
+-	for(i=0;i<ncolors;i++) {
++	for(i=0;i<19;i++) {
+ 	    (*colors)[i].red = xcolorinv[i][0];
+ 	    (*colors)[i].green = xcolorinv[i][1];
+ 	    (*colors)[i].blue = xcolorinv[i][2];
+ 	}
+     }
+     else if (colorset==2) {
+-	for(i=0;i<ncolors;i++) {
++	for(i=0;i<19;i++) {
+ 	    (*colors)[i].red = xcoldcolor[i][0];
+ 	    (*colors)[i].green = xcoldcolor[i][1];
+ 	    (*colors)[i].blue = xcoldcolor[i][2];
+ 	}
+     }
+     else if (colorset==3) {
+-	for(i=0;i<ncolors;i++) {
++	for(i=0;i<19;i++) {
+ 	    (*colors)[i].red = xcoldcolor2[i][0];
+ 	    (*colors)[i].green = xcoldcolor2[i][1];
+ 	    (*colors)[i].blue = xcoldcolor2[i][2];
+@@ -193,7 +193,7 @@
+ 	}
+     }
+     else {
+-	for(i=0;i<ncolors;i++) {
++	for(i=0;i<19;i++) {
+ 	    (*colors)[i].red = xcolor[i][0];
+ 	    (*colors)[i].green = xcolor[i][1];
+ 	    (*colors)[i].blue = xcolor[i][2];
+--- gdpc.orig/readinput.c
++++ gdpc/readinput.c
+@@ -51,9 +51,9 @@
+ gboolean timecheck, endframe, framecheck, typescheck;
+ 
+ struct xyzstruc *coords;
+-struct xyzstruc lastframe;
++struct xyzstruc lastframe = {0};
+ 
+-FILE *fpRI;
++FILE *fpRI = NULL;
+ 
+ #if Debug
+ printf("Starting reading thread.\n"); 
+--- gdpc.orig/main.c
++++ gdpc/main.c
+@@ -620,7 +620,7 @@
+ GtkWidget	*xminus_button, *yminus_button, *zminus_button,*xplus10_button;
+ GtkWidget	*yplus10_button, *zplus10_button, *xminus10_button;
+ GtkWidget	*yminus10_button, *zminus10_button, *xlabel, *ylabel, *zlabel;
+-char		buf[128];
++char		buf[256];
+ gint 		i;
+ 
+     params->StartedAlready = TRUE;
+--- gdpc.orig/init.c
++++ gdpc/init.c
+@@ -108,7 +108,7 @@
+     setfile = FALSE;
+ 
+     while (args-1>argl) {
+-	strncpy(c,argv[argl+1],strlen(argv[argl+1]));
++	strcpy(c,argv[argl+1]);
+ 	c[strlen(argv[argl+1])] = '\0';
+ 
+ 	if (!strcmp(c,"s") && !setxcol && !setycol && !setzcol && !settcol) {


=====================================
debian/patches/series
=====================================
@@ -7,3 +7,4 @@ fix_segfault.patch
 spelling.patch
 cross.patch
 gtk3.patch
+buffer-overflow.patch



View it on GitLab: https://salsa.debian.org/med-team/gdpc/-/commit/444204e53821fbc65d530430676c89ade772af52

-- 
View it on GitLab: https://salsa.debian.org/med-team/gdpc/-/commit/444204e53821fbc65d530430676c89ade772af52
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-med-commit/attachments/20260125/872cfca9/attachment-0001.htm>