Starting program: /usr/bin/tftp localhost -c get foo
*** buffer overflow detected ***: /usr/bin/tftp terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7ffff78eb7d7]
/lib/libc.so.6(+0xf5760)[0x7ffff78e9760]
/usr/bin/tftp[0x4017bb]
/usr/bin/tftp[0x401faf]
/usr/bin/tftp[0x402e04]
/usr/bin/tftp[0x40386c]
/lib/libc.so.6(__libc_start_main+0xed)[0x7ffff781538d]
/usr/bin/tftp[0x401689]
======= Memory map: ========
00400000-00406000 r-xp 00000000 08:05 149694 /usr/bin/tftp
00605000-00606000 r--p 00005000 08:05 149694 /usr/bin/tftp
00606000-00607000 rw-p 00006000 08:05 149694 /usr/bin/tftp
00607000-00648000 rw-p 00000000 00:00 0 [heap]
7ffff7174000-7ffff7189000 r-xp 00000000 08:05 183560 /usr/lib/libgcc_s.so.1
7ffff7189000-7ffff7389000 ---p 00015000 08:05 183560 /usr/lib/libgcc_s.so.1
7ffff7389000-7ffff738a000 rw-p 00015000 08:05 183560 /usr/lib/libgcc_s.so.1
7ffff738a000-7ffff7396000 r-xp 00000000 08:05 656751 /lib/libnss_files-2.15.so
7ffff7396000-7ffff7595000 ---p 0000c000 08:05 656751 /lib/libnss_files-2.15.so
7ffff7595000-7ffff7596000 r--p 0000b000 08:05 656751 /lib/libnss_files-2.15.so
7ffff7596000-7ffff7597000 rw-p 0000c000 08:05 656751 /lib/libnss_files-2.15.so
7ffff7597000-7ffff75ef000 r-xp 00000000 08:05 134048 /usr/lib/libncursesw.so.5.9
7ffff75ef000-7ffff77ee000 ---p 00058000 08:05 134048 /usr/lib/libncursesw.so.5.9
7ffff77ee000-7ffff77f2000 r--p 00057000 08:05 134048 /usr/lib/libncursesw.so.5.9
7ffff77f2000-7ffff77f3000 rw-p 0005b000 08:05 134048 /usr/lib/libncursesw.so.5.9
7ffff77f3000-7ffff77f4000 rw-p 00000000 00:00 0
7ffff77f4000-7ffff798c000 r-xp 00000000 08:05 656742 /lib/libc-2.15.so
7ffff798c000-7ffff7b8c000 ---p 00198000 08:05 656742 /lib/libc-2.15.so
7ffff7b8c000-7ffff7b90000 r--p 00198000 08:05 656742 /lib/libc-2.15.so
7ffff7b90000-7ffff7b92000 rw-p 0019c000 08:05 656742 /lib/libc-2.15.so
7ffff7b92000-7ffff7b96000 rw-p 00000000 00:00 0
7ffff7b96000-7ffff7bd2000 r-xp 00000000 08:05 675688 /lib/libreadline.so.6.2
7ffff7bd2000-7ffff7dd2000 ---p 0003c000 08:05 675688 /lib/libreadline.so.6.2
7ffff7dd2000-7ffff7dd4000 r--p 0003c000 08:05 675688 /lib/libreadline.so.6.2
7ffff7dd4000-7ffff7dda000 rw-p 0003e000 08:05 675688 /lib/libreadline.so.6.2
7ffff7dda000-7ffff7ddc000 rw-p 00000000 00:00 0
7ffff7ddc000-7ffff7dfd000 r-xp 00000000 08:05 656755 /lib/ld-2.15.so
7ffff7fcd000-7ffff7fd0000 rw-p 00000000 00:00 0
7ffff7ff8000-7ffff7ffb000 rw-p 00000000 00:00 0
7ffff7ffb000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00020000 08:05 656755 /lib/ld-2.15.so
7ffff7ffd000-7ffff7ffe000 rw-p 00021000 08:05 656755 /lib/ld-2.15.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
0x00007ffff7828975 in raise () from /lib/libc.so.6
Program received signal SIGABRT, Aborted.
0x00007ffff7828975 in raise () from /lib/libc.so.6
#0 0x00007ffff7828975 in raise () from /lib/libc.so.6
No symbol table info available.
#1 0x00007ffff7829deb in abort () from /lib/libc.so.6
No symbol table info available.
#2 0x00007ffff78656ae in __libc_message () from /lib/libc.so.6
No symbol table info available.
#3 0x00007ffff78eb7d7 in __fortify_fail () from /lib/libc.so.6
No symbol table info available.
#4 0x00007ffff78e9760 in __chk_fail () from /lib/libc.so.6
No symbol table info available.
#5 0x00000000004017bb in strcpy (__src=0x7fffffffeb2b "foo", __dest=0x606402 "f") at /usr/include/bits/string3.h:105
No locals.
#6 makerequest (request=<optimized out>, name=0x7fffffffeb2b "foo", tp=<optimized out>, mode=0x40482e "netascii") at tftp.c:285
cp = 0x606402 "f"
#7 0x0000000000401faf in tftp_recvfile (fd=<optimized out>, name=0x7fffffffeb2b "foo", mode=<optimized out>) at tftp.c:197
ap = 0x606400
dp = 0x606904
n = <optimized out>
block = 1
size = 32767
firsttrip = 1
amount = 0
from = {sa = {sa_family = 0, sa_data = "\000\000\000\000\000\000\021\000\000\000\000\000\000"}, si = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\021\000\000\000\000\000\000"}, s6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {
__u6_addr8 = "\021\000\000\000\000\000\000\000\266\001\000\000\000\000\000", __u6_addr16 = {17, 0, 0, 0, 438, 0, 0, 0}, __u6_addr32 = {17, 0,
438, 0}}}, sin6_scope_id = 577}}
fromlen = 0
file = 0x628110
convert = 1
dp_opcode = <optimized out>
dp_block = <optimized out>
#8 0x0000000000402e04 in get (argc=2, argv=<optimized out>) at main.c:673
n = <optimized out>
cp = 0x7fffffffeb2b "foo"
src = 0x7fffffffeb2b "foo"
#9 0x000000000040386c in main (argc=<optimized out>, argv=0x7fffffffe808) at main.c:345
c = <optimized out>
sa = {sa = {sa_family = 10, sa_data = '\000' <repeats 13 times>}, si = {sin_family = 10, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, s6 = {sin6_family = 10, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}
arg = <optimized out>
pargc = 2
peerargc = 2
iscmd = 1
pargv = 0x7fffffffe820
optx = <optimized out>
peerargv = {0x7fffffffeb0c "/usr/bin/tftp", 0x7fffffffeb1a "localhost", 0x7fffffffe72e ""}