NetBSD Problem Report #34723
From christianbiere@gmx.de Thu Oct 5 16:51:24 2006
Return-Path: <christianbiere@gmx.de>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by narn.NetBSD.org (Postfix) with ESMTP id 0BB9263B8C9
for <gnats-bugs@gnats.NetBSD.org>; Thu, 5 Oct 2006 16:51:24 +0000 (UTC)
Message-Id: <20061005165102.GA3378@cyclonus>
Date: Thu, 5 Oct 2006 18:51:02 +0200
From: Christian Biere <christianbiere@gmx.de>
To: gnats-bugs@NetBSD.org
Subject: pkgsrc patch crashes links and links-gui
X-Send-Pr-Version: 3.95
>Number: 34723
>Category: pkg
>Synopsis: pkgsrc patch crashes links and links-gui
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: is
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Oct 05 16:55:00 +0000 2006
>Closed-Date: Wed Aug 20 10:01:15 +0000 2008
>Last-Modified: Mon Sep 01 06:10:03 +0000 2008
>Originator: Christian Biere
>Release: NetBSD 4.99.3
>Organization:
>Environment:
System: NetBSD cyclonus 4.99.3 NetBSD 4.99.3 (UNICRON.XEN3_DOM0) #4: Thu Oct 5 07:33:26 CEST 2006 src@cyclonus:/o/NetBSD/obj/sys/arch/i386/compile/UNICRON.XEN3_DOM0 i386
Architecture: i386
Machine: i386
>Description:
pkgsrc contains a patch for links and links-gui which adds a feature
that removes trailing spaces from URLs in session.c goto_url(). This
additional code contains at least two bugs: It modifies the URL in
place, ignoring that the passed memory might be read-only protected.
This causes a crash when calling built-in URLs. Also, if the URL
parameter is an empty string, the code may cause further havoc.
Please, request feature from the links developers and let them review
such patches before adding them to pkgsrc.
>How-To-Repeat:
Select About->Homepage from the menu.
>Fix:
Revert patch-aa of www/links to revision 1.2.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: pkg-manager->is
Responsible-Changed-By: wiz@netbsd.org
Responsible-Changed-When: Fri, 06 Oct 2006 07:19:07 +0000
Responsible-Changed-Why:
is added the patch.
From: Christian Biere <christianbiere@gmx.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/34723 (pkgsrc patch crashes links and links-gui)
Date: Fri, 20 Jun 2008 23:29:00 +0200
wiz@netbsd.org wrote:
> Synopsis: pkgsrc patch crashes links and links-gui
>
> Responsible-Changed-From-To: pkg-manager->is
> Responsible-Changed-By: wiz@netbsd.org
> Responsible-Changed-When: Fri, 06 Oct 2006 07:19:07 +0000
> Responsible-Changed-Why:
> is added the patch.
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/www/links/distinfo,v
retrieving revision 1.47
diff -u -p -r1.47 distinfo
--- distinfo 21 May 2008 14:00:40 -0000 1.47
+++ distinfo 20 Jun 2008 21:27:43 -0000
@@ -1,7 +1,6 @@
-$NetBSD: distinfo,v 1.47 2008/05/21 14:00:40 wiz Exp $
+$NetBSD$
SHA1 (links-2.1pre36.tar.bz2) = 79ff4ff2d663de99ba590e11f42a52435a6e1809
RMD160 (links-2.1pre36.tar.bz2) = e34d61aa6db196d897afd4f07c1eb6f3a87dd4eb
Size (links-2.1pre36.tar.bz2) = 3824394 bytes
-SHA1 (patch-aa) = 374bd3262b4f50712cd42898d67e90ebcba72577
SHA1 (patch-ab) = a2d461c9d8b6300469ab6195886830fdd63be837
From: Christian Biere <christianbiere@gmx.de>
To: gnats-bugs@NetBSD.org
Cc: pkgsrc-users@netbsd.org
Subject: Re: pkg/34723 (pkgsrc patch crashes links and links-gui)
Date: Tue, 19 Aug 2008 22:09:37 +0200
Christian Biere wrote:
> wiz@netbsd.org wrote:
> > Synopsis: pkgsrc patch crashes links and links-gui
> >
> > Responsible-Changed-From-To: pkg-manager->is
> > Responsible-Changed-By: wiz@netbsd.org
> > Responsible-Changed-When: Fri, 06 Oct 2006 07:19:07 +0000
> > Responsible-Changed-Why:
> > is added the patch.
> Index: distinfo
> ===================================================================
> RCS file: /cvsroot/pkgsrc/www/links/distinfo,v
> retrieving revision 1.47
> diff -u -p -r1.47 distinfo
> --- distinfo 21 May 2008 14:00:40 -0000 1.47
> +++ distinfo 20 Jun 2008 21:27:43 -0000
> @@ -1,7 +1,6 @@
> -$NetBSD: distinfo,v 1.47 2008/05/21 14:00:40 wiz Exp $
> +$NetBSD$
>
> SHA1 (links-2.1pre36.tar.bz2) = 79ff4ff2d663de99ba590e11f42a52435a6e1809
> RMD160 (links-2.1pre36.tar.bz2) = e34d61aa6db196d897afd4f07c1eb6f3a87dd4eb
> Size (links-2.1pre36.tar.bz2) = 3824394 bytes
> -SHA1 (patch-aa) = 374bd3262b4f50712cd42898d67e90ebcba72577
> SHA1 (patch-ab) = a2d461c9d8b6300469ab6195886830fdd63be837
I find it unbelievable that after almost TWO YEARS, this patch which
does nothing but adding bugs, is still in pkgsrc.
The patch can be seen here:
http://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/www/links/patches/patch-aa
Even without looking at the context of it, the patch is really poor C and has
multiple bugs in itself.
--
Christian
From: Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>
To: Christian Biere <christianbiere@gmx.de>
Cc: gnats-bugs@NetBSD.org, pkgsrc-users@NetBSD.org
Subject: Re: pkg/34723 (pkgsrc patch crashes links and links-gui)
Date: Tue, 19 Aug 2008 22:34:25 +0200 (CEST)
On Tue, 19 Aug 2008, Christian Biere wrote:
> Christian Biere wrote:
> > wiz@netbsd.org wrote:
> > > Synopsis: pkgsrc patch crashes links and links-gui
> > >
> > > Responsible-Changed-From-To: pkg-manager->is
> > > Responsible-Changed-By: wiz@netbsd.org
> > > Responsible-Changed-When: Fri, 06 Oct 2006 07:19:07 +0000
> > > Responsible-Changed-Why:
> > > is added the patch.
>
> > Index: distinfo
> > ===================================================================
> > RCS file: /cvsroot/pkgsrc/www/links/distinfo,v
> > retrieving revision 1.47
> > diff -u -p -r1.47 distinfo
> > --- distinfo 21 May 2008 14:00:40 -0000 1.47
> > +++ distinfo 20 Jun 2008 21:27:43 -0000
> > @@ -1,7 +1,6 @@
> > -$NetBSD: distinfo,v 1.47 2008/05/21 14:00:40 wiz Exp $
> > +$NetBSD$
> >
> > SHA1 (links-2.1pre36.tar.bz2) = 79ff4ff2d663de99ba590e11f42a52435a6e1809
> > RMD160 (links-2.1pre36.tar.bz2) = e34d61aa6db196d897afd4f07c1eb6f3a87dd4eb
> > Size (links-2.1pre36.tar.bz2) = 3824394 bytes
> > -SHA1 (patch-aa) = 374bd3262b4f50712cd42898d67e90ebcba72577
> > SHA1 (patch-ab) = a2d461c9d8b6300469ab6195886830fdd63be837
>
> I find it unbelievable that after almost TWO YEARS, this patch which
> does nothing but adding bugs, is still in pkgsrc.
>
> The patch can be seen here:
> http://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/www/links/patches/patch-aa
>
> Even without looking at the context of it, the patch is really poor C and has
> multiple bugs in itself.
>
> --
> Christian
Surely, it's broken.
The function goto_url isn't supposed to modify its argument (if you need
to modify it, create copy of the string with stracpy and free it at the
end of the function with mem_free). I should have marked the argument as
"const unsigned char *url", but at that time I didn't use "const" and I
kept this information in my head.
And the bug when the string is empty or contains only spaces...
Mikulas
From: Ignatios Souvatzis <is@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/34723 (pkgsrc patch crashes links and links-gui)
Date: Tue, 19 Aug 2008 22:50:09 +0200
On Tue, Aug 19, 2008 at 08:10:07PM +0000, Christian Biere wrote:
>
> I find it unbelievable that after almost TWO YEARS,
Nobody complained earlier... apparently, I didn't try
to use the constant URL menu when testing.
> this patch which does nothing
> but adding bugs,
well, it has its use.
> is still in pkgsrc.
>
> Even without looking at the context of it, the patch is really poor C and has
> multiple bugs in itself.
That I must admit, looking at the code from some distance.
I'll remove it.
-is
--
seal your e-mail: http://www.gnupg.org/
State-Changed-From-To: open->closed
State-Changed-By: is@NetBSD.org
State-Changed-When: Wed, 20 Aug 2008 10:01:15 +0000
State-Changed-Why:
- package is fixed in pkgsrc-current.
- pullup is requesteed (#2502).
- Feature request/code had been submitted upstream "back then", and
apparently a different solution has been implemented upstream in the
meantime, but our package was upgraded without removing our patch.
Sorry for that.
From: "S.P.Zeidler" <spz@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/34723 CVS commit: [pkgsrc-2008Q2] pkgsrc/www
Date: Mon, 1 Sep 2008 06:08:44 +0000 (UTC)
Module Name: pkgsrc
Committed By: spz
Date: Mon Sep 1 06:08:44 UTC 2008
Modified Files:
pkgsrc/www/links [pkgsrc-2008Q2]: Makefile distinfo
pkgsrc/www/links-gui [pkgsrc-2008Q2]: Makefile
pkgsrc/www/links/patches [pkgsrc-2008Q2]: patch-aa
Log Message:
Pullup ticket 2502 - requested by is
fix PR 34723
Revisions pulled up:
- pkgsrc/www/links/Makefile by patch provided
- pkgsrc/www/links/distinfo by patch provided
- pkgsrc/www/links-gui/Makefile by patch provided
- pkgsrc/www/links/patches/patch-aa by patch provided
Module Name: pkgsrc
Committed By: is
Date: Wed Aug 20 09:26:45 UTC 2008
Modified Files:
pkgsrc/www/links: Makefile distinfo
pkgsrc/www/links-gui: Makefile
pkgsrc/www/links/patches: patch-aa
Log Message:
Patch no longer needed, besides failing for some boundary conditions.
Feature request/code had been submitted upstream "back then", and
apparently a different solution has been implemented upstream in the
meantime, but our package was upgraded without removing our patch.
To generate a diff of this commit:
cvs rdiff -r1.54 -r1.55 pkgsrc/www/links/Makefile
cvs rdiff -r1.49 -r1.50 pkgsrc/www/links/distinfo
cvs rdiff -r1.56 -r1.57 pkgsrc/www/links-gui/Makefile
cvs rdiff -r1.3 -r1.4 pkgsrc/www/links/patches/patch-aa
To generate a diff of this commit:
cvs rdiff -r1.53 -r1.53.4.1 pkgsrc/www/links/Makefile
cvs rdiff -r1.47 -r1.47.4.1 pkgsrc/www/links/distinfo
cvs rdiff -r1.55 -r1.55.4.1 pkgsrc/www/links-gui/Makefile
cvs rdiff -r1.2 -r1.2.20.1 pkgsrc/www/links/patches/patch-aa
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.