X2Go Bug report logs - #777
nx-libs: incorrect usage of scanf

version graph

Package: nx-libs; Maintainer for nx-libs is X2Go Developers <x2go-dev@lists.x2go.org>;

Reported by: Heinrich Schuchardt <xypron.glpk@gmx.de>

Date: Fri, 30 Jan 2015 19:40:01 UTC

Severity: normal

Found in version head

Done: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Bug is archived. No further changes may be made.

Full log


🔗 View this message in rfc822 format

MIME-Version: 1.0
X-Mailer: MIME-tools 5.502 (Entity 5.502)
X-Loop: owner@bugs.x2go.org
From: owner@bugs.x2go.org (X2Go Bug Tracking System)
Subject: Bug#777 closed by Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
 (Re: [X2Go-Dev] Bug#777: nx-libs: incorrect usage of scanf)
Message-ID: <handler.777.b777.143169548416651.notifdone@bugs.x2go.org>
References: <20150515131121.Horde.M5jvfVznJ8S6SzNuv5znHw2@mail.das-netzwerkteam.de>
X-X2go-PR-Message: they-closed 777
X-X2go-PR-Package: nx-libs
Date: Fri, 15 May 2015 13:13:12 +0000
Content-Type: multipart/mixed; boundary="----------=_1431695592-17104-0"
[Message part 1 (text/plain, inline)]
This is an automatic notification regarding your Bug report
which was filed against the nx-libs package:

#777: nx-libs: incorrect usage of scanf

It has been closed by Mike Gabriel <mike.gabriel@das-netzwerkteam.de>.

Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Mike Gabriel <mike.gabriel@das-netzwerkteam.de> by
replying to this email.


-- 
777: http://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=777
X2Go Bug Tracking System
Contact owner@bugs.x2go.org with problems
[Message part 2 (message/rfc822, inline)]
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: 777@bugs.x2go.org
Subject: Re: [X2Go-Dev] Bug#777: nx-libs: incorrect usage of scanf
Date: Fri, 15 May 2015 13:11:21 +0000
[Message part 3 (text/plain, inline)]
Control: close -1

Closing (and agreeing on this) by use request.

Mike

On  Mo 02 Feb 2015 21:39:50 CET, Heinrich Schuchardt wrote:

> Squeeze reached end of life.
> Package libc6 in wheezy is patched against the bug.
> Package libc6 in jessie is not vulnerable as it uses a newer libc6
> release.
>
> So I think we should close this bug and concentrate on updating our
> mesa code to the newest version instead of patching some old version.
>
> Best regards
>
> Heinrich
>
> On 31.01.2015 16:04, Mike Gabriel wrote:
>> Hi Heinrich,
>>
>> On  Fr 30 Jan 2015 20:35:53 CET, Heinrich Schuchardt wrote:
>>
>>> package: nx-libs version: head
>>>
>>> In different parts of the nx-libs library you can find usages of
>>> scanf like
>>>
>>> /* check for MESA_GAMMA environment variable */ gamma =
>>> _mesa_getenv("MESA_GAMMA"); if (gamma) { v->RedGamma =
>>> v->GreenGamma = v->BlueGamma = 0.0; sscanf( gamma, "%f %f %f",
>>> &v->RedGamma, &v->GreenGamma, &v->BlueGamma );
>>>
>>> According to cppcheck:
>>>
>>> scanf without field width limits can crash with huge input data
>>> on libc versions older than 2.13-25. Add a field width specifier
>>> to fix this problem: %i => %3i
>>
>> Any chance you could also provide a patch for this?
>>
>> Mike
>>


-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
[Message part 4 (application/pgp-signature, inline)]
[Message part 5 (message/rfc822, inline)]
From: Heinrich Schuchardt <xypron.glpk@gmx.de>
To: submit@bugs.x2go.org
Subject: nx-libs: incorrect usage of scanf
Date: Fri, 30 Jan 2015 20:35:53 +0100
package: nx-libs
version: head

In different parts of the nx-libs library you can find usages of scanf like

   /* check for MESA_GAMMA environment variable */
   gamma = _mesa_getenv("MESA_GAMMA");
   if (gamma) {
      v->RedGamma = v->GreenGamma = v->BlueGamma = 0.0;
      sscanf( gamma, "%f %f %f", &v->RedGamma, &v->GreenGamma,
&v->BlueGamma );

According to cppcheck:

scanf without field width limits can crash with huge input data on libc
versions older than 2.13-25. Add a field width specifier to fix this
problem:
    %i => %3i


Best regards

Heinrich Schuchardt

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Mon Jul 13 05:29:52 2020; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.