From nobody@FreeBSD.org  Sun May 23 22:12:56 2004
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7D5A416A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 23 May 2004 22:12:56 -0700 (PDT)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 614DF43D31
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 23 May 2004 22:12:56 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.11/8.12.11) with ESMTP id i4O5CfuZ020630
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 23 May 2004 22:12:41 -0700 (PDT)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.11/8.12.11/Submit) id i4O5CfdR020629;
	Sun, 23 May 2004 22:12:41 -0700 (PDT)
	(envelope-from nobody)
Message-Id: <200405240512.i4O5CfdR020629@www.freebsd.org>
Date: Sun, 23 May 2004 22:12:41 -0700 (PDT)
From: Jeff King <peff-freebsd@peff.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: port news/leafnode abort()s due to vsnprintf problems
X-Send-Pr-Version: www-2.3

>Number:         67111
>Category:       ports
>Synopsis:       port news/leafnode abort()s due to vsnprintf problems
>Confidential:   no
>Severity:       non-critical
>Priority:       high
>Responsible:    vs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun May 23 22:20:21 PDT 2004
>Closed-Date:    Tue May 25 00:08:04 PDT 2004
>Last-Modified:  Tue May 25 14:10:24 PDT 2004
>Originator:     Jeff King
>Release:        
>Organization:
>Environment:
>Description:
In 1.9.54, fetchnews.c, line 1625, there is a call to ln_log() that contains the formatting string "%p". This is eventually passed to vsnprintf. The included version doesn't support %p, and calls abort().
>How-To-Repeat:
      
>Fix:
Replacing the %p with %d fixes the abort() (though gcc complains about the pointer/integer formatting; a better fix might be to avoid printing a pointer that is likely meaningless to the user).
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->vs 
Responsible-Changed-By: vs 
Responsible-Changed-When: Mon May 24 01:42:47 PDT 2004 
Responsible-Changed-Why:  
I contacted Matthias about this. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=67111 

From: Matthias Andree <matthias.andree@gmx.de>
To: freebsd-gnats-submit@FreeBSD.org, peff-freebsd@peff.net
Cc: vs@freebsd.org
Subject: Re: ports/67111: port news/leafnode abort()s due to vsnprintf problems
Date: Mon, 24 May 2004 15:21:48 +0200

 Jeff,
 
 what FreeBSD version are you running?
 
 Leafnode should not be using its vsnprintf replacement code on any
 supported (as in security updates) FreeBSD version. If it does, either
 your FreeBSD version is outdated, or the vsnprintf fix has not been
 backported to your version, might be 4.8.
 
 If you're running 4.8, try this patch for your libc:
 
 http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libc/stdio/vsnprintf.c.diff?r1=1.12.2.1&r2=1.12.2.2&sortby=date&only_with_tag=RELENG_4
 
 I will fix this upstream regardless. Expect a followup patch later
 today.
 
 -- 
 Matthias Andree

From: Matthias Andree <matthias.andree@gmx.de>
To: FreeBSD-gnats-submit@freebsd.org
Cc: vs@freebsd.org
Subject: ports/67111: fix bogus fetchnews abort()
Date: Mon, 24 May 2004 15:35:07 +0200

 >Submitter-Id:	current-users
 >Originator:	Matthias Andree
 >Organization:	
 >Confidential:	no 
 >Synopsis:	ports/67111: fix bogus fetchnews abort()
 >Severity:	non-critical
 >Priority:	low
 >Category:	ports 
 >Class:		maintainer-update
 >Release:	FreeBSD 4.10-PRERELEASE i386
 >Environment:
 System: FreeBSD libertas.emma.line.org 4.10-PRERELEASE FreeBSD 4.10-PRERELEASE #107: Mon May 17 11:47:47 CEST 2004
 >Description:
 This fixes a bogus fetchnews abort() on releases with broken vsnprintf.
 
 Generated with FreeBSD Port Tools 0.50
 >How-To-Repeat:
 >Fix:
 
 --- leafnode-1.9.54_1.patch begins here ---
 diff -ruN --exclude=CVS /usr/ports/news/leafnode/Makefile /root/ports/news/leafnode/Makefile
 --- /usr/ports/news/leafnode/Makefile	Mon May 24 15:27:56 2004
 +++ /root/ports/news/leafnode/Makefile	Mon May 24 15:28:11 2004
 @@ -7,7 +7,7 @@
  
  PORTNAME=	leafnode
  PORTVERSION=	1.9.54
 -PORTREVISION=	0
 +PORTREVISION=	1
  CATEGORIES=	news
  MASTER_SITES=	${MASTER_SITE_SOURCEFORGE_EXTENDED:S/$/:sourceforge/} \
  		http://osdn.dl.sourceforge.net/sourceforge/${PORTNAME}/:sourceforge \
 diff -ruN --exclude=CVS /usr/ports/news/leafnode/files/patch-fetchnews.c /root/ports/news/leafnode/files/patch-fetchnews.c
 --- /usr/ports/news/leafnode/files/patch-fetchnews.c	Thu Jan  1 01:00:00 1970
 +++ /root/ports/news/leafnode/files/patch-fetchnews.c	Mon May 24 15:23:39 2004
 @@ -0,0 +1,20 @@
 +Index: fetchnews.c
 +===================================================================
 +RCS file: /var/CVS/leafnode-1/fetchnews.c,v
 +retrieving revision 1.173
 +retrieving revision 1.174
 +diff -u -r1.173 -r1.174
 +--- fetchnews.c	7 May 2004 08:34:15 -0000	1.173
 ++++ fetchnews.c	24 May 2004 13:23:22 -0000	1.174
 +@@ -1622,8 +1622,9 @@
 + 	freelist(groups);
 +     } else {
 + 	ln_log(LNLOG_SINFO, LNLOG_CSERVER,
 +-	    "%s: getting all newsgroups (debug: active: %p, forceactive: %s)",
 +-		current_server->name, (void *)active, forceactive ? "true" : "false");
 ++	    "%s: getting all newsgroups (debug: active: %s, forceactive: %s)",
 ++		current_server->name,
 ++		active ? "set" : "nil", forceactive ? "true" : "false");
 + 	xsnprintf(lineout, SIZE_lineout, "LIST\r\n");
 + 	putaline();
 + 	if (nntpreply(current_server) != 215) {
 --- leafnode-1.9.54_1.patch ends here ---
 

From: Jeff King <peff-freebsd@peff.net>
To: Matthias Andree <matthias.andree@gmx.de>
Cc: freebsd-gnats-submit@FreeBSD.org, vs@freebsd.org
Subject: Re: ports/67111: port news/leafnode abort()s due to vsnprintf problems
Date: Mon, 24 May 2004 17:39:41 -0400 (EDT)

 On Mon, 24 May 2004, Matthias Andree wrote:
 
 > what FreeBSD version are you running?
 
 5.1-RELEASE-p10
 
 > Leafnode should not be using its vsnprintf replacement code on any
 > supported (as in security updates) FreeBSD version. If it does, either
 > your FreeBSD version is outdated, or the vsnprintf fix has not been
 > backported to your version, might be 4.8.
 
 From the patch you mentioned below, it looks like the changes went into
 the 5.2 branch but not 5.1. I'm planning on upgrading to 5.2.1 tonight,
 anyway.  I will confirm that leafnode uses the new vsnprintf on the
 upgraded system.
 
 > I will fix this upstream regardless. Expect a followup patch later
 > today.
 
 OK. I grepped and I believe that to be the only spot where %p is used.
 There may still be other formatting specifiers not supported by the
 internal vsnprintf.
 
 -Peff

From: Matthias Andree <matthias.andree@gmx.de>
To: Jeff King <peff-freebsd@peff.net>
Cc: Matthias Andree <matthias.andree@gmx.de>,
	freebsd-gnats-submit@FreeBSD.org, vs@freebsd.org
Subject: Re: ports/67111: port news/leafnode abort()s due to vsnprintf problems
Date: Tue, 25 May 2004 01:01:41 +0200

 Jeff King:
 
 > From the patch you mentioned below, it looks like the changes went into
 > the 5.2 branch but not 5.1. I'm planning on upgrading to 5.2.1 tonight,
 > anyway.  I will confirm that leafnode uses the new vsnprintf on the
 > upgraded system.
 
 You'd need to reinstall the old (1.9.54) version of the leafnode port,
 for the new (1.9.54_1) would not trigger the problem, %p got replaced by
 a %s with interpreted value ("nil" or "set").
 
 > OK. I grepped and I believe that to be the only spot where %p is used.
 > There may still be other formatting specifiers not supported by the
 > internal vsnprintf.
 
 I'd considered hacking up a quick Perl script to scan, but I wonder if
 it's worthwhile.
 
 -- 
 Matthias Andree
 
 Encrypted mail welcome: my GnuPG key ID is 0x052E7D95
State-Changed-From-To: open->closed 
State-Changed-By: vs 
State-Changed-When: Tue May 25 00:07:49 PDT 2004 
State-Changed-Why:  
Fixed, thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=67111 

From: Jeff King <peff-freebsd@peff.net>
To: Matthias Andree <matthias.andree@gmx.de>
Cc: freebsd-gnats-submit@FreeBSD.org, vs@freebsd.org
Subject: Re: ports/67111: port news/leafnode abort()s due to vsnprintf problems
Date: Tue, 25 May 2004 17:02:04 -0400 (EDT)

 On Tue, 25 May 2004, Matthias Andree wrote:
 
 > You'd need to reinstall the old (1.9.54) version of the leafnode port,
 > for the new (1.9.54_1) would not trigger the problem, %p got replaced by
 > a %s with interpreted value ("nil" or "set").
 
 Just to follow up, I checked 1.9.54 on 5.2.1-RELEASE-p7, and it
 correctly uses the system snprintf routines. So that was the culprit.
 
 > I'd considered hacking up a quick Perl script to scan, but I wonder if
 > it's worthwhile.
 
 You can get rid of most of the cruft with:
   perl -ne 'print if /%(?![+.*-]*\d*l?[dicus])/' *.c
 Leaving mostly uses of the '%' binary operator. The things I noticed
 were:
  - It looks like %m is used quite frequently, but is not supported by
    the built-in vsnprintf. This might cause abort()s for users of the
    built-in vsnprintf.
  - applyfilter.c:189 contains printf("%", c[i % 4]); We seem to be
    missing a format specifier.
 
 Other than that, it looked good to me.
 
 -Peff
>Unformatted:
