Bug#747006: net-tools: Buffer overflow detected by libc in 'route' command

Alan Fisher Sun, 04 May 2014 11:10:30 -0700

Package: net-tools
Version: 1.60-25
Severity: low

Dear Maintainer,


In this example, when 'route' is run with the fourth argument
(0123456789abcdef) >= 16 characters, a buffer overrun occurs.

 # route add -6 default 0123456789abcdef

glib reports detecting a buffer overflow. Here is the output:

*** buffer overflow detected ***: route terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x6e8ef)[0x7f58b6ff28ef]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f58b7078b97]
/lib/x86_64-linux-gnu/libc.so.6(+0xf3c20)[0x7f58b7077c20]
route[0x404d47]
route[0x401d6b]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7f58b6fa5b45]
route[0x401e79]
======= Memory map: ========
00400000-0040d000 r-xp 00000000 00:10 7092064                            
/sbin/route
0060c000-0060d000 r--p 0000c000 00:10 7092064                            
/sbin/route
0060d000-0060e000 rw-p 0000d000 00:10 7092064                            
/sbin/route
0060e000-0060f000 rw-p 00000000 00:00 0 
01cd6000-01cf7000 rw-p 00000000 00:00 0                                  [heap]
7f58b6d6e000-7f58b6d83000 r-xp 00000000 00:10 10514564                   
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f58b6d83000-7f58b6f83000 ---p 00015000 00:10 10514564                   
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f58b6f83000-7f58b6f84000 rw-p 00015000 00:10 10514564                   
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f58b6f84000-7f58b7124000 r-xp 00000000 00:10 10514228                   
/lib/x86_64-linux-gnu/libc-2.18.so
7f58b7124000-7f58b7323000 ---p 001a0000 00:10 10514228                   
/lib/x86_64-linux-gnu/libc-2.18.so
7f58b7323000-7f58b7327000 r--p 0019f000 00:10 10514228                   
/lib/x86_64-linux-gnu/libc-2.18.so
7f58b7327000-7f58b7329000 rw-p 001a3000 00:10 10514228                   
/lib/x86_64-linux-gnu/libc-2.18.so
7f58b7329000-7f58b732d000 rw-p 00000000 00:00 0 
7f58b732d000-7f58b734d000 r-xp 00000000 00:10 10514218                   
/lib/x86_64-linux-gnu/ld-2.18.so
7f58b7399000-7f58b7522000 r--p 00000000 00:10 10514664                   
/usr/lib/locale/locale-archive
7f58b7522000-7f58b7525000 rw-p 00000000 00:00 0 
7f58b7549000-7f58b754c000 rw-p 00000000 00:00 0 
7f58b754c000-7f58b754d000 r--p 0001f000 00:10 10514218                   
/lib/x86_64-linux-gnu/ld-2.18.so
7f58b754d000-7f58b754e000 rw-p 00020000 00:10 10514218                   
/lib/x86_64-linux-gnu/ld-2.18.so
7f58b754e000-7f58b754f000 rw-p 00000000 00:00 0 
7fff6b99a000-7fff6b9bb000 rw-p 00000000 00:00 0                          [stack]
7fff6b9fe000-7fff6ba00000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  
[vsyscall]



-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages net-tools depends on:
ii  libc6  2.18-4

net-tools recommends no packages.

net-tools suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Bug#747006: net-tools: Buffer overflow detected by libc in 'route' command

Reply via email to