Ergebnis für URL: http://bugs.debian.org/380347 Debian Bug report logs - [1]#380347
elinks: crashes on a specially crafted page
[2]version graph
Package: [3]elinks; Maintainer for [4]elinks is [5]aHhkm+d+ a+l+m+hkm+w+d+y+
(Ahmed El-Mahmoudy) ; Source for [6]elinks is
[7]src:elinks ([8]PTS, [9]buildd, [10]popcon).
Reported by: [11]Jakub Wilk
Date: Sat, 29 Jul 2006 12:18:42 UTC
Severity: important
Tags: fixed-upstream, upstream
Found in version elinks/0.11.1-1
Fixed in version elinks/0.11.3-1
Done: Y Giridhar Appaji Nag
Bug is archived. No further changes may be made.
[12]Toggle useless messages
View this report as an [13]mbox folder, [14]status mbox, [15]maintainer mbox
____________________________________________________________________________
Report forwarded to debian-bugs-dist@lists.debian.org, ubanus@users.sf.net, Peter
Gervai :
Bug#380347; Package elinks. ([16]full text, [17]mbox, [18]link).
____________________________________________________________________________
Acknowledgement sent to Jakub Wilk :
New Bug report received and forwarded. Copy sent to ubanus@users.sf.net, Peter
Gervai . ([19]full text, [20]mbox, [21]link).
____________________________________________________________________________
[22]Message #5 received at submit@bugs.debian.org ([23]full text, [24]mbox,
[25]reply):
From: Jakub Wilk
To: Debian Bug Tracking System
Subject: elinks: crashes on a specially crafted page
Date: Sat, 29 Jul 2006 14:15:19 +0200
[[26]Message part 1 (text/plain, inline)]
Package: elinks
Version: 0.11.1-1
Severity: important
Elinks crashes on a specially crafted page:
$ elinks -config-file /dev/null buggy.html
[ Press backslash twice ]
ELinks crashed. That shouldn't happen. Please report this incident to
the developers. If you would like to help to debug the problem you just
uncovered, please keep the core you just got and send the developers
the output of 'bt' command entered inside of gdb (which you run as:
gdb elinks core). Thanks a lot for your cooperation!
ELinks 0.11.1 (built on May 24 2006 20:12:14)
Features:
Standard, Fastmem, IPv6, gzip, bzip2, Periodic Saving, Timer, Cascading Style Sheets,
Protocol (File, FTP, HTTP, NNTP, SMB, URI rewrite, User protocols), SSL (GnuTLS),
MIME (Option system, Mailcap, Mimetypes files), LED indicators, Bookmarks,
Cookies, Form History, Global History, Scripting (Lua, Perl), Goto URL History,
Search History
elinks(dump_backtrace+0x23)[0x80d0173]
elinks[0x80abca4]
elinks[0x80ac17f]
[0xffffe420]
elinks(dcgettext__+0x31)[0x809e881]
elinks(gettext__+0x22)[0x809fd12]
elinks(get_state_message+0x6c)[0x80aa71c]
elinks(get_download_msg+0x42)[0x807a782]
elinks(print_screen_status+0x76c)[0x807b1dc]
elinks(refresh_view+0x11d)[0x80d628d]
elinks(draw_formatted+0xcf)[0x80d637f]
elinks(do_action+0xd94)[0x80d47e4]
elinks(send_event+0xa5)[0x80e07e5]
elinks(in_term+0x46b)[0x80c877b]
elinks(select_loop+0x1f6)[0x80a4106]
elinks(main+0x41)[0x80a3791]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xd0)[0xa7cafeb0]
elinks[0x8059891]
Aborted
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (900, 'testing'), (600, 'unstable'), (500, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/dash
Kernel: Linux 2.6.17-1-686
Locale: LANG=C, LC_CTYPE=pl_PL (charmap=ISO-8859-2)
Versions of packages elinks depends on:
ii debconf 1.5.2 Debian configuration management sy
ii libbz2-1.0 1.0.3-3 high-quality block-sorting file co
ii libc6 2.3.6-15 GNU C Library: Shared libraries
ii libexpat1 1.95.8-3.2 XML parsing C library - runtime li
ii libgnutls13 1.4.1-1 the GNU TLS library - runtime libr
ii libgpmg1 1.19.6-22 General Purpose Mouse - shared lib
ii libidn11 0.6.5-1 GNU libidn library, implementation
ii liblua50 5.0.2-6 Main interpreter library for the L
ii liblualib50 5.0.2-6 Extension library for the Lua 5.0
ii libperl5.8 5.8.8-4 Shared Perl library
ii zlib1g 1:1.2.3-13 compression library - runtime
elinks recommends no packages.
-- debconf-show failed
--
Jakub Wilk
[[27]buggy.html (text/html, attachment)]
____________________________________________________________________________
Message sent on to Jakub Wilk :
Bug#380347. ([28]full text, [29]mbox, [30]link).
____________________________________________________________________________
[31]Message #8 received at 380347-submitter@bugs.debian.org ([32]full text,
[33]mbox, [34]reply):
From: Kalle Olavi Niemitalo
To: 380347-submitter@bugs.debian.org
Subject: Re: Bug#380347: elinks: crashes on a specially crafted page
Date: Tue, 01 May 2007 15:18:10 +0300
[[35]Message part 1 (text/plain, inline)]
Jakub Wilk writes:
> Elinks crashes on a specially crafted page:
>
> $ elinks -config-file /dev/null buggy.html
>
> [ Press backslash twice ]
Thank you for the report and the test case. The crash was
caused by a static array overflowing to corrupt other variables.
The array index was checked too late. I have fixed this in:
ELinks 0.11.3.GIT (14588b9455583096ddeb54b0541bfc230a2a2451)
ELinks 0.12.GIT (341d54151f69d087112e1514b928e3fcc1810194)
The fix will be in ELinks 0.11.4 and 0.12.0 when/if they are
released.
[[36]Message part 2 (application/pgp-signature, inline)]
____________________________________________________________________________
Tags added: upstream Request was from Y Giridhar Appaji Nag
to control@bugs.debian.org. (Thu, 22 Nov 2007 13:42:09 GMT) ([37]full text,
[38]mbox, [39]link).
____________________________________________________________________________
Tags added: fixed-upstream Request was from Y Giridhar Appaji Nag
to control@bugs.debian.org. (Thu, 22 Nov 2007 13:42:10 GMT)
([40]full text, [41]mbox, [42]link).
____________________________________________________________________________
Tags added: pending Request was from Y Giridhar Appaji Nag
to control@bugs.debian.org. (Wed, 02 Jan 2008 13:27:14 GMT) ([43]full text,
[44]mbox, [45]link).
____________________________________________________________________________
Reply sent to Y Giridhar Appaji Nag :
You have taken responsibility. ([46]full text, [47]mbox, [48]link).
____________________________________________________________________________
Notification sent to Jakub Wilk :
Bug acknowledged by developer. ([49]full text, [50]mbox, [51]link).
____________________________________________________________________________
[52]Message #19 received at 380347-close@bugs.debian.org ([53]full text,
[54]mbox, [55]reply):
From: Y Giridhar Appaji Nag
To: 380347-close@bugs.debian.org
Subject: Bug#380347: fixed in elinks 0.11.3-1
Date: Sat, 12 Jan 2008 15:37:24 +0000
Source: elinks
Source-Version: 0.11.3-1
We believe that the bug you reported is fixed in the latest version of
elinks, which is due to be installed in the Debian FTP archive:
elinks-data_0.11.3-1_all.deb
to pool/main/e/elinks/elinks-data_0.11.3-1_all.deb
elinks-doc_0.11.3-1_all.deb
to pool/main/e/elinks/elinks-doc_0.11.3-1_all.deb
elinks-lite_0.11.3-1_i386.deb
to pool/main/e/elinks/elinks-lite_0.11.3-1_i386.deb
elinks_0.11.3-1.diff.gz
to pool/main/e/elinks/elinks_0.11.3-1.diff.gz
elinks_0.11.3-1.dsc
to pool/main/e/elinks/elinks_0.11.3-1.dsc
elinks_0.11.3-1_i386.deb
to pool/main/e/elinks/elinks_0.11.3-1_i386.deb
elinks_0.11.3.orig.tar.gz
to pool/main/e/elinks/elinks_0.11.3.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 380347@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Y Giridhar Appaji Nag (supplier of updated elinks package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 07 Jan 2008 00:10:17 +0530
Source: elinks
Binary: elinks-lite elinks-doc elinks elinks-data
Architecture: source i386 all
Version: 0.11.3-1
Distribution: unstable
Urgency: low
Maintainer: Y Giridhar Appaji Nag
Changed-By: Y Giridhar Appaji Nag
Description:
elinks - Advanced text-mode WWW browser
elinks-data - Data files for ELinks - An advanced text-mode WWW browser
elinks-doc - Documentation for ELinks - An advanced text-mode WWW browser
elinks-lite - Lightweight version of Elinks - An advanced text-mode WWW browser
Closes: [56]257762 [57]313696 [58]315886 [59]380347 [60]403139 [61]413911 [62]429311 [63]4
31211 [64]451088
Changes:
elinks (0.11.3-1) unstable; urgency=low
.
* Adopted by Y Giridhar Appaji Nag (Closes: #[65]451088)
+ Add Co-maintainer Moritz Muehlenhoff to Uploaders
* Documentation is now built using sources, depends on the features
configured while building elinks.
* Remove superfluous m4 and bison Build-Depends.
* Arch indep part of elinks is large, moved it to elinks-data package
+ Add lintian/linda overrides for elinks.1 man-page (installed by the
elinks-data package).
* New upstream release 0.11.3 (Closes: #[66]429311)
+ Don't crash while sorting thru bookmarks (Closes: #[67]315886)
+ German PO file corrections (Closes: #[68]313696)
+ Use off_t for file size in FTP listing (Closes: #[69]403139)
* Add get-orig-source target that gets orig source and removes debian
directory, translation files and config.{log,status} etc.
* Change from DH_COMPAT 4 to debian/compat (5)
* Move debian/watch file to version 3
* Bump up Standards-Version to 3.7.3
+ Updated menu files for the latest menu policy.
+ debian/copyright: include all the major authors and copyright holders
listed in source files. ELinks is GPL2 only (Closes: #[70]431211)
* Add Homepage: and Vcs-*: fields to debian/control
* maint-scripts: Remove debconf dependency and moving of elinks.conf. Old
transition code, not necessary anymore.
* DH_ALWAYS_EXCLUDE=.gitignore in debian/rules (Closes: #[71]413911)
* Add debian/patches, but not using dpatch
+ Patch 01_asciidoc-escape-FTBFS.diff: Escape characters for asciidoc
conversion (prevents FTBFS in make all-docs)
+ Patch 02_setup-bugs-FSSTND.diff: Point bugs URL to debian.org and
remove FSSTND dir in setup.h etc.
+ Patch 03_417789-CVE-2007-2027.diff: Patch for #417789 from Julien
Cristau made a diff.
+ Patch 04_380347-entity_cache-overflow.diff: Prevent a buffer overflow
in entity_cache. Thanks Kalle Olavi Niemitalo for the fix
(Closes: #[72]380347)
+ Patch 05_257762-transparency-off.diff: Turn terminal transparency off
by default. Thanks Petr Baudis for the fix and Kalle Olavi Niemitalo
for a pointer to the fix (Closes: #[73]257762)
+ Patch 06_elinks.conf-parse-error.diff: create elinks-lite.conf, set
config.saving_style=3 and comment options that are not valid.
+ Patch 07_local-CGI-query-fix.diff: Fix broken query parsing of file:
URIs for local CGI.
Files:
547e5d16dff4249ee5003e976dce2435 1023 web optional elinks_0.11.3-1.dsc
d2df1fb2b207d749f68de869c0183d84 3126765 web optional elinks_0.11.3.orig.tar.gz
7ae2ce8d55cfec6ebb728eab07b86f11 37229 web optional elinks_0.11.3-1.diff.gz
e979a1b26c8ea41f552f45dacf44ef71 471860 web optional elinks_0.11.3-1_i386.deb
abe6839f723ca247e1cee026e6f607d2 373042 web optional elinks-lite_0.11.3-1_i386.deb
de577fe28e9ccf49a8a31578f2b749dd 664594 web optional elinks-data_0.11.3-1_all.deb
2d575b7d114811ef11b64953f626cd8f 536170 doc optional elinks-doc_0.11.3-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHg8brXm3vHE4uyloRAkEPAJ9QBxEZ0lHcGa72Ljll4/7j8zihwQCg023z
Q8/Vy8c2Y9xiW+79fnvAvNo=
=9bAd
-----END PGP SIGNATURE-----
____________________________________________________________________________
Bug archived. Request was from Debbugs Internal Request
to internal_control@bugs.debian.org. (Wed, 13 Feb 2008 07:44:35 GMT) ([74]full
text, [75]mbox, [76]link).
____________________________________________________________________________
Send a report that [77]this bug log contains spam.
____________________________________________________________________________
Debian bug tracking system administrator . Last
modified: Mon May 27 01:04:20 2024; Machine Name: buxtehude
[79]Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU Public License
version 2. The current version can be obtained from
[80]https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97
Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.
References
1. mailto:380347@bugs.debian.org
2. https://bugs.debian.org/cgi-bin/version.cgi?fixed=elinks%2F0.11.3-1;found=elinks%2F0.11.1-1;package=elinks;collapse=1;absolute=0;info=1
3. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
4. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
5. https://bugs.debian.org/cgi-bin/pkgreport.cgi?maint=aelmahmoudy%40users.sourceforge.net
6. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
7. https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=elinks
8. https://tracker.debian.org/pkg/elinks
9. https://buildd.debian.org/elinks
10. https://qa.debian.org/popcon.php?package=elinks
11. https://bugs.debian.org/cgi-bin/pkgreport.cgi?submitter=ubanus%40users.sf.net
12. javascript:toggle_infmessages();
13. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes
14. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;mboxstatus=yes
15. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;mboxmaint=yes
16. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=2
17. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=2
18. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#1
19. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=4
20. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=4
21. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#3
22. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#5
23. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=5
24. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=5
25.
26. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=380347;msg=5
27. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=380347;filename=buggy.html;msg=5
28. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=7
29. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=7
30. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#6
31. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#8
32. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=8
33. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=8
34. mailto:380347@bugs.debian.org?body=On%20Tue%2C%2001%20May%202007%2015%3A18%3A10%20%2B0300%20Kalle%20Olavi%20Niemitalo%20%3Ckon%40iki.fi%3E%20wrote%3A%0A%3E%20Jakub%20Wilk%20%3Cubanus%40users.sf.net%3E%20writes%3A%0A%3E%20%0A%3E%20%3E%20Elinks%20crashes%20on%20a%20specially%20crafted%20page%3A%0A%3E%20%3E%0A%3E%20%3E%20%24%20elinks%20-config-file%20%2Fdev%2Fnull%20buggy.html%0A%3E%20%3E%0A%3E%20%3E%20%5B%20Press%20backslash%20twice%20%5D%0A%3E%20%0A%3E%20Thank%20you%20for%20the%20report%20and%20the%20test%20case.%20%20The%20crash%20was%0A%3E%20caused%20by%20a%20static%20array%20overflowing%20to%20corrupt%20other%20variables.%0A%3E%20The%20array%20index%20was%20checked%20too%20late.%20%20I%20have%20fixed%20this%20in%3A%0A%3E%20%0A%3E%20ELinks%200.11.3.GIT%20%2814588b9455583096ddeb54b0541bfc230a2a2451%29%0A%3E%20ELinks%200.12.GIT%20%28341d54151f69d087112e1514b928e3fcc1810194%29%0A%3E%20%0A%3E%20The%20fix%20will%20be%20in%20ELinks%200.11.4%20and%200.12.0%20when%2Fif%20they%20are%0A%3E%20released.%0A&In-Reply-To=%3C87k5vsg2kd.fsf%40Astalo.kon.iki.fi%3E&subject=Re%3A%20Bug%23380347%3A%20elinks%3A%20crashes%20on%20a%20specially%20crafted%20page&References=%3C20060729121519.GA8081%40cavendish.pronus.net%3E%0A%20%3C87k5vsg2kd.fsf%40Astalo.kon.iki.fi%3E
35. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=380347;msg=8
36. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=380347;msg=8
37. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=10
38. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=10
39. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#9
40. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=12
41. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=12
42. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#11
43. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=14
44. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=14
45. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#13
46. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=16
47. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=16
48. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#15
49. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=18
50. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=18
51. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#17
52. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#19
53. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=19
54. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=19
55.
56. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257762
57. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=313696
58. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315886
59. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347
60. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=403139
61. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413911
62. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429311
63. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=431211
64. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451088
65. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451088
66. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429311
67. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315886
68. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=313696
69. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=403139
70. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=431211
71. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413911
72. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347
73. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257762
74. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=21
75. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=21
76. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#20
77. https://bugs.debian.org/cgi-bin/bugspam.cgi?bug=380347
78. mailto:owner@bugs.debian.org
79. https://www.debian.org/Bugs/
80. https://bugs.debian.org/debbugs-source/
Usage: http://www.kk-software.de/kklynxview/get/URL
e.g. http://www.kk-software.de/kklynxview/get/http://www.kk-software.de
Errormessages are in German, sorry ;-)