[Bug 724380] New: pstree buffer overflow
https://bugzilla.novell.com/show_bug.cgi?id=724380 https://bugzilla.novell.com/show_bug.cgi?id=724380#c0 Summary: pstree buffer overflow Classification: openSUSE Product: openSUSE 12.1 Version: Beta 1 Platform: x86-64 OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: asklein@wpax13.physik.uni-wuerzburg.de QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.202 Safari/535.1 asklein@pluto:~> pstree *** buffer overflow detected ***: pstree terminated ======= Backtrace: ========= /lib64/libc.so.6(__fortify_fail+0x37)[0x7f7e75bde637] /lib64/libc.so.6(+0xed570)[0x7f7e75bdc570] pstree[0x4032b9] pstree[0x4033ff] pstree[0x402194] /lib64/libc.so.6(__libc_start_main+0xed)[0x7f7e75b1023d] pstree[0x4023b9] ======= Memory map: ======== 00400000-00405000 r-xp 00000000 08:07 100669497 /usr/bin/pstree 00604000-00605000 r--p 00004000 08:07 100669497 /usr/bin/pstree 00605000-00606000 rw-p 00005000 08:07 100669497 /usr/bin/pstree 00606000-00627000 rw-p 00000000 00:00 0 [heap] 7f7e756d5000-7f7e756ea000 r-xp 00000000 08:07 12792 /lib64/libgcc_s.so.1 7f7e756ea000-7f7e758e9000 ---p 00015000 08:07 12792 /lib64/libgcc_s.so.1 7f7e758e9000-7f7e758ea000 r--p 00014000 08:07 12792 /lib64/libgcc_s.so.1 7f7e758ea000-7f7e758eb000 rw-p 00015000 08:07 12792 /lib64/libgcc_s.so.1 7f7e758eb000-7f7e758ed000 r-xp 00000000 08:07 3798538 /lib64/libdl-2.14.so 7f7e758ed000-7f7e75aed000 ---p 00002000 08:07 3798538 /lib64/libdl-2.14.so 7f7e75aed000-7f7e75aee000 r--p 00002000 08:07 3798538 /lib64/libdl-2.14.so 7f7e75aee000-7f7e75aef000 rw-p 00003000 08:07 3798538 /lib64/libdl-2.14.so 7f7e75aef000-7f7e75c74000 r-xp 00000000 08:07 2437492 /lib64/libc-2.14.so 7f7e75c74000-7f7e75e73000 ---p 00185000 08:07 2437492 /lib64/libc-2.14.so 7f7e75e73000-7f7e75e77000 r--p 00184000 08:07 2437492 /lib64/libc-2.14.so 7f7e75e77000-7f7e75e78000 rw-p 00188000 08:07 2437492 /lib64/libc-2.14.so 7f7e75e78000-7f7e75e7d000 rw-p 00000000 00:00 0 7f7e75e7d000-7f7e75e99000 r-xp 00000000 08:07 274826 /lib64/libselinux.so.1 7f7e75e99000-7f7e76098000 ---p 0001c000 08:07 274826 /lib64/libselinux.so.1 7f7e76098000-7f7e76099000 r--p 0001b000 08:07 274826 /lib64/libselinux.so.1 7f7e76099000-7f7e7609a000 rw-p 0001c000 08:07 274826 /lib64/libselinux.so.1 7f7e7609a000-7f7e7609b000 rw-p 00000000 00:00 0 7f7e7609b000-7f7e760e6000 r-xp 00000000 08:07 15261 /lib64/libncurses.so.5.8 7f7e760e6000-7f7e762e5000 ---p 0004b000 08:07 15261 /lib64/libncurses.so.5.8 7f7e762e5000-7f7e762e9000 r--p 0004a000 08:07 15261 /lib64/libncurses.so.5.8 7f7e762e9000-7f7e762ef000 rw-p 0004e000 08:07 15261 /lib64/libncurses.so.5.8 7f7e762ef000-7f7e7630f000 r-xp 00000000 08:07 529 /lib64/ld-2.14.so 7f7e7635e000-7f7e7639d000 r--p 00000000 08:07 101833442 /usr/lib/locale/en_US.utf8/LC_CTYPE 7f7e7639d000-7f7e764cd000 r--p 00000000 08:07 105127148 /usr/lib/locale/en_US.utf8/LC_COLLATE 7f7e764cd000-7f7e764d1000 rw-p 00000000 00:00 0 7f7e764fb000-7f7e764fd000 rw-p 00000000 00:00 0 7f7e764fd000-7f7e764fe000 r--p 00000000 08:07 100671024 /usr/lib/locale/en_US.utf8/LC_NUMERIC 7f7e764fe000-7f7e764ff000 r--p 00000000 08:07 105127064 /usr/lib/locale/en_US.utf8/LC_TIME 7f7e764ff000-7f7e76500000 r--p 00000000 08:07 105127063 /usr/lib/locale/en_US.utf8/LC_MONETARY 7f7e76500000-7f7e76501000 r--p 00000000 08:07 9149 /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES 7f7e76501000-7f7e76502000 r--p 00000000 08:07 33559035 /usr/lib/locale/en_US.utf8/LC_PAPER 7f7e76502000-7f7e76503000 r--p 00000000 08:07 33559045 /usr/lib/locale/en_US.utf8/LC_NAME 7f7e76503000-7f7e76504000 r--p 00000000 08:07 100674432 /usr/lib/locale/en_US.utf8/LC_ADDRESS 7f7e76504000-7f7e76505000 r--p 00000000 08:07 33561886 /usr/lib/locale/en_US.utf8/LC_TELEPHONE 7f7e76505000-7f7e76506000 r--p 00000000 08:07 39212225 /usr/lib/locale/en_US.utf8/LC_MEASUREMENT 7f7e76506000-7f7e7650d000 r--s 00000000 08:07 105127150 /usr/lib64/gconv/gconv-modules.cache 7f7e7650d000-7f7e7650e000 r--p 00000000 08:07 103575529 /usr/lib/locale/en_US.utf8/LC_IDENTIFICATION 7f7e7650e000-7f7e7650f000 rw-p 00000000 00:00 0 7f7e7650f000-7f7e76510000 r--p 00020000 08:07 529 /lib64/ld-2.14.so 7f7e76510000-7f7e76511000 rw-p 00021000 08:07 529 /lib64/ld-2.14.so 7f7e76511000-7f7e76512000 rw-p 00000000 00:00 0 7fff790f3000-7fff79114000 rw-p 00000000 00:00 0 [stack] 7fff791ff000-7fff79200000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] Aborted asklein@pluto:~> Reproducible: Always Steps to Reproduce: 1. pstree 2. 3. Actual Results: *** buffer overflow detected ***: pstree terminated Expected Results: should not crash -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=724380 https://bugzilla.novell.com/show_bug.cgi?id=724380#c zj jia <zjjia@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |zjjia@suse.com AssignedTo|bnc-team-screening@forge.pr |werner@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=724380 https://bugzilla.novell.com/show_bug.cgi?id=724380#c1 Dr. Werner Fink <werner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |asklein@wpax13.physik.uni-w | |uerzburg.de --- Comment #1 from Dr. Werner Fink <werner@suse.com> 2011-10-17 13:14:31 UTC --- Please update to latest version: * Tue Oct 11 2011 werner@suse.de - Use __builtin___strcpy_ instead of __builtin___strcpy_chk to avoid trouble with char path[0] tag in struct handle (bnc#723304) * Fri Oct 07 2011 werner@suse.de - Make main fuser process more robust against broken pipe and check for helper process within a SIGCHLD handler * Wed Oct 05 2011 werner@suse.de - Handle internal size of structure stat by including config.h to avoid size missmatch during copy result back (bnc#720882) * Mon Oct 03 2011 mmarek@suse.cz - Fix segfault in pstree, patch by Tetsuo Handa (bnc#718915). and report (IMHO this could be a duplicate of bnc#718915) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=724380 https://bugzilla.novell.com/show_bug.cgi?id=724380#c2 Dr. Werner Fink <werner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED InfoProvider|asklein@wpax13.physik.uni-w | |uerzburg.de | Resolution| |FIXED --- Comment #2 from Dr. Werner Fink <werner@suse.com> 2011-10-19 11:35:24 UTC --- No response seems to good response -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com