[Bug 704230] New: xv aborts if given a file name > 119 characters
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c0 Summary: xv aborts if given a file name > 119 characters Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: All OS/Version: openSUSE 11.4 Status: NEW Severity: Normal Priority: P5 - None Component: X11 Applications AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: wjones@fluke.com QAContact: qa@suse.de Found By: --- Blocker: --- Created an attachment (id=438615) --> (http://bugzilla.novell.com/attachment.cgi?id=438615) patch User-Agent: Mozilla/5.0 (X11; Linux i686; rv:5.0) Gecko/20100101 Firefox/5.0 File names up to 119 characters are fine. File names 120 characters or longer consistently cause a buffer overflow. It's the length of the base file name, rather than the total path length that matters. The first part of the error message looks like this: *** buffer overflow detected ***: xv terminated ======= Backtrace: ========= /lib/libc.so.6(__fortify_fail+0x40)[0xb73b8070] /lib/libc.so.6(+0xe8e27)[0xb73b5e27] /lib/libc.so.6(__strcpy_chk+0x3e)[0xb73b508e] xv[0x80518b0] xv[0x8053949] xv[0x8056be0] /lib/libc.so.6(__libc_start_main+0xfe)[0xb72e3c2e] xv[0x804d361] Reproducible: Always Steps to Reproduce: 1. Run "xv verylongfilename.png" 2. 3. Actual Results: *** buffer overflow detected ***: xv terminated Expected Results: xv displays image Patch attached -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c zj jia <zjjia@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |zjjia@novell.com AssignedTo|bnc-team-screening@forge.pr |werner@novell.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c1 Dr. Werner Fink <werner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |wjones@fluke.com --- Comment #1 from Dr. Werner Fink <werner@novell.com> 2011-07-07 07:19:19 UTC --- Which platform are you using? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c2 --- Comment #2 from Dr. Werner Fink <werner@novell.com> 2011-07-07 08:15:08 UTC --- Can not reproduce with latest xv on openSUSE factory x86_64 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c3 Dr. Werner Fink <werner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |security-team@suse.de InfoProvider|wjones@fluke.com |maintenance@opensuse.org --- Comment #3 from Dr. Werner Fink <werner@novell.com> 2011-07-07 10:36:36 UTC --- With file name longer than 128 I can reproduce. Fixed, see openSUSE:Factory:NonFree At maintenance/security-team: Do we need an update of xv for this? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c4 --- Comment #4 from Ludwig Nussel <lnussel@novell.com> 2011-07-07 13:17:32 CEST --- not from security POV -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c5 --- Comment #5 from Marcus Meissner <meissner@novell.com> 2011-07-07 11:40:27 UTC --- we could do an update, as its not very hard to fix I guess. +1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c6 --- Comment #6 from Dr. Werner Fink <werner@novell.com> 2011-07-07 11:43:50 UTC --- the fix is already done ;) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c7 --- Comment #7 from Bernhard Wiedemann <bwiedemann@novell.com> 2011-07-07 14:00:41 CEST --- This is an autogenerated message for OBS integration: This bug (704230) was mentioned in https://build.opensuse.org/request/show/75640 Factory / xv -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c8 Christian Dengler <cdengler@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |cdengler@novell.com InfoProvider|maintenance@opensuse.org | --- Comment #8 from Christian Dengler <cdengler@novell.com> 2011-07-07 14:17:27 UTC --- +1, update is okay -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c9 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |maint:running:42121:low --- Comment #9 from Swamp Workflow Management <swamp@suse.de> 2011-07-07 14:17:59 UTC --- The SWAMPID for this issue is 42121. This issue was rated as low. Please submit fixed packages until 2011-08-04. Also create a patchinfo file using this link: https://swamp.suse.de/webswamp/wf/42121 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c10 --- Comment #10 from Dr. Werner Fink <werner@novell.com> 2011-07-08 11:46:38 UTC --- Submit request id 75854 for openSUSE 11.3 Submit request id 75855 for openSUSE 11.4 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c11 Dr. Werner Fink <werner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #11 from Dr. Werner Fink <werner@novell.com> 2011-07-08 11:47:17 UTC --- fixed -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c12 --- Comment #12 from Bernhard Wiedemann <bwiedemann@novell.com> 2011-07-08 16:01:18 CEST --- This is an autogenerated message for OBS integration: This bug (704230) was mentioned in https://build.opensuse.org/request/show/75854 11.3 / xv https://build.opensuse.org/request/show/75855 11.4 / xv -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c Christian Dengler <cdengler@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c13 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:42121:low |maint:running:42121:low | |maint:released:11.4:42136 | |maint:released:11.3:42136 --- Comment #13 from Swamp Workflow Management <swamp@suse.de> 2011-07-19 13:08:43 UTC --- Update released for: xv, xv-debuginfo, xv-debugsource Products: openSUSE 11.3 (i586, x86_64) openSUSE 11.4 (i586, x86_64) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=704230 https://bugzilla.novell.com/show_bug.cgi?id=704230#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:42121:low |. |maint:released:11.4:42136 | |maint:released:11.3:42136 | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com