Bug#751510: rott: Conflicting types of variable inverse_mouse to cause undefined behaviour

Michael Tautschnig mt at debian.org
Fri Jun 13 14:30:50 UTC 2014


Package: rott
Version: 1.1.2-1
Usertags: goto-cc

During a rebuild of all Debian packages in a clean sid chroot (using cowbuilder
and pbuilder) the build failed with the following error. Please note that we
use our research compiler tool-chain (using tools from the cbmc package), which
permits extended reporting on type inconsistencies at link time.

[...]
cc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -DDATADIR=\"/usr/share/games/rott/\" -Wno-pointer-sign -Wno-unused -Wall -Wno-unused -I/usr/include/SDL -D_GNU_SOURCE=1 -D_REENTRANT  -Wl,-z,relro  cin_actr.o cin_efct.o cin_evnt.o cin_glob.o cin_main.o cin_util.o dosutil.o engine.o isr.o modexlib.o rt_actor.o rt_battl.o rt_build.o rt_cfg.o rt_crc.o rt_com.o rt_debug.o rt_dmand.o rt_door.o rt_draw.o rt_floor.o rt_game.o rt_in.o rt_main.o rt_map.o rt_menu.o rt_msg.o rt_net.o rt_playr.o rt_rand.o rt_scale.o rt_sound.o rt_spbal.o rt_sqrt.o rt_stat.o rt_state.o rt_str.o rt_swift.o rt_ted.o rt_util.o rt_view.o rt_vid.o rt_err.o scriplib.o w_wad.o watcom.o z_zone.o byteordr.o dukemusc.o winrott.o audiolib/audiolib.a -L/usr/lib/x86_64-linux-gnu -lSDL -lSDL_mixer  -o rott-shareware

file rt_menu.c line 5362: error: conflicting types for variable "inverse_mouse"
old definition in module rt_cfg file rt_cfg.c line 113
signed int
new definition in module rt_menu file rt_menu.c line 5362
signed long int
Makefile:91: recipe for target 'rott-shareware' failed
make[2]: *** [rott-shareware] Error 64
make[2]: Leaving directory '/srv/jenkins-slave/workspace/sid-goto-cc-rott/rott-1.1.2/rott'
dh_auto_build: make -j1 ROTT=rott-shareware returned exit code 2
debian/rules:10: recipe for target 'override_dh_auto_build' failed
make[1]: *** [override_dh_auto_build] Error 2

It seems the declaration here

http://sources.debian.net/src/rott/1.1.2-1/rott/rt_menu.c?hl=5362#L5362

should be adjusted to match the actual definition here:

http://sources.debian.net/src/rott/1.1.2-1/rott/rt_cfg.c?hl=113#L113

As is, any access to inverse_mouse in rt_menu.c will have undefined behaviour as
either the wrong bytes will be updated or invalid memory will be accessed.

Best,
Michael

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 859 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-games-devel/attachments/20140613/e19a1e31/attachment.sig>


More information about the Pkg-games-devel mailing list