Bug#880895: jessie-pu: package libdbi/0.9.0-4+deb8u1

Sun, 05 Nov 2017 05:57:24 -0800 

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian....@packages.debian.org
Usertags: pu

Hi OSRMs,

I got a private bugreport (and so I can't reference it) that libdbi is
inconsistent on error handling of the dbi_result_next_row() function.
Some digging revealed that the error handler commented out[1] years
ago with other changes. Asked upstream about that, who confirmed it
was not intended to comment out the proper error handling. He
immediately re-enabled it[2] in the Git tree.
I don't think this has any security impact (treat bad input as normal
data), but it would be good to have consistent error handling in the
libdbi library.

Thanks for considering,
Laszlo/GCS
[1] 
https://sourceforge.net/p/libdbi/libdbi/ci/7f31b680238ea464e9bad9ef97cf411a3635af55/
[2] 
https://sourceforge.net/p/libdbi/libdbi/ci/88b8477d57153b9f736dd19d432d3b7ab1c49073/

diff -Nru libdbi-0.9.0/debian/changelog libdbi-0.9.0/debian/changelog
--- libdbi-0.9.0/debian/changelog	2014-11-01 16:12:02.000000000 +0100
+++ libdbi-0.9.0/debian/changelog	2017-10-29 19:18:56.000000000 +0100
@@ -1,3 +1,10 @@
+libdbi (0.9.0-4+deb8u1) jessie; urgency=medium
+
+  * Backport fix to re-enable a call to _error_handler() that was commented
+    out for no obvious reason in dbi_result_next_row() .
+
+ -- Laszlo Boszormenyi (GCS) <g...@debian.org>  Sun, 29 Oct 2017 18:18:56 +0000
+
 libdbi (0.9.0-4) unstable; urgency=medium
 
   * Backport fix for double-free in dbi_shutdown_r() (closes: #764130).
diff -Nru libdbi-0.9.0/debian/patches/re-enable_call_to_error_handler.patch libdbi-0.9.0/debian/patches/re-enable_call_to_error_handler.patch
--- libdbi-0.9.0/debian/patches/re-enable_call_to_error_handler.patch	1970-01-01 01:00:00.000000000 +0100
+++ libdbi-0.9.0/debian/patches/re-enable_call_to_error_handler.patch	2017-10-29 19:18:56.000000000 +0100
@@ -0,0 +1,19 @@
+commit 88b8477d57153b9f736dd19d432d3b7ab1c49073
+Author: mhoenicka <markus.hoeni...@mhoenicka.de>
+Date:   Sat Oct 28 01:54:33 2017 +0200
+
+    re-enabled a call to _error_handler() that was commented out for no obvious reason
+
+diff --git a/src/dbi_result.c b/src/dbi_result.c
+index 232d0ec..1e1b0be 100644
+--- a/src/dbi_result.c
++++ b/src/dbi_result.c
+@@ -174,7 +174,7 @@ int dbi_result_next_row(dbi_result Result) {
+   _reset_conn_error(RESULT->conn);
+ 
+   if (!dbi_result_has_next_row(Result)) {
+-/*     _error_handler(RESULT->conn, DBI_ERROR_BADIDX); */
++    _error_handler(RESULT->conn, DBI_ERROR_BADIDX);
+     return 0;
+   }
+   return dbi_result_seek_row(Result, RESULT->currowidx+1);
diff -Nru libdbi-0.9.0/debian/patches/series libdbi-0.9.0/debian/patches/series
--- libdbi-0.9.0/debian/patches/series	2014-11-01 16:02:53.000000000 +0100
+++ libdbi-0.9.0/debian/patches/series	2017-10-29 19:18:56.000000000 +0100
@@ -1,3 +1,4 @@
 fix_memory_leak_if_not_connected.patch
 fix_possible_access_to_unallocated_memory.patch
 fix_double-free_in_dbi_shutdown_r.patch
+re-enable_call_to_error_handler.patch

Reply via email to