Bug#497441: Broken security patch for WordNet
Andreas Tille
tillea at rki.de
Fri Sep 5 13:30:07 UTC 2008
Hi,
in http://bugs.debian.org/497441 a patch is provided that should fix
several security problems. When investigating into the problem that
WordNet stopped working as usual when looking for synonym sets like
for instance
$ wordnet test -synsn
which should not only print
6 senses of test
but also the six senses with explanation I found the critical part
in the provided patch. I extracted it to
http://svn.debian.org/wsvn/debian-science/packages/wordnet/trunk/debian/patches/51_overflows.patch.broken?op=file&rev=0&sc=0
and I would like you to pronounce your opinion to my comment in the
header which says:
This part of the patch is completely broken, breaks funktionality of
wordnet test -synsn
and I really wonder in how far a "strcpy(bufstart, tmpbuf);" is a
security fix compared to "strncpy(bufstart, tmpbuf, strlen(tmpbuf));"
Who did this patch????
I have no idea who did this patch and how to reach this person, but besides
breaking the functionality of the program IMHO this is a terrible thing
security wise. I would really like to get this patch revised for further
problems like this.
What would be the best strategy to fix the packages in Debian?
I could upload packages to unstable without this part of the
patch - it's just in SVN. But I have serious doubt about the
remaining parts.
Kind regards
Andreas.
--
http://fam-tille.de
More information about the debian-science-maintainers
mailing list