Starting program: /usr/bin/tftp localhost -c get foo *** buffer overflow detected ***: /usr/bin/tftp terminated ======= Backtrace: ========= /lib/libc.so.6(__fortify_fail+0x37)[0x7ffff78eb7d7] /lib/libc.so.6(+0xf5760)[0x7ffff78e9760] /usr/bin/tftp[0x4017bb] /usr/bin/tftp[0x401faf] /usr/bin/tftp[0x402e04] /usr/bin/tftp[0x40386c] /lib/libc.so.6(__libc_start_main+0xed)[0x7ffff781538d] /usr/bin/tftp[0x401689] ======= Memory map: ======== 00400000-00406000 r-xp 00000000 08:05 149694 /usr/bin/tftp 00605000-00606000 r--p 00005000 08:05 149694 /usr/bin/tftp 00606000-00607000 rw-p 00006000 08:05 149694 /usr/bin/tftp 00607000-00648000 rw-p 00000000 00:00 0 [heap] 7ffff7174000-7ffff7189000 r-xp 00000000 08:05 183560 /usr/lib/libgcc_s.so.1 7ffff7189000-7ffff7389000 ---p 00015000 08:05 183560 /usr/lib/libgcc_s.so.1 7ffff7389000-7ffff738a000 rw-p 00015000 08:05 183560 /usr/lib/libgcc_s.so.1 7ffff738a000-7ffff7396000 r-xp 00000000 08:05 656751 /lib/libnss_files-2.15.so 7ffff7396000-7ffff7595000 ---p 0000c000 08:05 656751 /lib/libnss_files-2.15.so 7ffff7595000-7ffff7596000 r--p 0000b000 08:05 656751 /lib/libnss_files-2.15.so 7ffff7596000-7ffff7597000 rw-p 0000c000 08:05 656751 /lib/libnss_files-2.15.so 7ffff7597000-7ffff75ef000 r-xp 00000000 08:05 134048 /usr/lib/libncursesw.so.5.9 7ffff75ef000-7ffff77ee000 ---p 00058000 08:05 134048 /usr/lib/libncursesw.so.5.9 7ffff77ee000-7ffff77f2000 r--p 00057000 08:05 134048 /usr/lib/libncursesw.so.5.9 7ffff77f2000-7ffff77f3000 rw-p 0005b000 08:05 134048 /usr/lib/libncursesw.so.5.9 7ffff77f3000-7ffff77f4000 rw-p 00000000 00:00 0 7ffff77f4000-7ffff798c000 r-xp 00000000 08:05 656742 /lib/libc-2.15.so 7ffff798c000-7ffff7b8c000 ---p 00198000 08:05 656742 /lib/libc-2.15.so 7ffff7b8c000-7ffff7b90000 r--p 00198000 08:05 656742 /lib/libc-2.15.so 7ffff7b90000-7ffff7b92000 rw-p 0019c000 08:05 656742 /lib/libc-2.15.so 7ffff7b92000-7ffff7b96000 rw-p 00000000 00:00 0 7ffff7b96000-7ffff7bd2000 r-xp 00000000 08:05 675688 /lib/libreadline.so.6.2 7ffff7bd2000-7ffff7dd2000 ---p 0003c000 08:05 675688 /lib/libreadline.so.6.2 7ffff7dd2000-7ffff7dd4000 r--p 0003c000 08:05 675688 /lib/libreadline.so.6.2 7ffff7dd4000-7ffff7dda000 rw-p 0003e000 08:05 675688 /lib/libreadline.so.6.2 7ffff7dda000-7ffff7ddc000 rw-p 00000000 00:00 0 7ffff7ddc000-7ffff7dfd000 r-xp 00000000 08:05 656755 /lib/ld-2.15.so 7ffff7fcd000-7ffff7fd0000 rw-p 00000000 00:00 0 7ffff7ff8000-7ffff7ffb000 rw-p 00000000 00:00 0 7ffff7ffb000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso] 7ffff7ffc000-7ffff7ffd000 r--p 00020000 08:05 656755 /lib/ld-2.15.so 7ffff7ffd000-7ffff7ffe000 rw-p 00021000 08:05 656755 /lib/ld-2.15.so 7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0 7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] Program received signal SIGABRT, Aborted. 0x00007ffff7828975 in raise () from /lib/libc.so.6 Program received signal SIGABRT, Aborted. 0x00007ffff7828975 in raise () from /lib/libc.so.6 #0 0x00007ffff7828975 in raise () from /lib/libc.so.6 No symbol table info available. #1 0x00007ffff7829deb in abort () from /lib/libc.so.6 No symbol table info available. #2 0x00007ffff78656ae in __libc_message () from /lib/libc.so.6 No symbol table info available. #3 0x00007ffff78eb7d7 in __fortify_fail () from /lib/libc.so.6 No symbol table info available. #4 0x00007ffff78e9760 in __chk_fail () from /lib/libc.so.6 No symbol table info available. #5 0x00000000004017bb in strcpy (__src=0x7fffffffeb2b "foo", __dest=0x606402 "f") at /usr/include/bits/string3.h:105 No locals. #6 makerequest (request=, name=0x7fffffffeb2b "foo", tp=, mode=0x40482e "netascii") at tftp.c:285 cp = 0x606402 "f" #7 0x0000000000401faf in tftp_recvfile (fd=, name=0x7fffffffeb2b "foo", mode=) at tftp.c:197 ap = 0x606400 dp = 0x606904 n = block = 1 size = 32767 firsttrip = 1 amount = 0 from = {sa = {sa_family = 0, sa_data = "\000\000\000\000\000\000\021\000\000\000\000\000\000"}, si = {sin_family = 0, sin_port = 0, sin_addr = { s_addr = 0}, sin_zero = "\021\000\000\000\000\000\000"}, s6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = { __u6_addr8 = "\021\000\000\000\000\000\000\000\266\001\000\000\000\000\000", __u6_addr16 = {17, 0, 0, 0, 438, 0, 0, 0}, __u6_addr32 = {17, 0, 438, 0}}}, sin6_scope_id = 577}} fromlen = 0 file = 0x628110 convert = 1 dp_opcode = dp_block = #8 0x0000000000402e04 in get (argc=2, argv=) at main.c:673 n = cp = 0x7fffffffeb2b "foo" src = 0x7fffffffeb2b "foo" #9 0x000000000040386c in main (argc=, argv=0x7fffffffe808) at main.c:345 c = sa = {sa = {sa_family = 10, sa_data = '\000' }, si = {sin_family = 10, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, s6 = {sin6_family = 10, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = { __u6_addr8 = '\000' , __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}} arg = pargc = 2 peerargc = 2 iscmd = 1 pargv = 0x7fffffffe820 optx = peerargv = {0x7fffffffeb0c "/usr/bin/tftp", 0x7fffffffeb1a "localhost", 0x7fffffffe72e ""}