Summary: | media-libs/libsdl assumes passing overlapping memory regions to memcpy() is safe | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Richard <shiningarcanine> |
Component: | [OLD] Core system | Assignee: | Gentoo Games <games> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | jmbsvicetto, wtt6 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 354175 |
Description
Richard
2011-03-06 19:08:41 UTC
I made a small mistake in my previous comment. The commands to test the application of this patch to unstable should be: ebuild $(equery which media-libs/libsdl-1.2.14-r5) prepare cd /var/tmp/portage/media-libs/libsdl-1.2.14-r5/work/SDL-1.2.14 wget -O - http://bugzilla.libsdl.org/attachment.cgi?id=574 | patch -p1 ebuild $(equery which media-libs/libsdl-1.2.14-r5) merge The commands to test the application of this patch to stable should be: ebuild $(equery which media-libs/libsdl-1.2.13-r1) prepare cd /var/tmp/portage/media-libs/libsdl-1.2.13-r1/work/SDL-1.2.13 wget -O - http://bugzilla.libsdl.org/attachment.cgi?id=574 | patch -p1 ebuild $(equery which media-libs/libsdl-1.2.13-r1) merge Sorry about any confusion my mistake might have caused. I had already modified the ebuild in a local overlay, so when I was testing these commands, I had to first reverse the patch and then apply it. I accidentally copied one of the --dry-run commands I had done during the course of this and then carried that mistake over the other set I had posted. I just noticed that sys-libs/glibc-2.13-r1 is keyworded, so anyone affected by this is likely using the unstable tree. Please disregard the instructions I posted for users of the stable tree. As long as they do not unkeyword glibc, they will likely not need to worry about this. (In reply to comment #2) > I just noticed that sys-libs/glibc-2.13-r1 is keyworded, so anyone affected by > this is likely using the unstable tree. Please disregard the instructions I > posted for users of the stable tree. As long as they do not unkeyword glibc, > they will likely not need to worry about this. > Actually disregard comment #2. That was meant for bug #354175. I posted it in this bug by mistake. fixed in libsdl-1.2.14-r6 (In reply to comment #4) > fixed in libsdl-1.2.14-r6 libsdl-1.2.13-r1 also misuses memcpy(), so you might want to patch it too. Otherwise, this issue will occur again when glibc-2.13 becomes stable. guess we'll mark the later version of libsdl stable before making glibc-2.13 stable. |