FS#55176 : [nickle] Buffer overflow detected

FS#55176 - [nickle] Buffer overflow detected

Attached to Project: Community Packages
Opened by b4283 (b4283) - Thursday, 17 August 2017, 07:26 GMT
Last edited by Doug Newgard (Scimmia) - Friday, 26 January 2018, 22:52 GMT

Task Type	Bug Report
Category	Packages
Status	Closed
Assigned To	Lukas Fleischer (lfleischer)
Architecture	All
Severity	High
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description:

Running the program causing it to exit with "Buffer overflow" error messages.

Additional info:
* package version(s): 2.70-5
* config and/or log files etc.

*** buffer overflow detected ***: nickle terminated
======= Backtrace: =========
/usr/lib/libc.so.6(+0x72bdd)[0x7f39f75c4bdd]
/usr/lib/libc.so.6(__fortify_fail+0x38)[0x7f39f7651158]
/usr/lib/libc.so.6(+0xfd050)[0x7f39f764f050]
/usr/lib/libc.so.6(+0xfc2c3)[0x7f39f764e2c3]
nickle(NewStrString+0x30)[0x4374c0]
nickle(StringInit+0x16)[0x437546]
nickle(ValueInit+0x66)[0x43ea36]
nickle(init+0x13)[0x42a8a3]
nickle(main+0xf5)[0x40b2a5]
/usr/lib/libc.so.6(__libc_start_main+0xea)[0x7f39f75724ca]
nickle(_start+0x2a)[0x40b4aa]
======= Memory map: ========
00400000-0047c000 r-xp 00000000 08:01 472941 /usr/bin/nickle
0067b000-0067c000 r--p 0007b000 08:01 472941 /usr/bin/nickle
0067c000-0067d000 rw-p 0007c000 08:01 472941 /usr/bin/nickle
01b0a000-01b83000 rw-p 00000000 00:00 0 [heap]
7f39f70ce000-7f39f70e4000 r-xp 00000000 08:01 414584 /usr/lib/libgcc_s.so.1
7f39f70e4000-7f39f72e3000 ---p 00016000 08:01 414584 /usr/lib/libgcc_s.so.1
7f39f72e3000-7f39f72e4000 r--p 00015000 08:01 414584 /usr/lib/libgcc_s.so.1
7f39f72e4000-7f39f72e5000 rw-p 00016000 08:01 414584 /usr/lib/libgcc_s.so.1
7f39f72e5000-7f39f734d000 r-xp 00000000 08:01 427489 /usr/lib/libncursesw.so.6.0
7f39f734d000-7f39f754c000 ---p 00068000 08:01 427489 /usr/lib/libncursesw.so.6.0
7f39f754c000-7f39f7550000 r--p 00067000 08:01 427489 /usr/lib/libncursesw.so.6.0
7f39f7550000-7f39f7552000 rw-p 0006b000 08:01 427489 /usr/lib/libncursesw.so.6.0
7f39f7552000-7f39f76ef000 r-xp 00000000 08:01 395816 /usr/lib/libc-2.25.so
7f39f76ef000-7f39f78ee000 ---p 0019d000 08:01 395816 /usr/lib/libc-2.25.so
7f39f78ee000-7f39f78f2000 r--p 0019c000 08:01 395816 /usr/lib/libc-2.25.so
7f39f78f2000-7f39f78f4000 rw-p 001a0000 08:01 395816 /usr/lib/libc-2.25.so
7f39f78f4000-7f39f78f8000 rw-p 00000000 00:00 0
7f39f78f8000-7f39f793c000 r-xp 00000000 08:01 399371 /usr/lib/libreadline.so.7.0
7f39f793c000-7f39f7b3c000 ---p 00044000 08:01 399371 /usr/lib/libreadline.so.7.0
7f39f7b3c000-7f39f7b3e000 r--p 00044000 08:01 399371 /usr/lib/libreadline.so.7.0
7f39f7b3e000-7f39f7b44000 rw-p 00046000 08:01 399371 /usr/lib/libreadline.so.7.0
7f39f7b44000-7f39f7b46000 rw-p 00000000 00:00 0
7f39f7b46000-7f39f7c57000 r-xp 00000000 08:01 395858 /usr/lib/libm-2.25.so
7f39f7c57000-7f39f7e56000 ---p 00111000 08:01 395858 /usr/lib/libm-2.25.so
7f39f7e56000-7f39f7e57000 r--p 00110000 08:01 395858 /usr/lib/libm-2.25.so
7f39f7e57000-7f39f7e58000 rw-p 00111000 08:01 395858 /usr/lib/libm-2.25.so
7f39f7e58000-7f39f7e5b000 r-xp 00000000 08:01 395851 /usr/lib/libdl-2.25.so
7f39f7e5b000-7f39f805a000 ---p 00003000 08:01 395851 /usr/lib/libdl-2.25.so
7f39f805a000-7f39f805b000 r--p 00002000 08:01 395851 /usr/lib/libdl-2.25.so
7f39f805b000-7f39f805c000 rw-p 00003000 08:01 395851 /usr/lib/libdl-2.25.so
7f39f805c000-7f39f807f000 r-xp 00000000 08:01 395806 /usr/lib/ld-2.25.so
7f39f824a000-7f39f824e000 rw-p 00000000 00:00 0
7f39f827e000-7f39f827f000 rw-p 00000000 00:00 0
7f39f827f000-7f39f8280000 r--p 00023000 08:01 395806 /usr/lib/ld-2.25.so
7f39f8280000-7f39f8281000 rw-p 00024000 08:01 395806 /usr/lib/ld-2.25.so
7f39f8281000-7f39f8282000 rw-p 00000000 00:00 0
7ffea3af7000-7ffea3b18000 rw-p 00000000 00:00 0 [stack]
7ffea3b88000-7ffea3b8b000 r--p 00000000 00:00 0 [vvar]
7ffea3b8b000-7ffea3b8d000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]

Steps to reproduce:

Install the package from community repo and simply run the progam.

This task depends upon

Closed by Doug Newgard (Scimmia)
Friday, 26 January 2018, 22:52 GMT
Reason for closing: Fixed
Additional comments about closing: nickle 2.80-1

Comment by Eli Schwartz (eschwartz) - Thursday, 17 August 2017, 15:28 GMT

Field changed: Summary (Buffer overflow detected → [nickle] Buffer overflow detected)

"the program" is extremely vague, in the future please fill out complete bugreports so we don't have to investigate just so we can find out what package you are talking about.

Comment by b4283 (b4283) - Friday, 18 August 2017, 08:13 GMT

Sorry for the incompleteness. I discovered I have missed some information (package name & executable name) later reviewing this ticket.

Comment by Rikard Falkeborn (Herk) - Friday, 26 January 2018, 21:54 GMT

I can confirm that 2.70-5 crashes with buffer overflow at startup and that 2.80-1 does not.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#55176 - [nickle] Buffer overflow detected

Details

Loading...