[Debian-med-packaging] Bug#703076: Missing argument in calls to amitk_color_table_menu_new

Andy Loening loening at stanford.edu
Tue Mar 19 06:24:01 UTC 2013 

Hi Andreas,

Thanks for the note, this will be corrected in 1.0.5.

The error doesn't actually trigger any problems because the variable 
"color_table" is never used, so it won't be a problem even if it's not 
fixed.

Thanks,
Andy


On 03/15/2013 02:50 AM, Andreas Tille wrote:
> Hi Andy,
>
> due to some QA checks in Debian the Amide package received a bug report
> which I would like to inform you about.  I admit we are lagging behind
> your latest upstream version (because of Debian freeze for the next
> release we hesitate to introduce other versions than currently beeing in
> freeze) and the problem might be fixed or not but I would like to make
> you aware of it in any case.
>
> It would be great if you could issue some statement like
>
>   - Is fixed in 1.0.4  or
>   - Will be fixed in 1.0.5 or
>   - Please be more verbose / provide a patch or
>   - Something else
>
> Kind regards and thanks for providing Amide as Free Software
>
>       Andreas.
>
> On Thu, Mar 14, 2013 at 11:33:16PM +0000, Michael Tautschnig wrote:
>> Package: amide
>> Version: 1.0.1-1
>> Usertags: goto-cc
>>
>> Building and type-checking the linked results using our research compiler
>> infrastructure showed the following wrong uses of amitk_color_table_menu_new:
>>
>> ./src/amitk_threshold.c:    threshold->color_table_menu[i_view_mode] = amitk_color_table_menu_new();
>> ./src/ui_preferences_dialog.c:    menu = amitk_color_table_menu_new();
>> ./src/ui_render_dialog.c:    menu = amitk_color_table_menu_new();
>>
>> This conflicts with the actual definition of amitk_color_table_menu_new:
>>
>> ./src/amitk_color_table_menu.c:GtkWidget * amitk_color_table_menu_new(AmitkColorTable color_table) {
>>
>> The result will necessarily cause a stack underflow, with entirely undefined
>> consequences (for any application with elevated privileges this is a possibly
>> security issue).
>>
>> Best,
>> Michael
>>
>> PS.: It may be wise to also adjust the declaration of
>> amitk_color_table_menu_new:
>>
>> ./src/amitk_color_table_menu.h:GtkWidget*    amitk_color_table_menu_new               ();
>>
>> (but this is actually entirely covered by the C standard and not necessarily a
>> bug - it just stops the compiler from producing proper diagnostics).
>>
>
>
>
>> _______________________________________________
>> Debian-med-packaging mailing list
>> Debian-med-packaging at lists.alioth.debian.org
>> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-packaging
>
>

More information about the Debian-med-packaging mailing list