http://bugzilla.novell.com/show_bug.cgi?id=517602 Summary: buffer overflow in modlogan Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: 3rd party software AssignedTo: mrueckert@novell.com ReportedBy: suse-beta@cboltz.de QAContact: opensuse-communityscreening@forge.provo.novell.com Found By: --- Created an attachment (id=301320) --> (http://bugzilla.novell.com/attachment.cgi?id=301320) full backtrace including memory map I'm using modlogan-0.8.13-3.1 on my server (11.1, x86_64). I have several logs which cause a buffer overflog in modlogan and could reduce the problem to one log line which isn't very long (attached below). # modlogan -c modlogan.conf < access_log-20090400 modlogan 0.8.13 main.c.738 (main): NOTICE: startup - finished [] writing month 04 - 2009 *** buffer overflow detected ***: modlogan terminated ======= Backtrace: ========= /lib64/libc.so.6(__fortify_fail+0x37)[0x7f11a36e94f7] /lib64/libc.so.6[0x7f11a36e7270] /lib64/libc.so.6[0x7f11a36e6569] /lib64/libc.so.6(_IO_default_xsputn+0x85)[0x7f11a36737b5] /lib64/libc.so.6(_IO_vfprintf+0x350e)[0x7f11a364791e] /lib64/libc.so.6(__vsprintf_chk+0x9d)[0x7f11a36e660d] /lib64/libc.so.6(__sprintf_chk+0x80)[0x7f11a36e6550] /usr/lib64/libmla_output_modlogan.so(mplugin_modlogan_create_pie+0x4fa)[0x7f11a2ddceaa] /usr/lib64/libmla_output_modlogan.so(mplugin_modlogan_create_pic_status+0x391)[0x7f11a2ddf151] /usr/lib64/libmla_output_modlogan.so[0x7f11a2dd47d0] /usr/lib64/libmla_output_modlogan.so(mplugins_output_modlogan_generate_monthly_output+0xf6)[0x7f11a2dd77b6] modlogan(generate_monthly_output+0x97)[0x414737] modlogan(main+0x1212)[0x416332] /lib64/libc.so.6(__libc_start_main+0xe6)[0x7f11a361f586] modlogan[0x407fe9] Marcus Meissner already had a short look at this at LinuxTag - ask him if you need help in locating or fixing this bug ;-) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.