Bug#304713: marked as done ([patch] gtetrinet segfaults on some
servers replies when channel list is enabled)
Debian Bug Tracking System
owner@bugs.debian.org
Mon, 02 May 2005 15:33:18 -0700
Your message dated Mon, 02 May 2005 18:02:04 -0400
with message-id <E1DSizM-0004dw-00@newraff.debian.org>
and subject line Bug#304713: fixed in gtetrinet 0.7.9-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 14 Apr 2005 21:43:53 +0000
>From debbug2005@julien.plissonneau.duquene.net Thu Apr 14 14:43:53 2005
Return-path: <debbug2005@julien.plissonneau.duquene.net>
Received: from ferbos.duquene.net (removethis.junk.org) [80.65.226.49]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DMC7s-0002hD-00; Thu, 14 Apr 2005 14:43:53 -0700
Received: by removethis.junk.org (Postfix, from userid 1001)
id E91F65B778; Thu, 14 Apr 2005 23:43:50 +0200 (CEST)
Date: Thu, 14 Apr 2005 23:43:50 +0200
From: Julien Plissonneau Duquene <debbug2005@julien.plissonneau.duquene.net>
To: submit@bugs.debian.org
Cc: jordi@sindominio.net, bocata@panete.net
Subject: [patch] gtetrinet segfaults on some servers replies when channel list is enabled
Message-ID: <20050414214350.GA32400@removethis.junk.org>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="VS++wcV0S1rZb1Fb"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.3.28i
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.8 required=4.0 tests=BAYES_00,FROM_ENDS_IN_NUMS,
HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Package: gtetrinet
Version: 0.7.8-1
Hello,
There is a lack of error checking in the function decoding server
replies that looks like /list replies, causing gtetrinet to crash
(segfault) when receiving replies to some commands from some servers.
For example, typing /who when connected to tetridome.com with channel
list enabled will crash gtetrinet. Actually each line in response to
/who on this server starts with an opening parenthesis, and thus is fed
to partyline_add_channel() for parsing.
The attached patch fixes partyline_add_channel in partyline.c so it does
not crash anymore on parsing errors. It does not fix side effects of
/whatever response being mistaken for /list response, including the fact
that the expected response text may not appear at all in the UI.
Regards,
Julien Plissonneau Duqučne
--VS++wcV0S1rZb1Fb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=patch
--- gtetrinet-0.7.8.orig/src/partyline.c 2004-12-26 16:59:45.000000000 +0100
+++ gtetrinet-0.7.8/src/partyline.c 2005-04-14 22:58:18.000000000 +0200
@@ -467,7 +467,7 @@
scan->config->skip_comment_single = FALSE;
while ((g_scanner_get_next_token (scan) != G_TOKEN_INT) && !g_scanner_eof (scan));
- num = scan->value.v_int;
+ num = (scan->token==G_TOKEN_INT) ? scan->value.v_int : 0;
g_scanner_get_next_token (scan); /* dump the ')' */
@@ -476,13 +476,13 @@
scan->config->cpair_comment_single = "# ";
while ((g_scanner_get_next_token (scan) != G_TOKEN_INT) && !g_scanner_eof (scan));
- actual = scan->value.v_int;
+ actual = (scan->token==G_TOKEN_INT) ? scan->value.v_int : 0;
while ((g_scanner_get_next_token (scan) != G_TOKEN_INT) && !g_scanner_eof (scan));
- max = scan->value.v_int;
+ max = (scan->token==G_TOKEN_INT) ? scan->value.v_int : 0;
while ((g_scanner_get_next_token (scan) != G_TOKEN_COMMENT_SINGLE) && !g_scanner_eof (scan));
- utf8 = g_locale_to_utf8 (scan->value.v_comment, -1, NULL, NULL, NULL);
+ utf8 = g_locale_to_utf8 ((scan->token==G_TOKEN_COMMENT_SINGLE) ? scan->value.v_comment : "", -1, NULL, NULL, NULL);
name = g_strconcat ("#", utf8, NULL);
g_snprintf (final, 1024, "%d/%d", actual, max);
@@ -490,7 +490,7 @@
scan->config->cpair_comment_single = "{}";
while ((g_scanner_get_next_token (scan) != G_TOKEN_COMMENT_SINGLE) && !g_scanner_eof (scan));
if (!g_scanner_eof (scan))
- state = g_strdup (scan->value.v_comment);
+ state = g_strdup ((scan->token==G_TOKEN_COMMENT_SINGLE) ? scan->value.v_comment : "");
else
state = g_strdup ("IDLE");
@@ -500,21 +500,21 @@
else
{
while ((g_scanner_get_next_token (scan) != G_TOKEN_COMMENT_SINGLE) && !g_scanner_eof (scan));
- utf8 = g_locale_to_utf8 (scan->value.v_comment, -1, NULL, NULL, NULL);
+ utf8 = g_locale_to_utf8 ((scan->token==G_TOKEN_COMMENT_SINGLE) ? scan->value.v_comment : "", -1, NULL, NULL, NULL);
name = g_strconcat ("#", utf8, NULL);
while ((g_scanner_get_next_token (scan) != G_TOKEN_IDENTIFIER) && !g_scanner_eof (scan));
- players = g_strdup (scan->value.v_identifier);
+ players = g_strdup ((scan->token==G_TOKEN_IDENTIFIER) ? scan->value.v_identifier : "");
if (players != NULL)
{
if (strncmp (players, "FULL", 4))
{
while ((g_scanner_get_next_token (scan) != G_TOKEN_INT) && !g_scanner_eof (scan));
- actual = scan->value.v_int;
+ actual = (scan->token==G_TOKEN_INT) ? scan->value.v_int : 0;
while ((g_scanner_get_next_token (scan) != G_TOKEN_INT) && !g_scanner_eof (scan));
- max = scan->value.v_int;
+ max = (scan->token==G_TOKEN_INT) ? scan->value.v_int : 0;
g_snprintf (final, 1024, "%d/%d %s", actual, max, players);
}
@@ -529,13 +529,13 @@
if (g_scanner_get_next_token (scan) == G_TOKEN_LEFT_CURLY)
{
g_scanner_get_next_token (scan);
- state = g_strdup (scan->value.v_identifier);
+ state = g_strdup ((scan->token==G_TOKEN_IDENTIFIER) ? scan->value.v_identifier : "");
}
else
state = g_strdup ("IDLE");
while ((g_scanner_get_next_token (scan) != G_TOKEN_RIGHT_PAREN) && !g_scanner_eof (scan));
- if (line[scan->position] != 0)
+ if (!g_scanner_eof(scan) && (scan->position < strlen(line)))
desc = g_strstrip (g_locale_to_utf8 (&line[scan->position], -1, NULL, NULL, NULL));
else
desc = g_strdup ("");
--VS++wcV0S1rZb1Fb--
---------------------------------------
Received: (at 304713-close) by bugs.debian.org; 2 May 2005 22:16:53 +0000
>From katie@ftp-master.debian.org Mon May 02 15:16:53 2005
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DSjDh-0005hr-00; Mon, 02 May 2005 15:16:53 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DSizM-0004dw-00; Mon, 02 May 2005 18:02:04 -0400
From: Jordi Mallach <jordi@debian.org>
To: 304713-close@bugs.debian.org
X-Katie: $Revision: 1.55 $
Subject: Bug#304713: fixed in gtetrinet 0.7.9-1
Message-Id: <E1DSizM-0004dw-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Mon, 02 May 2005 18:02:04 -0400
Delivered-To: 304713-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 2
Source: gtetrinet
Source-Version: 0.7.9-1
We believe that the bug you reported is fixed in the latest version of
gtetrinet, which is due to be installed in the Debian FTP archive:
gtetrinet_0.7.9-1.diff.gz
to pool/main/g/gtetrinet/gtetrinet_0.7.9-1.diff.gz
gtetrinet_0.7.9-1.dsc
to pool/main/g/gtetrinet/gtetrinet_0.7.9-1.dsc
gtetrinet_0.7.9-1_i386.deb
to pool/main/g/gtetrinet/gtetrinet_0.7.9-1_i386.deb
gtetrinet_0.7.9.orig.tar.gz
to pool/main/g/gtetrinet/gtetrinet_0.7.9.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 304713@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jordi Mallach <jordi@debian.org> (supplier of updated gtetrinet package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 29 Apr 2005 19:10:31 +1000
Source: gtetrinet
Binary: gtetrinet
Architecture: source i386
Version: 0.7.9-1
Distribution: unstable
Urgency: low
Maintainer: Jordi Mallach <jordi@debian.org>
Changed-By: Jordi Mallach <jordi@debian.org>
Description:
gtetrinet - multiplayer tetris-like game
Closes: 204638 304713 306422
Changes:
gtetrinet (0.7.9-1) unstable; urgency=low
.
* The "DownUnder" release.
* New upstream release.
- fixes display of non-ASCII characters on UTF-8 locales
(closes: #204638).
- should not segfault on servers with weird /list output
(closes: #304713).
- network performance fixes (closes: #306422).
* debian/control.in: build-depend on libgtk2.0-dev (>= 2.6).
Files:
a37c7e0b09933663cb06e1649b9498d8 1532 gnome optional gtetrinet_0.7.9-1.dsc
39fd47efac9727e093ad6923da5c305b 604714 gnome optional gtetrinet_0.7.9.orig.tar.gz
4ffb589826e0b5c8511f90f9f60ad33c 6015 gnome optional gtetrinet_0.7.9-1.diff.gz
23427324d38570311a842d5ad0274d4b 313692 gnome optional gtetrinet_0.7.9-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCdp6bJYSUupF6Il4RAnn/AKCUGQU0Er5Kc5Sd84o00imcmCrXegCg5ykN
mkyFZZQCBK7tEip1PFJ9sMM=
=W7Vw
-----END PGP SIGNATURE-----