From f085e56c5c9005681955bf972f217a0860d780ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Thu, 24 Jun 2021 11:01:07 +0200 Subject: Fix ##980311 --- debian/changelog | 8 ++++ ...80-gt68xx_fix_use-after-free_two_memleaks.patch | 55 ++++++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 64 insertions(+) create mode 100644 debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch diff --git a/debian/changelog b/debian/changelog index 334d9c3..46dc981 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +sane-backends (1.0.32-3) UNRELEASED; urgency=medium + + * Fix use-after-free and two mem leaks: + - New debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch. + Cherry-picked from upstream (Closes: #980311). + + -- Jörg Frings-Fürst Thu, 24 Jun 2021 10:53:46 +0200 + sane-backends (1.0.32-2) experimental; urgency=high * debian/sane-utils.postrm: Fix pathfind handling (Closes: #989879). diff --git a/debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch b/debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch new file mode 100644 index 0000000..167a9e5 --- /dev/null +++ b/debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch @@ -0,0 +1,55 @@ +Description: gt68xx: fix use-after-free and two mem leaks +Author: +Origin: https://gitlab.com/sane-project/backends/-/commit/63942f7a7473496d1160f02f5c1da3620525690d +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980311 +Forwarded: not-needed +Last-Update: 2021-06-24 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/backend/gt68xx.c +=================================================================== +--- trunk.orig/backend/gt68xx.c ++++ trunk/backend/gt68xx.c +@@ -1174,8 +1174,11 @@ static SANE_Status probe_gt68xx_devices( + new_dev[i]->model->firmware_name); + } + if (i == 0) +- DBG (5, "sane_init: firmware %s can't be loaded, set device " +- "first\n", word); ++ { ++ DBG (5, "sane_init: firmware %s can't be loaded, set device " ++ "first\n", word); ++ free (word); ++ } + } + else + { +@@ -1198,8 +1201,11 @@ static SANE_Status probe_gt68xx_devices( + new_dev[i]->model->name, new_dev[i]->model->vendor); + } + if (i == 0) +- DBG (5, "sane_init: can't set vendor name %s, set device " +- "first\n", word); ++ { ++ DBG (5, "sane_init: can't set vendor name %s, set device " ++ "first\n", word); ++ free (word); ++ } + } + else + { +@@ -1221,9 +1227,11 @@ static SANE_Status probe_gt68xx_devices( + new_dev[i]->model->name, new_dev[i]->model->model); + } + if (i == 0) +- DBG (5, "sane_init: can't set model name %s, set device " +- "first\n", word); +- free (word); ++ { ++ DBG (5, "sane_init: can't set model name %s, set device " ++ "first\n", word); ++ free (word); ++ } + } + else + { diff --git a/debian/patches/series b/debian/patches/series index 8d90078..2a4677c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -17,3 +17,4 @@ #0165-respect_local_only_parameter.patch #0170-return_empty_list_when_local_devices_requested.patch 0605-fix_groff-warnings.patch +0180-gt68xx_fix_use-after-free_two_memleaks.patch -- cgit v1.2.3 From 734bf03de620b549d1375e92ce9cbbaa477646cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Thu, 24 Jun 2021 11:05:00 +0200 Subject: Add some Debian files / directories into .gitignore --- debian/changelog | 1 + 1 file changed, 1 insertion(+) diff --git a/debian/changelog b/debian/changelog index 46dc981..8703663 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,7 @@ sane-backends (1.0.32-3) UNRELEASED; urgency=medium * Fix use-after-free and two mem leaks: - New debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch. Cherry-picked from upstream (Closes: #980311). + * Add some Debian files / directories into .gitignore. -- Jörg Frings-Fürst Thu, 24 Jun 2021 10:53:46 +0200 -- cgit v1.2.3 From 6e7642fc27369fd06a21488524347e298895d6e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Sun, 11 Jul 2021 17:41:30 +0200 Subject: Add some Debian files / directories into .gitignore --- .gitignore | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitignore b/.gitignore index bd3b383..31b9b76 100644 --- a/.gitignore +++ b/.gitignore @@ -58,3 +58,9 @@ test-suite.log # `make dist` artifacts /sane-backends-*.tar.gz + +# +# Debian +# +.pc +/debian/files -- cgit v1.2.3 From 5285a51ff8622c3fc71fba6e0fd82c66e657b86a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Sun, 11 Jul 2021 17:48:42 +0200 Subject: d/changelog: Change distribution to experimental, Change date and time --- debian/changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 8703663..f4d45e0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,11 @@ -sane-backends (1.0.32-3) UNRELEASED; urgency=medium +sane-backends (1.0.32-3) experimental; urgency=medium * Fix use-after-free and two mem leaks: - New debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch. Cherry-picked from upstream (Closes: #980311). * Add some Debian files / directories into .gitignore. - -- Jörg Frings-Fürst Thu, 24 Jun 2021 10:53:46 +0200 + -- Jörg Frings-Fürst Sun, 11 Jul 2021 17:44:43 +0200 sane-backends (1.0.32-2) experimental; urgency=high -- cgit v1.2.3