diff options
| -rw-r--r-- | debian/changelog | 8 | ||||
| -rw-r--r-- | debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch | 55 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
3 files changed, 64 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 334d9c3..46dc981 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +sane-backends (1.0.32-3) UNRELEASED; urgency=medium + + * Fix use-after-free and two mem leaks: + - New debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch. + Cherry-picked from upstream (Closes: #980311). + + -- Jörg Frings-Fürst <debian@jff.email> Thu, 24 Jun 2021 10:53:46 +0200 + sane-backends (1.0.32-2) experimental; urgency=high * debian/sane-utils.postrm: Fix pathfind handling (Closes: #989879). diff --git a/debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch b/debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch new file mode 100644 index 0000000..167a9e5 --- /dev/null +++ b/debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch @@ -0,0 +1,55 @@ +Description: gt68xx: fix use-after-free and two mem leaks +Author: <name and email of author, optional> +Origin: https://gitlab.com/sane-project/backends/-/commit/63942f7a7473496d1160f02f5c1da3620525690d +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980311 +Forwarded: not-needed +Last-Update: 2021-06-24 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/backend/gt68xx.c +=================================================================== +--- trunk.orig/backend/gt68xx.c ++++ trunk/backend/gt68xx.c +@@ -1174,8 +1174,11 @@ static SANE_Status probe_gt68xx_devices( + new_dev[i]->model->firmware_name); + } + if (i == 0) +- DBG (5, "sane_init: firmware %s can't be loaded, set device " +- "first\n", word); ++ { ++ DBG (5, "sane_init: firmware %s can't be loaded, set device " ++ "first\n", word); ++ free (word); ++ } + } + else + { +@@ -1198,8 +1201,11 @@ static SANE_Status probe_gt68xx_devices( + new_dev[i]->model->name, new_dev[i]->model->vendor); + } + if (i == 0) +- DBG (5, "sane_init: can't set vendor name %s, set device " +- "first\n", word); ++ { ++ DBG (5, "sane_init: can't set vendor name %s, set device " ++ "first\n", word); ++ free (word); ++ } + } + else + { +@@ -1221,9 +1227,11 @@ static SANE_Status probe_gt68xx_devices( + new_dev[i]->model->name, new_dev[i]->model->model); + } + if (i == 0) +- DBG (5, "sane_init: can't set model name %s, set device " +- "first\n", word); +- free (word); ++ { ++ DBG (5, "sane_init: can't set model name %s, set device " ++ "first\n", word); ++ free (word); ++ } + } + else + { diff --git a/debian/patches/series b/debian/patches/series index 8d90078..2a4677c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -17,3 +17,4 @@ #0165-respect_local_only_parameter.patch #0170-return_empty_list_when_local_devices_requested.patch 0605-fix_groff-warnings.patch +0180-gt68xx_fix_use-after-free_two_memleaks.patch |