Bug 344151 - upgrade to Q 7.8
upgrade to Q 7.8
Product: Fedora
Classification: Fedora
Component: q (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Gérard Milmeister
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2007-10-20 20:28 EDT by Albert Graef
Modified: 2007-12-18 20:55 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-12-15 17:02:46 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
The crash dump when invoking with "q --help" (3.77 KB, application/octet-stream)
2007-10-24 17:45 EDT, Gérard Milmeister
no flags Details
fix for the reported buffer overflow (1.25 KB, patch)
2007-10-27 15:25 EDT, Albert Graef
no flags Details | Diff
bugfix for Q declaration semantics (745 bytes, patch)
2007-10-27 15:26 EDT, Albert Graef
no flags Details | Diff
minor fixes in the documentation (1012 bytes, patch)
2007-10-27 15:27 EDT, Albert Graef
no flags Details | Diff
updated ChangeLog (802 bytes, patch)
2007-10-27 15:28 EDT, Albert Graef
no flags Details | Diff

  None (edit)
Description Albert Graef 2007-10-20 20:28:28 EDT
Kudos to the maintainers of this port, it's nice to see Q in Fedora.

But, AFAICS, the Q version currently included is 7.6, which is almost 1 year
old. The latest version, Q 7.8, has many important improvements and bugfixes, so
it would be nice if the Fedora package would be upgraded to that.

Note: Fedora package mod_q includes the mod_q Apache module, which is built from
the same source. This is not included in q-7.8.tar.gz anymore, but now available
as a separate tarball mod_q-1.1.tar.gz.

All mentioned source packages are available from
http://q-lang.sourceforge.net/download.html. Here are the direct download links:

Comment 1 Gérard Milmeister 2007-10-24 17:45:06 EDT
I updated to 7.8.

For now, I leave out the mod_q package. It think it should
go into a separate package. So if someone needs it, he or
she must submit it for review.

There is a buffer overflow problem when invoking as
"q --help". It happens in the sprintf call in line 2238 of q.c.

What is the status of 64-bit compatibility. Up to now
x86_64 has been excluded, since it failed in the past.
The ppc64 build however succeeded. I am not able to test
it, though.
Comment 2 Gérard Milmeister 2007-10-24 17:45:40 EDT
Created attachment 236701 [details]
The crash dump when invoking with "q --help"
Comment 3 Albert Graef 2007-10-25 11:21:23 EDT
Thanks for the update.

About the buffer overflow: I cannot reproduce that here, and the dump doesn't
tell me much. Could you please explain the steps needed to reproduce this bug?

64 bit compatibility: That's the next big item on my TODO list. :) I expect to
have Q working on 64 bit some time early next year.
Comment 4 Gérard Milmeister 2007-10-25 11:59:42 EDT
When conventionally compiled, the problem does probably
not appear. However on Fedora everything is compiled
with a series of flags such as FORTIFY which catches
such bugs. If you don't use Fedora, you may have to 
try to compile it yourself.
This build.log may help you, it also shows the flags used:

So, the ppc64 build is probably incorrect, even it seems
build fine?
Comment 5 Albert Graef 2007-10-26 07:23:17 EDT
> This build.log may help you, it also shows the flags used:

Thanks for the info, I will try with these flags asap.

> So, the ppc64 build is probably incorrect, even it seems
build fine?

Right. I haven't checked it myself yet, but various users have reported that the
interpreter builds fine and runs, but has some problems with symbol table lookup
at startup. I suspect some non-portable pointer arithmetic, probably other parts
of the system will be affected as well. I will look into this as soon as I have
some time.
Comment 6 Gérard Milmeister 2007-10-26 14:40:46 EDT
The opts string is of length 1024 and too small to take the help
string, hence the buffer overflow. Better would be to use
snprintf instead of sprintf anyway.
Comment 7 Albert Graef 2007-10-27 15:02:08 EDT
Oops, you're right. I enlarged the buffer size in both q.c and qc.y to 4096, to
be on the safe side. Thanks for reporting.

I'll follow up with some patches against the 7.8 release, so that you can add
them to your RPM. Sorry for the hassle.
Comment 8 Albert Graef 2007-10-27 15:25:43 EDT
Created attachment 240611 [details]
fix for the reported buffer overflow
Comment 9 Albert Graef 2007-10-27 15:26:51 EDT
Created attachment 240621 [details]
bugfix for Q declaration semantics
Comment 10 Albert Graef 2007-10-27 15:27:44 EDT
Created attachment 240631 [details]
minor fixes in the documentation
Comment 11 Albert Graef 2007-10-27 15:28:17 EDT
Created attachment 240641 [details]
updated ChangeLog
Comment 12 Albert Graef 2007-10-27 15:47:48 EDT
Well, it seems that the documentation patch is in fact already in the q-7.8
tarball available at q-lang.sf.net, so you can skip that. The patch to
qctables.c is unrelated to the buffer overflow; it fixes a minor issue of the
bytecode compiler with the parsing of some Q declarations.
Comment 13 Albert Graef 2007-12-18 20:55:40 EST
I just wanted to add that I released Q 7.10 which now includes all the
aforementioned bugfixes and some more. See

Note You need to log in before you can comment on or make changes to this bug.