1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.RC

  • Bug#1066811: cyrus-sasl2: assumes time_t fits into long for printf and

    From Thorsten Glaser@21:1/5 to All on Wed Mar 13 20:40:02 2024
    Source: cyrus-sasl2
    Version: 2.1.28+dfsg1-4
    Severity: serious
    Justification: breaks
    X-Debbugs-Cc: tg@mirbsd.de

    cyrus-sasl2, before aborting the build due to #1066214, spews
    several warnings like the following:

    […]
    otp.c:648:43: warning: format '%ld' expects argument of type 'long int', but argument 7 has type 'time_t' {aka 'long long int'} [-Wformat=]
    648 | sprintf(data, "%s\t%04d\t%s\t%s\t%020ld",
    | ~~~~~^
    | |
    | long int
    | %020lld
    649 | alg, seq, seed, buf, timeout);
    | ~~~~~~~
    | |
    | time_t {aka long long int} otp.c:709:48: warning: format '%ld' expects argument of type 'long int *', but argument 7 has type 'time_t *' {aka 'long long int *'} [-Wformat=]
    709 | sscanf(secret, "%s\t%04d\t%s\t%s\t%020ld",
    | ~~~~~^
    | |
    | long int *
    | %020lld
    710 | alg, seq, seed, buf, timeout);
    | ~~~~~~~
    | |
    | time_t * {aka long long int *} […]

    These are actual problems that not only result in bad data
    being printed or read but, if the time_t argument is not
    (like here) the last one, also wrong arguments being used
    for subsequent positional parameters.

    Please fix *all* -Wformat mismatches involving time_t, for
    example:

    - sprintf(data, "%s\t%04d\t%s\t%s\t%020ld",
    + sprintf(data, "%s\t%04d\t%s\t%s\t%020lld",
    - alg, seq, seed, buf, timeout);
    + alg, seq, seed, buf, (long long)timeout);

    + long long tmptimeout;
    - sscanf(secret, "%s\t%04d\t%s\t%s\t%020ld",
    + sscanf(secret, "%s\t%04d\t%s\t%s\t%020lld",
    - alg, seq, seed, buf, timeout);
    + alg, seq, seed, buf, tmptimeout);
    + timeout = tmptimeout;

    Justification: I’ve been fixing bugs like these on MirBSD
    since its i386 port switched to 64-bit time_t in 2004…

    Thanks,
    //mirabilos
    --
    16:47⎜«mika:#grml» .oO(mira ist einfach gut....) 23:22⎜«mikap:#grml»
    mirabilos: und dein bootloader ist geil :) 23:29⎜«mikap:#grml» und ich finds saugeil dass ich ein bsd zum booten mit grml hab, das muss ich dann gleich mal auf usb-stick installieren -- Michael Prokop über MirOS bsd4grml

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Debian Bug Tracking System@21:1/5 to All on Wed Mar 20 00:30:01 2024
    Processing control commands:

    forwarded -1 https://github.com/cyrusimap/cyrus-sasl/issues/484
    Bug #1066811 [src:cyrus-sasl2] cyrus-sasl2: assumes time_t fits into long for printf and scanf(!), will break on big endian
    Set Bug forwarded-to-address to 'https://github.com/cyrusimap/cyrus-sasl/issues/484'.

    --
    1066811: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066811
    Debian Bug Tracking System
    Contact owner@bugs.debian.org with problems

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Bastian Germann@21:1/5 to All on Wed Mar 20 00:30:01 2024
    Control: forwarded -1 https://github.com/cyrusimap/cyrus-sasl/issues/484

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Debian Bug Tracking System@21:1/5 to All on Wed Mar 20 20:40:01 2024
    This is a multi-part message in MIME format...

    Your message dated Wed, 20 Mar 2024 19:36:50 +0000
    with message-id <E1rn1k2-008DMo-4F@fasolo.debian.org>
    and subject line Bug#1066811: fixed in cyrus-sasl2 2.1.28+dfsg1-5
    has caused the Debian Bug report #1066811,
    regarding cyrus-sasl2: assumes time_t fits into long for printf and scanf(!), will break on big endian
    to be marked as done.

    This means that you claim that the problem has been dealt with.
    If this is not the case it is now your responsibility to reopen the
    Bug report if necessary, and/or fix the problem forthwith.

    (NB: If you are a system administrator and have no idea what this
    message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org
    immediately.)


    --
    1066811: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066811
    Debian Bug Tracking System
    Contact owner@bugs.debian.org with problems

    Received: (at submit) by bugs.debian.org; 13 Mar 2024 19:29:08 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
    (2021-04-09) on buxtehude.debian.org
    X-Spam-Level:
    X-Spam-Status: No, score=-4.0 required=4.0 tests=BAYES_00,SPF_HELO_NONE,
    SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no
    version=3.4.6-bugs.debian.org_2005_01_02
    X-Spam-Bayes: score:0.0000 Tokens: new, 20; hammy, 150; neutral, 104; spammy,
    0. spammytokens: hammytokens:0.000-+--X-Debbugs-Cc,
    0.000-+--XDebbugsCc, 0.000-+--dfsg14, 0.000-+--mirabilos,
    0.000-+--dfsg1-4
    Return-path: <tg@mirbsd.de>
    Received: from herc.mirbsd.org ([2001:470:1f15:10c:202:b3ff:feb7:54e8]:21913)
    by buxtehude.debian.org with esmtps (TLS1.0:RSA__AES_256_CBC__SHA1:256)
    (Exim 4.94.2)
    (envelope-from <tg@mirbsd.de>)
    id 1rkUHk-008M3S-42
    for submit@bugs.debian.org; Wed,