Package: xfstt
Version: 1.7-7

If xfstt is compiled with -O2 (and hence fortified calls to standard
library functions)
it crashes when requesting its fonts list with fslsfonts.

See also ubuntu bug 575026
(https://bugs.launchpad.net/ubuntu/+source/xfstt/+bug/575026)
I posted a patch overthere.

Reproducing the bug:

fslsfonts -server unix/:7101

returns

FSIO: fatal IO error 32 (Broken pipe) on font server "unix/:7101"
      after 1 requests (0 known processed) with 0 events remaining.
      The connection was probably broken by a server shutdown.

When running xfstt in foreground and calling fslsfonts in another
terminal we get:

# xfstt

*** buffer overflow detected ***: xfstt terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x50)[0xb89350]
/lib/tls/i686/cmov/libc.so.6(+0xe128a)[0xb8828a]
/lib/tls/i686/cmov/libc.so.6(+0xe09c8)[0xb879c8]
/lib/tls/i686/cmov/libc.so.6(_IO_default_xsputn+0x9e)[0xb10afe]
/lib/tls/i686/cmov/libc.so.6(_IO_vfprintf+0xe24)[0xae4a34]
/lib/tls/i686/cmov/libc.so.6(__vsprintf_chk+0xad)[0xb87a7d]
/lib/tls/i686/cmov/libc.so.6(__sprintf_chk+0x2d)[0xb879bd]
xfstt[0x804c657]
======= Memory map: ========
0015e000-0015f000 r-xp 00000000 00:00 0 [vdso]
00382000-003a6000 r-xp 00000000 08:01 69004
/lib/tls/i686/cmov/libm-2.11.1.so
003a6000-003a7000 r--p 00023000 08:01 69004
/lib/tls/i686/cmov/libm-2.11.1.so
003a7000-003a8000 rw-p 00024000 08:01 69004
/lib/tls/i686/cmov/libm-2.11.1.so
00713000-007fc000 r-xp 00000000 08:01 3341 /usr/lib/libstdc++.so.6.0.13
007fc000-007fd000 ---p 000e9000 08:01 3341 /usr/lib/libstdc++.so.6.0.13
007fd000-00801000 r--p 000e9000 08:01 3341 /usr/lib/libstdc++.so.6.0.13
00801000-00802000 rw-p 000ed000 08:01 3341 /usr/lib/libstdc++.so.6.0.13
00802000-00809000 rw-p 00000000 00:00 0
00a41000-00a5c000 r-xp 00000000 08:01 18487 /lib/ld-2.11.1.so
00a5c000-00a5d000 r--p 0001a000 08:01 18487 /lib/ld-2.11.1.so
00a5d000-00a5e000 rw-p 0001b000 08:01 18487 /lib/ld-2.11.1.so
00aa7000-00bfa000 r-xp 00000000 08:01 68966
/lib/tls/i686/cmov/libc-2.11.1.so
00bfa000-00bfb000 ---p 00153000 08:01 68966
/lib/tls/i686/cmov/libc-2.11.1.so
00bfb000-00bfd000 r--p 00153000 08:01 68966
/lib/tls/i686/cmov/libc-2.11.1.so
00bfd000-00bfe000 rw-p 00155000 08:01 68966
/lib/tls/i686/cmov/libc-2.11.1.so
00bfe000-00c01000 rw-p 00000000 00:00 0
00e4d000-00e6a000 r-xp 00000000 08:01 20481 /lib/libgcc_s.so.1
00e6a000-00e6b000 r--p 0001c000 08:01 20481 /lib/libgcc_s.so.1
00e6b000-00e6c000 rw-p 0001d000 08:01 20481 /lib/libgcc_s.so.1
08048000-08060000 r-xp 00000000 08:01 63034 /usr/bin/xfstt
08060000-08061000 r--p 00017000 08:01 63034 /usr/bin/xfstt
08061000-08062000 rw-p 00018000 08:01 63034 /usr/bin/xfstt
08062000-0806d000 rw-p 00000000 00:00 0
09186000-091a7000 rw-p 00000000 00:00 0 [heap]
b71fc000-b767e000 rw-p 00000000 00:00 0
b767e000-b7682000 r--s 00000000 08:01 65417 /var/cache/xfstt/ttname.dir
b7682000-b7683000 r--s 00000000 08:01 65376 /var/cache/xfstt/ttinfo.dir
b7683000-b76c2000 r--p 00000000 08:01 1738
/usr/lib/locale/en_US.utf8/LC_CTYPE
b76c2000-b76c3000 r--p 00000000 08:01 15159
/usr/lib/locale/en_US.utf8/LC_NUMERIC
b76c3000-b76c4000 r--p 00000000 08:01 9427
/usr/lib/locale/en_US.utf8/LC_TIME
b76c4000-b77e2000 r--p 00000000 08:01 2410
/usr/lib/locale/en_US.utf8/LC_COLLATE
b77e2000-b77e4000 rw-p 00000000 00:00 0
b77e4000-b77e5000 r--p 00000000 08:01 39615
/usr/lib/locale/en_US.utf8/LC_MONETARY
b77e5000-b77e6000 r--p 00000000 08:01 39616
/usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES
b77e6000-b77e7000 r--p 00000000 08:01 15095
/usr/lib/locale/en_US.utf8/LC_PAPER
b77e7000-b77e8000 r--p 00000000 08:01 15158
/usr/lib/locale/en_US.utf8/LC_NAME
b77e8000-b77e9000 r--p 00000000 08:01 42265
/usr/lib/locale/en_US.utf8/LC_ADDRESS
b77e9000-b77ea000 r--p 00000000 08:01 48946
/usr/lib/locale/en_US.utf8/LC_TELEPHONE
b77ea000-b77eb000 r--p 00000000 08:01 15091
/usr/lib/locale/en_US.utf8/LC_MEASUREMENT
b77eb000-b77f2000 r--s 00000000 08:01 68543
/usr/lib/gconv/gconv-modules.cache
b77f2000-b77f3000 r--p 00000000 08:01 48959
/usr/lib/locale/en_US.utf8/LC_IDENTIFICATION
b77f3000-b77f5000 rw-p 00000000 00:00 0
bfb9d000-bfbb2000 rw-p 00000000 00:00 0 [stack]



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to