First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 134138
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Raphael Marichez <falco@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
netpanzer-0.8.1.ebuild netpanzer-0.8.1.ebuild text/plain Hans Hohenfeld 2007-02-06 01:37 0000 1.89 KB Details
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 134138 depends on: Show dependency tree
Show dependency graph
Bug 134138 blocks:

Additional Comments: (this is where you put emerge --info)







View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-05-23 11:12 0000 
by Luigi Auriemma

======
2) Bug
======


The game is affected by a denial of service which happens when a client
uses a flag (called also frameNum) major than 41 since the setFrame
function in src/Lib/2D/Surface.hpp checks if this number is minor than
frameCount:

    void setFrame(const float &frameNum)
    {
        assert(frameNum >= 0.0);
        assert(frameNum < frameCount);
        mem = frame0 + (pix.y * stride) * int(frameNum);
    }

The result is the immediate interruption of the server.

(...)

======
4) Fix
======


No fix.
No reply from the developers.

------- Comment #1 From Raphael Marichez 2006-05-23 11:13:15 0000 ------- 
Let's wait for a patch or an upstream bump.

------- Comment #2 From Mr. Bones. 2006-05-23 11:36:15 0000 ------- 
package masked for now.

------- Comment #3 From aaron perez 2006-10-30 04:35:38 0000 ------- 
Hi, i have maded a patch that fix this (and other bugs) in netpanzer.

I dont know if the patch will be accepted (it seems nobody will ever take a
look into it). But anyway im working with netpanzer (even im thinking to make a
fork).

You can find the patch in the 'patch' section of netpanzer in berlios.de

------- Comment #4 From Aniruddha 2006-11-22 14:02:42 0000 ------- 
Apperantley this bug has been fixed in the latest release of
netpanzer.(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318329) Please
confirm.

------- Comment #5 From Chris Gianelloni (RETIRED) 2006-11-29 14:38:51 0000 ------- 
Debian is using a SVN snapshot.

------- Comment #6 From Aniruddha 2006-12-26 23:06:30 0000 ------- 
What's the status of this ebuild? Can we use the CVS?

------- Comment #7 From Matze Braun 2007-02-05 10:10:05 0000 ------- 
version 0.8.1 should fix this problem

------- Comment #8 From Matze Braun 2007-02-05 10:12:59 0000 ------- 
I still don't understand why you are masking a game, because it is possible to
abort a running server with bad data (this isn't even a buffer overflow, noone
can gain control of the server).
A server which can be shut down is still better than no server at all, isn't
it?

------- Comment #9 From Jakub Moc 2007-02-05 22:11:47 0000 ------- 
*** Bug 165519 has been marked as a duplicate of this bug. ***

------- Comment #10 From Hans Hohenfeld 2007-02-06 01:37:03 0000 ------- 
Created an attachment (id=109293) [edit]
netpanzer-0.8.1.ebuild

New netpanzer version, that fixes this bug

------- Comment #11 From Aniruddha 2007-02-06 05:35:37 0000 ------- 
(In reply to comment #10)
> Created an attachment (id=109293) [edit]
> netpanzer-0.8.1.ebuild
> 
> New netpanzer version, that fixes this bug
> 

Ha Kewl! Is this in portage testing yet? Or do we need to use an overlay?

------- Comment #12 From Tristan Heaven 2007-02-07 09:22:52 0000 ------- 
bumped

------- Comment #13 From Raphael Marichez 2007-02-10 22:03:41 0000 ------- 
Time to vote, i vote NO.

------- Comment #14 From Hans Hohenfeld 2007-02-11 01:28:27 0000 ------- 
The masterserver provided in the default configuartion file is not working
anymore, so the internal server browser will not work without modification. New
Masterserver is netpanzer.selfip.net, maybe an information message after
insatlling would be a good idea.

------- Comment #15 From Aniruddha 2007-02-11 12:19:18 0000 ------- 
(In reply to comment #13)
> Time to vote, i vote NO.
> 

Vote for what?

------- Comment #16 From Raphael Marichez 2007-02-11 13:14:45 0000 ------- 
(In reply to comment #15)
> (In reply to comment #13)
> > Time to vote, i vote NO.
> > 
> 
> Vote for what?
> 

Wether we issue a GLSA or not. (ok, i know i'm voting alone)

------- Comment #17 From Aniruddha 2007-02-11 22:03:21 0000 ------- 
(In reply to comment #16)
> (In reply to comment #15)
> > (In reply to comment #13)
> > > Time to vote, i vote NO.
> > > 
> > 
> > Vote for what?
> > 
> 
> Wether we issue a GLSA or not. (ok, i know i'm voting alone)
> 

I guess this is only for developers?

------- Comment #18 From Raphael Marichez 2007-02-11 22:39:48 0000 ------- 
(In reply to comment #17)
> (In reply to comment #16)
> > Wether we issue a GLSA or not. (ok, i know i'm voting alone)
> > 
> 
> I guess this is only for developers?
> 

Sure :)  but you are free to give your opinion.

------- Comment #19 From Raphael Marichez 2007-02-12 22:38:45 0000 ------- 
i'm actually the only active member of the security team, so let's close this
without GLSA. Feel free to reopen if you disagree.
First Last Prev Next    No search results available      Search page      Enter new bug