K&K Software Lynxviewer

Ergebnis für URL: http://bugs.debian.org/380347
                           Debian Bug report logs - [1]#380347
                       elinks: crashes on a specially crafted page

   [2]version graph

   Package: [3]elinks; Maintainer for [4]elinks is [5]aHhkm+d+ a+l+m+hkm+w+d+y+
   (Ahmed El-Mahmoudy) ; Source for [6]elinks is
   [7]src:elinks ([8]PTS, [9]buildd, [10]popcon).

   Reported by: [11]Jakub Wilk 

   Date: Sat, 29 Jul 2006 12:18:42 UTC

   Severity: important

   Tags: fixed-upstream, upstream

   Found in version elinks/0.11.1-1

   Fixed in version elinks/0.11.3-1

   Done: Y Giridhar Appaji Nag 

   Bug is archived. No further changes may be made.

   [12]Toggle useless messages

   View this report as an [13]mbox folder, [14]status mbox, [15]maintainer mbox
     ____________________________________________________________________________

   Report forwarded to debian-bugs-dist@lists.debian.org, ubanus@users.sf.net, Peter
   Gervai :
   Bug#380347; Package elinks. ([16]full text, [17]mbox, [18]link).
     ____________________________________________________________________________

   Acknowledgement sent to Jakub Wilk :
   New Bug report received and forwarded. Copy sent to ubanus@users.sf.net, Peter
   Gervai . ([19]full text, [20]mbox, [21]link).
     ____________________________________________________________________________

   [22]Message #5 received at submit@bugs.debian.org ([23]full text, [24]mbox,
   [25]reply):

   From: Jakub Wilk 
   To: Debian Bug Tracking System 
   Subject: elinks: crashes on a specially crafted page
   Date: Sat, 29 Jul 2006 14:15:19 +0200

[[26]Message part 1 (text/plain, inline)]
Package: elinks
Version: 0.11.1-1
Severity: important

Elinks crashes on a specially crafted page:

$ elinks -config-file /dev/null buggy.html

[ Press backslash twice ]

ELinks crashed. That shouldn't happen. Please report this incident to
the developers. If you would like to help to debug the problem you just
uncovered, please keep the core you just got and send the developers
the output of 'bt' command entered inside of gdb (which you run as:
gdb elinks core). Thanks a lot for your cooperation!

ELinks 0.11.1 (built on May 24 2006 20:12:14)

Features:
Standard, Fastmem, IPv6, gzip, bzip2, Periodic Saving, Timer, Cascading Style Sheets,
Protocol (File, FTP, HTTP, NNTP, SMB, URI rewrite, User protocols), SSL (GnuTLS),
MIME (Option system, Mailcap, Mimetypes files), LED indicators, Bookmarks,
Cookies, Form History, Global History, Scripting (Lua, Perl), Goto URL History,
Search History

elinks(dump_backtrace+0x23)[0x80d0173]
elinks[0x80abca4]
elinks[0x80ac17f]
[0xffffe420]
elinks(dcgettext__+0x31)[0x809e881]
elinks(gettext__+0x22)[0x809fd12]
elinks(get_state_message+0x6c)[0x80aa71c]
elinks(get_download_msg+0x42)[0x807a782]
elinks(print_screen_status+0x76c)[0x807b1dc]
elinks(refresh_view+0x11d)[0x80d628d]
elinks(draw_formatted+0xcf)[0x80d637f]
elinks(do_action+0xd94)[0x80d47e4]
elinks(send_event+0xa5)[0x80e07e5]
elinks(in_term+0x46b)[0x80c877b]
elinks(select_loop+0x1f6)[0x80a4106]
elinks(main+0x41)[0x80a3791]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xd0)[0xa7cafeb0]
elinks[0x8059891]
Aborted

-- System Information:
Debian Release: testing/unstable
 APT prefers testing
 APT policy: (900, 'testing'), (600, 'unstable'), (500, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.17-1-686
Locale: LANG=C, LC_CTYPE=pl_PL (charmap=ISO-8859-2)

Versions of packages elinks depends on:
ii  debconf                       1.5.2      Debian configuration management sy
ii  libbz2-1.0                    1.0.3-3    high-quality block-sorting file co
ii  libc6                         2.3.6-15   GNU C Library: Shared libraries
ii  libexpat1                     1.95.8-3.2 XML parsing C library - runtime li
ii  libgnutls13                   1.4.1-1    the GNU TLS library - runtime libr
ii  libgpmg1                      1.19.6-22  General Purpose Mouse - shared lib
ii  libidn11                      0.6.5-1    GNU libidn library, implementation
ii  liblua50                      5.0.2-6    Main interpreter library for the L
ii  liblualib50                   5.0.2-6    Extension library for the Lua 5.0
ii  libperl5.8                    5.8.8-4    Shared Perl library
ii  zlib1g                        1:1.2.3-13 compression library - runtime

elinks recommends no packages.

-- debconf-show failed

--
Jakub Wilk

[[27]buggy.html (text/html, attachment)]
     ____________________________________________________________________________

   Message sent on to Jakub Wilk :
   Bug#380347. ([28]full text, [29]mbox, [30]link).
     ____________________________________________________________________________

   [31]Message #8 received at 380347-submitter@bugs.debian.org ([32]full text,
   [33]mbox, [34]reply):

   From: Kalle Olavi Niemitalo 
   To: 380347-submitter@bugs.debian.org
   Subject: Re: Bug#380347: elinks: crashes on a specially crafted page
   Date: Tue, 01 May 2007 15:18:10 +0300

[[35]Message part 1 (text/plain, inline)]
Jakub Wilk  writes:

> Elinks crashes on a specially crafted page:
>
> $ elinks -config-file /dev/null buggy.html
>
> [ Press backslash twice ]

Thank you for the report and the test case.  The crash was
caused by a static array overflowing to corrupt other variables.
The array index was checked too late.  I have fixed this in:

ELinks 0.11.3.GIT (14588b9455583096ddeb54b0541bfc230a2a2451)
ELinks 0.12.GIT (341d54151f69d087112e1514b928e3fcc1810194)

The fix will be in ELinks 0.11.4 and 0.12.0 when/if they are
released.

[[36]Message part 2 (application/pgp-signature, inline)]
     ____________________________________________________________________________

   Tags added: upstream Request was from Y Giridhar Appaji Nag 
   to control@bugs.debian.org. (Thu, 22 Nov 2007 13:42:09 GMT) ([37]full text,
   [38]mbox, [39]link).
     ____________________________________________________________________________

   Tags added: fixed-upstream Request was from Y Giridhar Appaji Nag
    to control@bugs.debian.org. (Thu, 22 Nov 2007 13:42:10 GMT)
   ([40]full text, [41]mbox, [42]link).
     ____________________________________________________________________________

   Tags added: pending Request was from Y Giridhar Appaji Nag 
   to control@bugs.debian.org. (Wed, 02 Jan 2008 13:27:14 GMT) ([43]full text,
   [44]mbox, [45]link).
     ____________________________________________________________________________

   Reply sent to Y Giridhar Appaji Nag :
   You have taken responsibility. ([46]full text, [47]mbox, [48]link).
     ____________________________________________________________________________

   Notification sent to Jakub Wilk :
   Bug acknowledged by developer. ([49]full text, [50]mbox, [51]link).
     ____________________________________________________________________________

   [52]Message #19 received at 380347-close@bugs.debian.org ([53]full text,
   [54]mbox, [55]reply):

   From: Y Giridhar Appaji Nag 
   To: 380347-close@bugs.debian.org
   Subject: Bug#380347: fixed in elinks 0.11.3-1
   Date: Sat, 12 Jan 2008 15:37:24 +0000

Source: elinks
Source-Version: 0.11.3-1

We believe that the bug you reported is fixed in the latest version of
elinks, which is due to be installed in the Debian FTP archive:

elinks-data_0.11.3-1_all.deb
  to pool/main/e/elinks/elinks-data_0.11.3-1_all.deb
elinks-doc_0.11.3-1_all.deb
  to pool/main/e/elinks/elinks-doc_0.11.3-1_all.deb
elinks-lite_0.11.3-1_i386.deb
  to pool/main/e/elinks/elinks-lite_0.11.3-1_i386.deb
elinks_0.11.3-1.diff.gz
  to pool/main/e/elinks/elinks_0.11.3-1.diff.gz
elinks_0.11.3-1.dsc
  to pool/main/e/elinks/elinks_0.11.3-1.dsc
elinks_0.11.3-1_i386.deb
  to pool/main/e/elinks/elinks_0.11.3-1_i386.deb
elinks_0.11.3.orig.tar.gz
  to pool/main/e/elinks/elinks_0.11.3.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 380347@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Y Giridhar Appaji Nag  (supplier of updated elinks package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 07 Jan 2008 00:10:17 +0530
Source: elinks
Binary: elinks-lite elinks-doc elinks elinks-data
Architecture: source i386 all
Version: 0.11.3-1
Distribution: unstable
Urgency: low
Maintainer: Y Giridhar Appaji Nag 
Changed-By: Y Giridhar Appaji Nag 
Description:
 elinks     - Advanced text-mode WWW browser
 elinks-data - Data files for ELinks - An advanced text-mode WWW browser
 elinks-doc - Documentation for ELinks - An advanced text-mode WWW browser
 elinks-lite - Lightweight version of Elinks - An advanced text-mode WWW browser
Closes: [56]257762 [57]313696 [58]315886 [59]380347 [60]403139 [61]413911 [62]429311 [63]4
31211 [64]451088
Changes:
 elinks (0.11.3-1) unstable; urgency=low
 .
   * Adopted by Y Giridhar Appaji Nag  (Closes: #[65]451088)
     + Add Co-maintainer Moritz Muehlenhoff  to Uploaders
   * Documentation is now built using sources, depends on the features
     configured while building elinks.
   * Remove superfluous m4 and bison Build-Depends.
   * Arch indep part of elinks is large, moved it to elinks-data package
     + Add lintian/linda overrides for elinks.1 man-page (installed by the
       elinks-data package).
   * New upstream release 0.11.3 (Closes: #[66]429311)
     + Don't crash while sorting thru bookmarks (Closes: #[67]315886)
     + German PO file corrections (Closes: #[68]313696)
     + Use off_t for file size in FTP listing (Closes: #[69]403139)
   * Add get-orig-source target that gets orig source and removes debian
     directory, translation files and config.{log,status} etc.
   * Change from DH_COMPAT 4 to debian/compat (5)
   * Move debian/watch file to version 3
   * Bump up Standards-Version to 3.7.3
     + Updated menu files for the latest menu policy.
     + debian/copyright: include all the major authors and copyright holders
       listed in source files.  ELinks is GPL2 only (Closes: #[70]431211)
   * Add Homepage: and Vcs-*: fields to debian/control
   * maint-scripts: Remove debconf dependency and moving of elinks.conf.  Old
     transition code, not necessary anymore.
   * DH_ALWAYS_EXCLUDE=.gitignore in debian/rules (Closes: #[71]413911)
   * Add debian/patches, but not using dpatch
     + Patch 01_asciidoc-escape-FTBFS.diff: Escape characters for asciidoc
       conversion (prevents FTBFS in make all-docs)
     + Patch 02_setup-bugs-FSSTND.diff: Point bugs URL to debian.org and
       remove FSSTND dir in setup.h etc.
     + Patch 03_417789-CVE-2007-2027.diff: Patch for #417789 from Julien
       Cristau  made a diff.
     + Patch 04_380347-entity_cache-overflow.diff: Prevent a buffer overflow
       in entity_cache.  Thanks Kalle Olavi Niemitalo  for the fix
       (Closes: #[72]380347)
     + Patch 05_257762-transparency-off.diff: Turn terminal transparency off
       by default.  Thanks Petr Baudis for the fix and Kalle Olavi Niemitalo
        for a pointer to the fix (Closes: #[73]257762)
     + Patch 06_elinks.conf-parse-error.diff: create elinks-lite.conf, set
       config.saving_style=3 and comment options that are not valid.
     + Patch 07_local-CGI-query-fix.diff: Fix broken query parsing of file:
       URIs for local CGI.
Files:
 547e5d16dff4249ee5003e976dce2435 1023 web optional elinks_0.11.3-1.dsc
 d2df1fb2b207d749f68de869c0183d84 3126765 web optional elinks_0.11.3.orig.tar.gz
 7ae2ce8d55cfec6ebb728eab07b86f11 37229 web optional elinks_0.11.3-1.diff.gz
 e979a1b26c8ea41f552f45dacf44ef71 471860 web optional elinks_0.11.3-1_i386.deb
 abe6839f723ca247e1cee026e6f607d2 373042 web optional elinks-lite_0.11.3-1_i386.deb
 de577fe28e9ccf49a8a31578f2b749dd 664594 web optional elinks-data_0.11.3-1_all.deb
 2d575b7d114811ef11b64953f626cd8f 536170 doc optional elinks-doc_0.11.3-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHg8brXm3vHE4uyloRAkEPAJ9QBxEZ0lHcGa72Ljll4/7j8zihwQCg023z
Q8/Vy8c2Y9xiW+79fnvAvNo=
=9bAd
-----END PGP SIGNATURE-----




     ____________________________________________________________________________

   Bug archived. Request was from Debbugs Internal Request 
   to internal_control@bugs.debian.org. (Wed, 13 Feb 2008 07:44:35 GMT) ([74]full
   text, [75]mbox, [76]link).
     ____________________________________________________________________________

   Send a report that [77]this bug log contains spam.
     ____________________________________________________________________________


    Debian bug tracking system administrator . Last
    modified: Wed May 8 19:25:06 2024; Machine Name: buxtehude
    [79]Debian Bug tracking system
    Debbugs is free software and licensed under the terms of the GNU Public License
    version 2. The current version can be obtained from
    [80]https://bugs.debian.org/debbugs-source/.
    Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97
    Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

References

   1. mailto:380347@bugs.debian.org
   2. https://bugs.debian.org/cgi-bin/version.cgi?fixed=elinks%2F0.11.3-1;info=1;found=elinks%2F0.11.1-1;package=elinks;collapse=1;absolute=0
   3. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
   4. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
   5. https://bugs.debian.org/cgi-bin/pkgreport.cgi?maint=aelmahmoudy%40users.sourceforge.net
   6. https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=elinks
   7. https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=elinks
   8. https://tracker.debian.org/pkg/elinks
   9. https://buildd.debian.org/elinks
  10. https://qa.debian.org/popcon.php?package=elinks
  11. https://bugs.debian.org/cgi-bin/pkgreport.cgi?submitter=ubanus%40users.sf.net
  12. javascript:toggle_infmessages();
  13. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes
  14. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;mboxstatus=yes
  15. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;mboxmaint=yes
  16. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=2
  17. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=2
  18. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#1
  19. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=4
  20. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=4
  21. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#3
  22. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#5
  23. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=5
  24. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=5
  25.
  26. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=380347;msg=5
  27. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=380347;filename=buggy.html;msg=5
  28. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=7
  29. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=7
  30. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#6
  31. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#8
  32. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=8
  33. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=8
  34. mailto:380347@bugs.debian.org?In-Reply-To=%3C87k5vsg2kd.fsf%40Astalo.kon.iki.fi%3E&subject=Re%3A%20Bug%23380347%3A%20elinks%3A%20crashes%20on%20a%20specially%20crafted%20page&References=%3C20060729121519.GA8081%40cavendish.pronus.net%3E%0A%20%3C87k5vsg2kd.fsf%40Astalo.kon.iki.fi%3E&body=On%20Tue%2C%2001%20May%202007%2015%3A18%3A10%20%2B0300%20Kalle%20Olavi%20Niemitalo%20%3Ckon%40iki.fi%3E%20wrote%3A%0A%3E%20Jakub%20Wilk%20%3Cubanus%40users.sf.net%3E%20writes%3A%0A%3E%20%0A%3E%20%3E%20Elinks%20crashes%20on%20a%20specially%20crafted%20page%3A%0A%3E%20%3E%0A%3E%20%3E%20%24%20elinks%20-config-file%20%2Fdev%2Fnull%20buggy.html%0A%3E%20%3E%0A%3E%20%3E%20%5B%20Press%20backslash%20twice%20%5D%0A%3E%20%0A%3E%20Thank%20you%20for%20the%20report%20and%20the%20test%20case.%20%20The%20crash%20was%0A%3E%20caused%20by%20a%20static%20array%20overflowing%20to%20corrupt%20other%20variables.%0A%3E%20The%20array%20index%20was%20checked%20too%20late.%20%20I%20have%20fixed%20this%20in%3A%0A%3E%20%0A%3E%20ELinks%200.11.3.GIT%20%2814588b9455583096ddeb54b0541bfc230a2a2451%29%0A%3E%20ELinks%200.12.GIT%20%28341d54151f69d087112e1514b928e3fcc1810194%29%0A%3E%20%0A%3E%20The%20fix%20will%20be%20in%20ELinks%200.11.4%20and%200.12.0%20when%2Fif%20they%20are%0A%3E%20released.%0A
  35. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=0;bug=380347;msg=8
  36. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=380347;msg=8
  37. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=10
  38. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=10
  39. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#9
  40. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=12
  41. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=12
  42. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#11
  43. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=14
  44. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=14
  45. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#13
  46. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=16
  47. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=16
  48. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#15
  49. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=18
  50. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=18
  51. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#17
  52. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#19
  53. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=19
  54. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=19
  55.
  56. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257762
  57. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=313696
  58. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315886
  59. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347
  60. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=403139
  61. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413911
  62. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429311
  63. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=431211
  64. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451088
  65. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451088
  66. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429311
  67. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315886
  68. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=313696
  69. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=403139
  70. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=431211
  71. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413911
  72. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347
  73. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257762
  74. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;msg=21
  75. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347;mbox=yes;msg=21
  76. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380347#20
  77. https://bugs.debian.org/cgi-bin/bugspam.cgi?bug=380347
  78. mailto:owner@bugs.debian.org
  79. https://www.debian.org/Bugs/
  80. https://bugs.debian.org/debbugs-source/
Usage: http://www.kk-software.de/kklynxview/get/URL
e.g. http://www.kk-software.de/kklynxview/get/http://www.kk-software.de
Errormessages are in German, sorry ;-)