summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore6
-rw-r--r--debian/changelog9
-rw-r--r--debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch55
-rw-r--r--debian/patches/series1
4 files changed, 71 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
index bd3b383..31b9b76 100644
--- a/.gitignore
+++ b/.gitignore
@@ -58,3 +58,9 @@ test-suite.log
# `make dist` artifacts
/sane-backends-*.tar.gz
+
+#
+# Debian
+#
+.pc
+/debian/files
diff --git a/debian/changelog b/debian/changelog
index 334d9c3..f4d45e0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+sane-backends (1.0.32-3) experimental; urgency=medium
+
+ * Fix use-after-free and two mem leaks:
+ - New debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch.
+ Cherry-picked from upstream (Closes: #980311).
+ * Add some Debian files / directories into .gitignore.
+
+ -- Jörg Frings-Fürst <debian@jff.email> Sun, 11 Jul 2021 17:44:43 +0200
+
sane-backends (1.0.32-2) experimental; urgency=high
* debian/sane-utils.postrm: Fix pathfind handling (Closes: #989879).
diff --git a/debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch b/debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch
new file mode 100644
index 0000000..167a9e5
--- /dev/null
+++ b/debian/patches/0180-gt68xx_fix_use-after-free_two_memleaks.patch
@@ -0,0 +1,55 @@
+Description: gt68xx: fix use-after-free and two mem leaks
+Author: <name and email of author, optional>
+Origin: https://gitlab.com/sane-project/backends/-/commit/63942f7a7473496d1160f02f5c1da3620525690d
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980311
+Forwarded: not-needed
+Last-Update: 2021-06-24
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/backend/gt68xx.c
+===================================================================
+--- trunk.orig/backend/gt68xx.c
++++ trunk/backend/gt68xx.c
+@@ -1174,8 +1174,11 @@ static SANE_Status probe_gt68xx_devices(
+ new_dev[i]->model->firmware_name);
+ }
+ if (i == 0)
+- DBG (5, "sane_init: firmware %s can't be loaded, set device "
+- "first\n", word);
++ {
++ DBG (5, "sane_init: firmware %s can't be loaded, set device "
++ "first\n", word);
++ free (word);
++ }
+ }
+ else
+ {
+@@ -1198,8 +1201,11 @@ static SANE_Status probe_gt68xx_devices(
+ new_dev[i]->model->name, new_dev[i]->model->vendor);
+ }
+ if (i == 0)
+- DBG (5, "sane_init: can't set vendor name %s, set device "
+- "first\n", word);
++ {
++ DBG (5, "sane_init: can't set vendor name %s, set device "
++ "first\n", word);
++ free (word);
++ }
+ }
+ else
+ {
+@@ -1221,9 +1227,11 @@ static SANE_Status probe_gt68xx_devices(
+ new_dev[i]->model->name, new_dev[i]->model->model);
+ }
+ if (i == 0)
+- DBG (5, "sane_init: can't set model name %s, set device "
+- "first\n", word);
+- free (word);
++ {
++ DBG (5, "sane_init: can't set model name %s, set device "
++ "first\n", word);
++ free (word);
++ }
+ }
+ else
+ {
diff --git a/debian/patches/series b/debian/patches/series
index 8d90078..2a4677c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -17,3 +17,4 @@
#0165-respect_local_only_parameter.patch
#0170-return_empty_list_when_local_devices_requested.patch
0605-fix_groff-warnings.patch
+0180-gt68xx_fix_use-after-free_two_memleaks.patch