[Bug 233919] New: *** buffer overflow detected ***: xedit terminated, run xedit. write something. double-click. Bug!
https://bugzilla.novell.com/show_bug.cgi?id=233919 Summary: *** buffer overflow detected ***: xedit terminated, run xedit. write something. double-click. Bug! Product: openSUSE 10.2 Version: RC 5 Platform: LittleEndian OS/Version: Linux Status: NEW Severity: Normal Priority: P5 - None Component: X.Org AssignedTo: sndirsch@novell.com ReportedBy: AMNScript@hotmail.com QAContact: sndirsch@novell.com Hallo, ich habe Opensuse 10.2 (neu installiert) ich mache xedit auf, schreibe irgendwas und druecke 2clicks dann sturtz xedit ab und laesst das folgende: linux-amn:~ # xedit *** buffer overflow detected ***: xedit terminated ======= Backtrace: ========= /lib/libc.so.6(__chk_fail+0x41)[0xb7c6d581] /lib/libc.so.6[0xb7c6dd73] /usr/lib/libXaw8.so.8(_Xaw_iswalnum+0x2c)[0xb7f3a92c] /usr/lib/libXaw8.so.8[0xb7f0dd58] /usr/lib/libXaw8.so.8(XawTextSourceScan+0x36)[0xb7f25a66] /usr/lib/libXaw8.so.8(_XawTextAlterSelection+0x763)[0xb7f22783] /usr/lib/libXaw8.so.8[0xb7f2f913] /usr/lib/libXt.so.6[0xb7e9dd21] /usr/lib/libXt.so.6[0xb7e9e0fa] /usr/lib/libXt.so.6(_XtTranslateEvent+0x5e4)[0xb7e9e6f4] /usr/lib/libXt.so.6(XtDispatchEventToWidget+0x431)[0xb7e76731] /usr/lib/libXt.so.6[0xb7e76f36] /usr/lib/libXt.so.6(XtDispatchEvent+0xc7)[0xb7e75e57] /usr/lib/libXt.so.6(XtAppMainLoop+0x44)[0xb7e76004] xedit[0x805b1d7] /lib/libc.so.6(__libc_start_main+0xdc)[0xb7bb1f9c] xedit[0x804c8b1] ======= Memory map: ======== 08048000-080c1000 r-xp 00000000 03:09 1547940 /usr/bin/xedit 080c1000-080c7000 rw-p 00078000 03:09 1547940 /usr/bin/xedit 080c7000-08194000 rw-p 080c7000 00:00 0 [heap] b79fb000-b7a05000 r-xp 00000000 03:09 358386 /lib/libgcc_s.so.1 b7a05000-b7a07000 rw-p 00009000 03:09 358386 /lib/libgcc_s.so.1 b7a2a000-b7a57000 r--p 00000000 03:09 912233 /var/cache/libx11/compose/l4_024_313cb605_00280cc0 b7a57000-b7a5f000 r-xp 00000000 03:09 1262930 /usr/lib/libXcursor.so.1.0.2 b7a5f000-b7a61000 rw-p 00007000 03:09 1262930 /usr/lib/libXcursor.so.1.0.2 b7a84000-b7abf000 r--p 00000000 03:09 1290302 /usr/lib/locale/en_US.utf8/LC_CTYPE b7abf000-b7b96000 r--p 00000000 03:09 1290303 /usr/lib/locale/en_US.utf8/LC_COLLATE b7b96000-b7b97000 rw-p b7b96000 00:00 0 b7b97000-b7b99000 r-xp 00000000 03:09 358354 /lib/libdl-2.5.so b7b99000-b7b9b000 rw-p 00001000 03:09 358354 /lib/libdl-2.5.so b7b9b000-b7b9c000 rw-p b7b9b000 00:00 0 b7b9c000-b7cc4000 r-xp 00000000 03:09 358348 /lib/libc-2.5.so b7cc4000-b7cc5000 r--p 00128000 03:09 358348 /lib/libc-2.5.so b7cc5000-b7cc7000 rw-p 00129000 03:09 358348 /lib/libc-2.5.so b7cc7000-b7cca000 rw-p b7cc7000 00:00 0 b7cca000-b7cee000 r-xp 00000000 03:09 358356 /lib/libm-2.5.so b7cee000-b7cf0000 rw-p 00023000 03:09 358356 /lib/libm-2.5.so b7cf0000-b7cf7000 r-xp 00000000 03:09 1262619 /usr/lib/libXprintUtil.so.1.0.0 b7cf7000-b7cf9000 rw-p 00006000 03:09 1262619 /usr/lib/libXprintUtil.so.1.0.0 b7cf9000-b7cfb000 r-xp 00000000 03:09 1259763 /usr/lib/libXau.so.6.0.0 b7cfb000-b7cfd000 rw-p 00001000 03:09 1259763 /usr/lib/libXau.so.6.0.0 b7cfd000-b7d12000 r-xp 00000000 03:09 1259414 /usr/lib/libICE.so.6.3.0 b7d12000-b7d14000 rw-p 00014000 03:09 1259414 /usr/lib/libICE.so.6.3.0 b7d14000-b7d17000 rw-p b7d14000 00:00 0 b7d17000-b7d1b000 r-xp 00000000 03:09 1259745 /usr/lib/libXdmcp.so.6.0.0 b7d1b000-b7d1d000 rw-p 00003000 03:09 1259745 /usr/lib/libXdmcp.so.6.0.0 b7d1d000-b7d25000 r-xp 00000000 03:09 1259960 /usr/lib/libSM.so.6.0.0 b7d25000-b7d27000 rw-p 00007000 03:09 1259960 /usr/lib/libSM.so.6.0.0 b7d27000-b7d3b000 r-xp 00000000 03:09 358374 /lib/libpthread-2.5.so b7d3b000-b7d3d000 rw-p 00013000 03:09 358374 /lib/libpthread-2.5.so b7d3d000-b7d3f000 rw-p b7d3d000 00:00 0 b7d3f000-b7e57000 r-xp 00000000 03:09 1260475 /usr/lib/libX11.so.6.2.0 b7e57000-b7e5b000 rw-p 00118000 03:09 1260475 /usr/lib/libX11.so.6.2.0 b7e5b000-b7e5c000 rw-p b7e5b000 00:00 0 b7e5c000-b7ea8000 r-xp 00000000 03:09 1260495 /usr/lib/libXt.so.6.0.0 b7ea8000-b7eac000 rw-p 0004b000 03:09 1260495 /usr/lib/libXt.so.6.0.0 b7eac000-b7eb9000 r-xp 00000000 03:09 1260631 /usr/lib/libXext.so.6.4.0 b7eb9000-b7ebb000 rw-p 0000c000 03:09 1260631 /usr/lib/libXext.so.6.4.0 b7ebb000-b7ebc000 rw-p b7ebb000 00:00 0 b7ebc000-b7ed0000 r-xp 00000000 03:09 1261730 /usr/lib/libXmu.so.6.2.0 b7ed0000-b7ed2000 rw-p 00014000 03:09 1261730 /usr/lib/libXmu.so.6.2.0 b7ed2000-b7ed9000 r-xp 00000000 03:09 1261734 /usr/lib/libXp.so.6.2.0 b7ed9000-b7edb000 rw-p 00006000 03:09 1261734 /usr/lib/libXp.so.6.2.0 b7edb000-b7eea000 r-xp 00000000 03:09 1261366 /usr/lib/libXpm.so.4.11.0 b7eea000-b7eec000 rw-p 0000e000 03:09 1261366 /usr/lib/libXpm.so.4.11.0 b7eec000-b7f40000 r-xp 00000000 03:09 1262926 /usr/lib/libXaw8.so.8.0.0 b7f40000-b7f48000 rw-p 00053000 03:09 1262926 /usr/lib/libXaw8.so.8.0.0 b7f4b000-b7f4f000 r-xp 00000000 03:09 1260633 /usr/lib/libXfixes.so.3.1.0 b7f4f000-b7f51000 rw-p 00003000 03:09 1260633 /usr/lib/libXfixes.so.3.1.0 b7f51000-b7f58000 r-xp 00000000 03:09 1260586 /usr/lib/libXrender.so.1.3.0 b7f58000-b7f5a000 rw-p 00006000 03:09 1260586 /usr/lib/libXrender.so.1.3.0 b7f5a000-b7f5b000 r--p 00000000 03:09 1290277 /usr/lib/locale/en_US.utf8/LC_NUMERIC b7f5b000-b7f5c000 r--p 00000000 03:09 1288061 /usr/lib/locale/en_US.utf8/LC_TIME b7f5c000-b7f5d000 r--p 00000000 03:09 1288060 /usr/lib/locale/en_US.utf8/LC_MONETARY b7f5d000-b7f5e000 r--p 00000000 03:09 1290267 /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES b7f5e000-b7f5f000 r--p 00000000 03:09 1290085 /usr/lib/locale/en_US.utf8/LC_PAPER b7f5f000-b7f60000 r--p 00000000 03:09 1290160 /usr/lib/locale/en_US.utf8/LC_NAME b7f60000-b7f61000 r--p 00000000 03:09 1288057 /usr/lib/locale/en_US.utf8/LC_ADDRESS b7f61000-b7f62000 r--p 00000000 03:09 1290045 /usr/lib/locale/en_US.utf8/LC_TELEPHONE b7f62000-b7f63000 r--p 00000000 03:09 1290046 /usr/lib/locale/en_US.utf8/LC_MEASUREMENT b7f63000-b7f6a000 r--s 00000000 03:09 1287335 /usr/lib/gconv/gconv-modules.cache b7f6a000-b7f6b000 r--p 00000000 03:09 1288058 /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION b7f6b000-b7f6c000 rw-p b7f6b000 00:00 0 b7f6c000-b7f6d000 r-xp b7f6c000 00:00 0 [vdso] b7f6d000-b7f88000 r-xp 00000000 03:09 358341 /lib/ld-2.5.so b7f88000-b7f8a000 rw-p 0001a000 03:09 358341 /lib/ld-2.5.so bfa52000-bfa67000 rw-p bfa52000 00:00 0 [stack] Aborted linux-amn:~ # Hier sind meine System-info: uname -a gibt das folgende aus: Linux linux-amn 2.6.18.2-34-default #1 SMP Mon Nov 27 11:46:27 UTC 2006 i686 i686 i386 GNU/Linux linux-amn:~ # hwinfo --cpu --memory 01: None 00.0: 10103 CPU [Created at cpu.302] Unique ID: rdCR.j8NaKXDZtZ6 Hardware Class: cpu Arch: Intel Vendor: "GenuineIntel" Model: 15.2.9 "Intel(R) Pentium(R) 4 CPU 2.40GHz" Features: fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,ht,tm,pbe,cid,xtpr Clock: 2400 MHz BogoMips: 4804.11 Cache: 512 kb Units/Processor: 2 Config Status: cfg=new, avail=yes, need=no, active=unknown 02: None 01.0: 10103 CPU [Created at cpu.302] Unique ID: wkFv.j8NaKXDZtZ6 Hardware Class: cpu Arch: Intel Vendor: "GenuineIntel" Model: 15.2.9 "Intel(R) Pentium(R) 4 CPU 2.40GHz" Features: fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,ht,tm,pbe,cid,xtpr Clock: 2400 MHz BogoMips: 4800.49 Cache: 512 kb Units/Processor: 2 Config Status: cfg=new, avail=yes, need=no, active=unknown 03: None 00.0: 10102 Main Memory [Created at memory.61] Unique ID: rdCR.CxwsZFjVASF Hardware Class: memory Model: "Main Memory" Memory Range: 0x00000000-0x2ffebfff (rw) Memory Size: 768 MB Config Status: cfg=new, avail=yes, need=no, active=unknown linux-amn:~ # Wenn Sie noch mehr info brauchen, dann sagen Sie mir das -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=233919 sndirsch@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Comment #1 from sndirsch@novell.com 2007-01-11 21:26 MST ------- Actually I can reproduce. You are really an xedit user? Can't believe this ... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=233919 ------- Comment #3 from meissner@novell.com 2007-01-23 07:51 MST ------- in glibc: size_t __wcrtomb_chk (char *s, wchar_t wchar, mbstate_t *ps, size_t buflen) { /* We do not have to implement the full wctomb semantics since we know that S cannot be NULL when we come here. */ if (buflen < MB_CUR_MAX) __chk_fail (); So we must have MB_CUR_MAX ... can you replace the sizeof(wchar_t) in _Xaw_iswalnum by MB_CUR_MAX ? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=233919 sndirsch@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Comment #4 from sndirsch@novell.com 2007-01-23 10:30 MST ------- Thanks! Yes, this patch fixes it. Submitted for STABLE/Factory. Fixed xorg-x11-libs package for openSUSE 10.2 will be available shortly in http://software.opensuse.org/download/xorg72/openSUSE_10.2/i586/ Check for the RPM changelog: ------------------------------------------------------------------- Tue Jan 23 18:00:09 CET 2007 - sndirsch@suse.de - bug233919-libXaw.diff: * fixes buffer overflow in xedit (Bug #233919) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=233919 sndirsch@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |krahmer@novell.com ------- Comment #5 from sndirsch@novell.com 2007-01-31 01:24 MST ------- *** Bug 211240 has been marked as a duplicate of this bug. *** -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com