http://bugzilla.novell.com/show_bug.cgi?id=558841
http://bugzilla.novell.com/show_bug.cgi?id=558841#c0
Summary: alpine: incorrect transformation patch included Classification: openSUSE Product: openSUSE 11.2 Version: Final Platform: All OS/Version: Linux Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jengelh@medozas.de QAContact: qa@suse.de Found By: Beta-Customer Blocker: ---
In alpine's operation-may-be-undefined-warning.diff, there is:
- m = strtoul (++s,(char **) &s,10); - y = (*s == ':') ? strtoul (++s,(char **) &s,10) : 0; + s++; + m = strtoul (s,(char **) &s,10); + s++; + y = (*s == ':') ? strtoul (s,(char **) &s,10) : 0;
But the last two + lines seem wrong. SUSE is incrementing s here before the test for ':', while the original patch only did it _after_. It should probably have been:
s++; m = strtoul(s, (char **)&s, 10); if (*s == ':') { ++s; y = strtoul(s, (char **)&s, 10); } else { y = 0; }
http://bugzilla.novell.com/show_bug.cgi?id=558841
http://bugzilla.novell.com/show_bug.cgi?id=558841#c
Marcus Meissner meissner@novell.com changed:
What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |max@novell.com |ovo.novell.com |
https://bugzilla.novell.com/show_bug.cgi?id=558841
https://bugzilla.novell.com/show_bug.cgi?id=558841#c1
Reinhard Max max@suse.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |jengelh@medozas.de
--- Comment #1 from Reinhard Max max@suse.com 2011-10-11 13:59:32 CEST --- Hmm - recent gcc releases don't warn about the original code anymore, so I think I'll just remove this patch.
Any objections, Jan?
https://bugzilla.novell.com/show_bug.cgi?id=558841
https://bugzilla.novell.com/show_bug.cgi?id=558841#c2
Jan Engelhardt jengelh@medozas.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|jengelh@medozas.de |
--- Comment #2 from Jan Engelhardt jengelh@medozas.de 2011-10-11 12:09:33 UTC --- What was the gcc warning?
foo(++s, &s) is still a cause for grief, so the patch must stay.
https://bugzilla.novell.com/show_bug.cgi?id=558841
https://bugzilla.novell.com/show_bug.cgi?id=558841#c3
--- Comment #3 from Jan Engelhardt jengelh@medozas.de 2011-10-11 12:16:57 UTC --- actually it's fine as long as the function does not dereference/read *&s, which, in case of strtol, hopefully isn't the case. (the patch may go.)
But it still makes people chuckle, like so many academia software :)
https://bugzilla.novell.com/show_bug.cgi?id=558841
https://bugzilla.novell.com/show_bug.cgi?id=558841#c4
Reinhard Max max@suse.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED
--- Comment #4 from Reinhard Max max@suse.com 2011-10-11 15:01:07 CEST --- (In reply to comment #2)
What was the gcc warning?
mail.c:2943: warning: operation on 's' may be undefined mail.c:2944: warning: operation on 's' may be undefined
As this still happens on SLE11, I'll leave the patch in for now and fix it as you suggested above.
BTW, current gcc versions (as of 11.4 and 12.1) show another warning of the same category:
folder.c:6016:11: warning: operation on '*cmp' may be undefined
The line reads:
*cmp = ++(*cmp) % 3;
I'll change that to
*cmp = ((*cmp) + 1) % 3;
and add it to the patch.
https://bugzilla.novell.com/show_bug.cgi?id=558841
https://bugzilla.novell.com/show_bug.cgi?id=558841#c5
--- Comment #5 from Bernhard Wiedemann bwiedemann@suse.com 2011-10-11 18:00:11 CEST --- This is an autogenerated message for OBS integration: This bug (558841) was mentioned in https://build.opensuse.org/request/show/87409 Factory / alpine
http://bugzilla.novell.com/show_bug.cgi?id=558841
Swamp Workflow Management swamp@suse.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |obs:running:4093:moderate
http://bugzilla.novell.com/show_bug.cgi?id=558841
Swamp Workflow Management swamp@suse.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|obs:running:4093:moderate |
http://bugzilla.novell.com/show_bug.cgi?id=558841 http://bugzilla.novell.com/show_bug.cgi?id=558841#c6
--- Comment #6 from Swamp Workflow Management swamp@suse.de --- openSUSE-RU-2015:1862-1: An update that has three recommended fixes can now be installed.
Category: recommended (moderate) Bug References: 342075,558841,597744 CVE References: Sources used: SUSE Package Hub for SUSE Linux Enterprise 12 (src): alpine-2.20-2.1
http://bugzilla.novell.com/show_bug.cgi?id=558841
Swamp Workflow Management swamp@suse.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| |obs:running:4093:moderate
http://bugzilla.novell.com/show_bug.cgi?id=558841
Swamp Workflow Management swamp@suse.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|obs:running:4093:moderate |