Ubuntu
slang2 package

Merge ~paelzer/ubuntu/+source/slang2:ubuntu/xenial-devel into ubuntu/+source/slang2:ubuntu/xenial-devel

  1. Git
  2. lp:~paelzer/ubuntu/+source/slang2
  3. ubuntu/xenial-devel
  4. Merge into ubuntu/xenial-devel
Proposed by Christian Ehrhardt 
Status: Merged
Approved by: Robie Basak
Approved revision: c8532c5ddc0a2efa14750ae23632774f760c8b99
Merge reported by: Christian Ehrhardt 
Merged at revision: c8532c5ddc0a2efa14750ae23632774f760c8b99
Proposed branch: ~paelzer/ubuntu/+source/slang2:ubuntu/xenial-devel
Merge into: ubuntu/+source/slang2:ubuntu/xenial-devel
Diff against target: 129 lines (+107/-0)
3 files modified
debian/changelog (+7/-0)
debian/patches/init-crash.patch (+99/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
Andreas Hasenack Approve
Canonical Server Pending
git-ubuntu developers Pending
Review via email: mp+348667@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

PPA [1] to test the fix according to the repro steps that I added as part of the SRU template.

[1]: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3309

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

+1, and fix confirmed as well with packages from the ppa.

review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Tagged and Uploaded

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 45577c8..f5b880a 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,10 @@
6+slang2 (2.3.0-2ubuntu1.1) xenial; urgency=medium
7+
8+ * d/p/init-crash.patch: Fix crash on multuple initialisation when TERMCAP
9+ set (LP: #1537528)
10+
11+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 28 Jun 2018 11:06:04 +0200
12+
13 slang2 (2.3.0-2ubuntu1) vivid; urgency=low
14
15 * Merge from Debian unstable. Remaining changes:
16diff --git a/debian/patches/init-crash.patch b/debian/patches/init-crash.patch
17new file mode 100644
18index 0000000..69dd820
19--- /dev/null
20+++ b/debian/patches/init-crash.patch
21@@ -0,0 +1,99 @@
22+Description: Fix crash on multuple initialisation when TERMCAP set
23+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837868
24+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/byobu/+bug/1537528
25+Origin: https://salsa.debian.org/debian/slang2/blob/debian/master/debian/patches/init-crash.patch
26+Forwarded: No
27+Author: Alastair McKinstry <mckinstry@debian.org>
28+Last-Update: 2018-06-28
29+
30+--- a/src/sltermin.c
31++++ b/src/sltermin.c
32+@@ -546,13 +546,10 @@ static int tcap_getent (SLCONST char *te
33+ if (NULL == (buf = (unsigned char *) SLmalloc (ulen)))
34+ return -1;
35+
36+- b = buf;
37+-
38+ /* The beginning of the termcap entry contains the names of the entry.
39+ * It is terminated by a colon.
40+ */
41+
42+- ti->terminal_names = (char *) b;
43+ t = termcap;
44+ len = tcap_extract_field (t);
45+ if (len < 0)
46+@@ -560,9 +557,9 @@ static int tcap_getent (SLCONST char *te
47+ SLfree ((char *)buf);
48+ return -1;
49+ }
50+- strncpy ((char *) b, (char *) t, (unsigned int) len);
51+- b[len] = 0;
52+- b += len + 1;
53++ ti->terminal_names = SLmalloc (len + 1);
54++ strncpy (ti->terminal_names, (char *) t, (unsigned int) len);
55++ ti->terminal_names[len] = 0;
56+ ti->name_section_size = len;
57+
58+ /* Now, we are really at the start of the termcap entries. Point the
59+@@ -571,7 +568,7 @@ static int tcap_getent (SLCONST char *te
60+ termcap = t + (len + 1);
61+
62+ /* Process strings first. */
63+- ti->string_table = (char *) b;
64++ b = buf;
65+ t = termcap;
66+ while (-1 != (len = tcap_extract_field (t)))
67+ {
68+@@ -597,6 +594,7 @@ static int tcap_getent (SLCONST char *te
69+ t = (unsigned char *) _pSLexpand_escaped_char ((char *) t, (char *) tmax, &wch, NULL);
70+ if (t == NULL)
71+ {
72++ SLfree (ti->terminal_names);
73+ SLfree ((char *)buf);
74+ return -1;
75+ }
76+@@ -617,12 +615,14 @@ static int tcap_getent (SLCONST char *te
77+ /* skip colon to next field. */
78+ t++;
79+ }
80+- ti->string_table_size = (int) (b - (unsigned char *) ti->string_table);
81++ ti->string_table_size = (int) (b - buf);
82++ ti->string_table = SLmalloc (ti->string_table_size);
83++ memcpy (ti->string_table, buf, ti->string_table_size);
84+
85+ /* Now process the numbers. */
86+
87+ t = termcap;
88+- ti->numbers = b;
89++ b = buf;
90+ while (-1 != (len = tcap_extract_field (t)))
91+ {
92+ unsigned char *b1;
93+@@ -647,11 +647,13 @@ static int tcap_getent (SLCONST char *te
94+ b1[2] = (unsigned char) len; /* replace the # by the length */
95+ t++;
96+ }
97+- ti->num_numbers = (b - ti->numbers);
98++ ti->num_numbers = (b - buf);
99++ ti->numbers = SLmalloc (ti->num_numbers);
100++ memcpy (ti->numbers, buf, ti->num_numbers);
101+
102+ /* Now process the flags. */
103+ t = termcap;
104+- ti->boolean_flags = b;
105++ b = buf;
106+ while (-1 != (len = tcap_extract_field (t)))
107+ {
108+ /* We are looking for: XX#NUMBER */
109+@@ -665,7 +667,10 @@ static int tcap_getent (SLCONST char *te
110+ t += 3;
111+ b += 2;
112+ }
113+- ti->boolean_section_size = (b - ti->boolean_flags);
114++ ti->boolean_section_size = (b - buf);
115++ ti->boolean_flags = SLmalloc (ti->boolean_section_size);
116++ memcpy (ti->boolean_flags, buf, ti->boolean_section_size);
117++ SLfree ((char *)buf);
118+ ti->flags = SLTERMCAP;
119+ return 0;
120+ }
121diff --git a/debian/patches/series b/debian/patches/series
122index 80ca793..d233ebd 100644
123--- a/debian/patches/series
124+++ b/debian/patches/series
125@@ -5,3 +5,4 @@ typos.patch
126 dso_linking.patch
127 fix_glibc.patch
128 segv_fix.patch
129+init-crash.patch

Subscribers

People subscribed via source and target branches