Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
I too tested the patch that changes the following 3 lines, and I no longer have x11vnc crashes. Please release that! :) - if (num > stack_list_len + blackouts) { - int n = 2*num; + if (num + blackouts > stack_list_len) { + int n = 2 * (num + blackouts); - for (i=0; ilength; i++) { + for (i = 0; i < req->length - sz_xConfigureWindowReq / 4 && i < 4; i++) {
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
I try the patch provided by "Jun Kobayashi (jkbys)" on 2017-07-19: x11vnc.debdiff Edit (2.2 KiB, text/plain) Well... First I change the debdiff to be apply over x11vnc-0.9.13-5 (instead of 0.9.13-2) : after apply the debdiff, generate the package, and install I tested. After 30min NO STACK SMACHING.. I try make popup menu like crazy and no fail. I cannot reproduce the fail anymore. I make a roolback to previus version (only for sanity check) and after 5min stack smashing detected... Then YES, the patch fix the problem. I will continue testing, any problem i will notifi PS; Adj. debdiff Guillermo Reisch El martes, 24 de abril de 2018 04:56:55 -03 Nikita Youshchenko escribió: > Hi. > > Thank you for the reminder. > > As far as I understand, this issue is patched in ubuntu > (https://bugs.launchpad.net/ubuntu/+source/x11vnc/+bug/1686084). > > Did you try their patch? Does it fix the issue for you? > > I've adopted x11vnc package recently and I will try to go through list > of open issues soon. > > Nikita > > > This problem is still present in version: x11vnc 0.9.13-5 (sid) > > > > > > > > Note: Lots of errors in debian are already fixed in patch in a lots of > > bugs! But, lots of package are "orphan"... and you can't upload a simple > > patch without going through a traumatizing "adoption". > > > > > > > > PS: Sory my bad ingles. :-P > > > > > > > > Guillermo Reisch > > > > UInf - FENF - UdelaR > > > > diff -Nru x11vnc-0.9.13/debian/changelog x11vnc-0.9.13/debian/changelog --- x11vnc-0.9.13/debian/changelog 2018-04-13 11:09:45.0 -0300 +++ x11vnc-0.9.13/debian/changelog 2018-04-28 01:52:36.0 -0300 @@ -1,3 +1,11 @@ +x11vnc (0.9.13-5ppa1) unstable; urgency=medium + + * Add patches: +- fix_overflow.patch - Two fixes for buffer overflows committed to + https://github.com/LibVNC/x11vnc/pull/25 + + -- Jun KobayashiWed, 19 Jul 2017 12:06:45 +0900 + x11vnc (0.9.13-5) unstable; urgency=low * Split build and install into arch and indep parts (Closes: #895591). diff -Nru x11vnc-0.9.13/debian/patches/fix_overflow.patch x11vnc-0.9.13/debian/patches/fix_overflow.patch --- x11vnc-0.9.13/debian/patches/fix_overflow.patch 1970-01-01 09:00:00.0 +0900 +++ x11vnc-0.9.13/debian/patches/fix_overflow.patch 2017-07-19 12:06:45.0 +0900 @@ -0,0 +1,28 @@ +Index: x11vnc-0.9.13/x11vnc/win_utils.c +=== +--- x11vnc-0.9.13.orig/x11vnc/win_utils.c x11vnc-0.9.13/x11vnc/win_utils.c +@@ -262,8 +262,8 @@ void snapshot_stack_list(int free_only, + } + + last_snap = now; +- if (num > stack_list_len + blackouts) { +- int n = 2*num; ++ if (num + blackouts > stack_list_len) { ++ int n = 2 * (num + blackouts); + free(stack_list); + stack_list = (winattr_t *) malloc(n*sizeof(winattr_t)); + stack_list_len = n; +Index: x11vnc-0.9.13/x11vnc/xrecord.c +=== +--- x11vnc-0.9.13.orig/x11vnc/xrecord.c x11vnc-0.9.13/x11vnc/xrecord.c +@@ -964,7 +964,7 @@ if (db > 1) fprintf(stderr, "record_CW-% + data = (char *)req; + data += sz_xConfigureWindowReq; + +- for (i=0; ilength; i++) { ++ for (i = 0; i < req->length - sz_xConfigureWindowReq / 4 && i < 4; i++) { + unsigned int v; + /* + * We use unsigned int for the values. There were diff -Nru x11vnc-0.9.13/debian/patches/series x11vnc-0.9.13/debian/patches/series --- x11vnc-0.9.13/debian/patches/series 2018-04-13 11:09:45.0 -0300 +++ x11vnc-0.9.13/debian/patches/series 2018-04-28 02:02:34.0 -0300 @@ -4,3 +4,4 @@ do-not-run-dbus-launch.patch enforce-bash.patch java_target_source.patch +fix_overflow.patch
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
Hi. Thank you for the reminder. As far as I understand, this issue is patched in ubuntu (https://bugs.launchpad.net/ubuntu/+source/x11vnc/+bug/1686084). Did you try their patch? Does it fix the issue for you? I've adopted x11vnc package recently and I will try to go through list of open issues soon. Nikita > This problem is still present in version: x11vnc 0.9.13-5 (sid) > > > > Note: Lots of errors in debian are already fixed in patch in a lots of > bugs! But, lots of package are "orphan"... and you can't upload a simple > patch without going through a traumatizing "adoption". > > > > PS: Sory my bad ingles. :-P > > > > Guillermo Reisch > > UInf - FENF - UdelaR > > > signature.asc Description: OpenPGP digital signature
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
This problem is still present in version: x11vnc 0.9.13-5 (sid) Note: Lots of errors in debian are already fixed in patch in a lots of bugs! But, lots of package are "orphan"... and you can't upload a simple patch without going through a traumatizing "adoption". PS: Sory my bad ingles. :-P Guillermo Reisch UInf - FENF - UdelaR
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
As a workaround, I found that adding "--noxrecord" to the options avoids the bug.
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
On Tue, 8 Aug 2017 14:30:40 +0200 Bernhard Ehlerswrote: > As the maintainer seems to be inactive, I decided to publish my patched > version. > > Please keep in mind, that this is a private build and is not approved by > debian. Use it at your own risk!!! > > http://bernhard-ehlers.de/x11vnc/x11vnc_0.9.13-2.0.patch > http://bernhard-ehlers.de/x11vnc/x11vnc_0.9.13-2.0_amd64.deb > http://bernhard-ehlers.de/x11vnc/x11vnc-data_0.9.13-2.0_all.deb > Hi, thanks a lot for your grate work on this, but could you provide some signed checksums and/or https download (or a full quallified android repository) Thanks a lot -- Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
Thanks Bernhard Ehlers, looks like your patched version solved the problems for me. I hope the Debian manteiners correct the bug soon. -- ZE-Light e ZE-Pro: servizi zimbra per caselle con dominio email.it, per tutti i dettagli Clicca qui http://posta.email.it/caselle-di-posta-z-email-it.php?utm_campaign=email_Zimbra_102014=main_footer/f Sponsor: Soluzioni di email hosting per tutte le esigenze: dalle caselle gratuite a quelle professionali su piattaforma Zimbra, da quelle su proprio dominio a quelle certificate PEC. Confronta le soluzioni Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=13325=9-10
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
Considering that on x11vnc -> You can't maintain a key for repetition -> Copy/Paste often doesn't work between client/server -> When the connection is lost, server keep feeling connected, and you cannot reconnect -> problem of setting between qwerty and azerty during few first key hits, sometimes -> if num lock is activated on the server, then somebody must physically go the the server to disable it (if not you cannot use numeric pad) -> unable to set a more than 8 characters password, unable to set symbols like '$' into it -> no encryption -> a completely impossible to learn default launch line : x11vnc -forever -rfbport 5900 -auth guess -rfbauth /var/vnc/x11vnc.pass -o /var/vnc/x11vnc.log -bg -display :0 -> crashes every few seconds -> I probably forgot a lot of others bugs I propose to have x11vnc retrograded as "unstable" and, at least, removed from any stable repository. It's absolutely not fair, to find such shameful buggy crap available into operating systems like Debian, while some really good software "not tested enough" still aren't available trough apt-get. I understand this second point, because that's in order to make such situations like x11vnc impossible anymore : such misfiring package really decrease the quality of users experience with Linux operating systems and those package have nothing to do into a "stable" operating system. - I successfully used "Vino" as replacement of x11vnc, to help those who want to use Vino, here is some way to succeed in it (may be not the best, you can probably customize - but working with lxde) apt install vino dconf-editor The only way to change settings for vino is to use some kind of dconf-editor. Inside of dconf settings : /org/gnome/desktop/remote-access/ -> require-encryption : false if your Viewer doesn't connect -> prompt-enabled : false if your desktop doesn't make you appear the prompt, or if you don't want it /org/gnome/desktop/input-sources/ -> sources : [('xkb', 'fr')] if you want azerty /usr/share/application/vino-server.desktop should be put into your /home/user/.config/autostart/ directory (it works on any desktop) In order to get the server auto-available, you should auto-login (with lightdm.conf or other, depending on your desktop manager) Still haven't successfully put a password... but I'm using local and SSH tunnel. At least, for the first time since several month, I have a usable VNC system. For virtual/punctual screen sharing, tightvncserver is working fine and easy.
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
On Tue, 8 Aug 2017 14:30:40 +0200 Bernhard Ehlerswrote: > As the maintainer seems to be inactive, I decided to publish my patched > version. > > Please keep in mind, that this is a private build and is not approved by > debian. Use it at your own risk!!! > > http://bernhard-ehlers.de/x11vnc/x11vnc_0.9.13-2.0.patch > http://bernhard-ehlers.de/x11vnc/x11vnc_0.9.13-2.0_amd64.deb > http://bernhard-ehlers.de/x11vnc/x11vnc-data_0.9.13-2.0_all.deb > Hello, I confirm : - the bug in the version available in Stretch - the Bernhard's package correct this bug (thanks for your publication) I would suggest to do a NMU ( https://www.debian.org/doc/manuals/developers-reference/pkgs.html#nmu )
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
As the maintainer seems to be inactive, I decided to publish my patched version. Please keep in mind, that this is a private build and is not approved by debian. Use it at your own risk!!! http://bernhard-ehlers.de/x11vnc/x11vnc_0.9.13-2.0.patch http://bernhard-ehlers.de/x11vnc/x11vnc_0.9.13-2.0_amd64.deb http://bernhard-ehlers.de/x11vnc/x11vnc-data_0.9.13-2.0_all.deb
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
I just had the problem at least 20 times today. If the problem is corrected upstream since middle of 2016 I'm not sure to understand why it's still waiting for something before entering into debian 9. Some validation ? Obviously, the current one does not work, it cannot be worst. Thank you !
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
Package: x11vnc Version: 0.9.13-2 Followup-For: Bug #859213 I confirm this bug. Here is the stacktrace I just got: #0 0xf7ffb425 in __kernel_vsyscall () #1 0xf782ddc0 in __libc_signal_restore_set (set=0x9390) at ../sysdeps/unix/sysv/linux/nptl-signals.h:79 #2 __GI_raise (sig=6) at ../sysdeps/unix/sysv/linux/raise.c:48 #3 0xf782f287 in __GI_abort () at abort.c:89 #4 0xf786937f in __libc_message (do_abort=, fmt=) at ../sysdeps/posix/libc_fatal.c:175 #5 0xf78f9d77 in __GI___fortify_fail (msg=0xf79614f5 "stack smashing detected") at fortify_fail.c:30 #6 0xf78f9d38 in __stack_chk_fail () at stack_chk_fail.c:28 #7 0x5661a3d4 in __stack_chk_fail_local () #8 0x56614b79 in record_CW (ptr=ptr@entry=0x1 , rec_data=rec_data@entry=0x569e0ec0) at xrecord.c:1347 #9 0x56615041 in record_switch (ptr=0x1 , rec_data=0x569e0ec0) at xrecord.c:1387 #10 0xf7c2458a in ?? () from /usr/lib/i386-linux-gnu/libXtst.so.6 #11 0xf7c24a36 in ?? () from /usr/lib/i386-linux-gnu/libXtst.so.6 #12 0xf7adb7ff in ?? () from /usr/lib/i386-linux-gnu/libX11.so.6 #13 0xf7adc24b in _XEventsQueued () from /usr/lib/i386-linux-gnu/libX11.so.6 #14 0xf7acd762 in XPending () from /usr/lib/i386-linux-gnu/libX11.so.6 #15 0xf7c259d8 in XRecordProcessReplies () from /usr/lib/i386-linux-gnu/libXtst.so.6 #16 0x565f2706 in check_xrecord_mouse () at userinput.c:2988 #17 check_xrecord () at userinput.c:3164 #18 0x565fdd9d in check_user_input (dt=0.00043401506263762712, dtr=0.014273106004111469, tile_diffs=0, cnt=0x9e8c) at userinput.c:5712 #19 0x565c44b0 in watch_loop () at screen.c:4561 #20 0x5656537f in main (argc=, argv=) at x11vnc.c:5990 This seems to match perfectly with the patch you linked. Dear maintainer, please apply this patch soon. Some instances of the bug are 100% reproducible to me, makeing me unable to open some popup-menus without crashing x11vnc. Best regards, Celelibi -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'unstable') Architecture: i386 (x86_64) Kernel: Linux 3.10.11 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: sysvinit (via /sbin/init) Versions of packages x11vnc depends on: ii libavahi-client3 0.6.32-2 ii libavahi-common3 0.6.32-2 ii libc6 2.24-10 ii libjpeg62-turbo 1:1.5.1-2 ii libssl1.1 1.1.0e-1 ii libvncclient1 0.9.11+dfsg-1 ii libvncserver1 0.9.11+dfsg-1 ii libx11-6 2:1.6.4-3 ii libxdamage1 1:1.1.4-2+b3 ii libxext6 2:1.3.3-1+b2 ii libxfixes31:5.0.3-1 ii libxinerama1 2:1.1.3-1+b3 ii libxrandr22:1.5.1-1 ii libxtst6 2:1.2.3-1 ii openssl 1.1.0e-1 ii tk8.6.0+9 ii x11vnc-data 0.9.13-2 ii zlib1g1:1.2.8.dfsg-5 x11vnc recommends no packages. x11vnc suggests no packages. -- no debconf information
Bug#859213: x11vnc: stack smashing detected: x11vnc terminated
Package: x11vnc Version: 0.9.13-2 Severity: important Mostly when a popup is shown, x11vnc crashes. As a workaround I installed the jessie version 0.9.13-1.2 (together with libvncclient0, libvncserver0, libhogweed2, libnettle4 and libssl1.0.0). Seems to work much better. The error output: *** stack smashing detected ***: x11vnc terminated === Backtrace: = /lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7f9c5dfc6bcb] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f9c5e04f0b7] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x0)[0x7f9c5e04f080] x11vnc(+0xb8887)[0x5612949aa887] x11vnc(+0xb8d3b)[0x5612949aad3b] /usr/lib/x86_64-linux-gnu/libXtst.so.6(+0x19d8)[0x7f9c5fd369d8] /usr/lib/x86_64-linux-gnu/libXtst.so.6(+0x1f55)[0x7f9c5fd36f55] /usr/lib/x86_64-linux-gnu/libX11.so.6(+0x421dd)[0x7f9c5f00e1dd] /usr/lib/x86_64-linux-gnu/libX11.so.6(_XEventsQueued+0x55)[0x7f9c5f00eb15] /usr/lib/x86_64-linux-gnu/libX11.so.6(XPending+0x57)[0x7f9c5f0007e7] x11vnc(+0x97060)[0x561294989060] x11vnc(+0xa1f95)[0x561294993f95] x11vnc(+0x6a77c)[0x56129495c77c] x11vnc(+0x13ae4)[0x561294905ae4] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7f9c5df762b1] x11vnc(+0x1cd7a)[0x56129490ed7a] === Memory map: 5612948f2000-561294a43000 r-xp 08:01 11633 /usr/bin/x11vnc 561294c42000-561294c43000 r--p 0015 08:01 11633 /usr/bin/x11vnc 561294c43000-561294c89000 rw-p 00151000 08:01 11633 /usr/bin/x11vnc 561294c89000-561294eca000 rw-p 00:00 0 561295aeb000-561295dbe000 rw-p 00:00 0 [heap] 7f9c59d1c000-7f9c59d32000 r-xp 08:01 5057 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f9c59d32000-7f9c59f31000 ---p 00016000 08:01 5057 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f9c59f31000-7f9c59f32000 r--p 00015000 08:01 5057 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f9c59f32000-7f9c59f33000 rw-p 00016000 08:01 5057 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f9c59f33000-7f9c59f38000 r-xp 08:01 10879 /lib/x86_64-linux-gnu/libnss_dns-2.24.so 7f9c59f38000-7f9c5a137000 ---p 5000 08:01 10879 /lib/x86_64-linux-gnu/libnss_dns-2.24.so 7f9c5a137000-7f9c5a138000 r--p 4000 08:01 10879 /lib/x86_64-linux-gnu/libnss_dns-2.24.so 7f9c5a138000-7f9c5a139000 rw-p 5000 08:01 10879 /lib/x86_64-linux-gnu/libnss_dns-2.24.so 7f9c5a139000-7f9c5a143000 r-xp 08:01 10880 /lib/x86_64-linux-gnu/libnss_files-2.24.so 7f9c5a143000-7f9c5a343000 ---p a000 08:01 10880 /lib/x86_64-linux-gnu/libnss_files-2.24.so 7f9c5a343000-7f9c5a344000 r--p a000 08:01 10880 /lib/x86_64-linux-gnu/libnss_files-2.24.so 7f9c5a344000-7f9c5a345000 rw-p b000 08:01 10880 /lib/x86_64-linux-gnu/libnss_files-2.24.so 7f9c5a345000-7f9c5a4cc000 rw-p 00:00 0 7f9c5a4cd000-7f9c5a64d000 rw-s 00:05 4489217 /SYSV (deleted) 7f9c5a64d000-7f9c5a94e000 rw-p 00:00 0 7f9c5a94e000-7f9c5a9c r-xp 08:01 2404 /lib/x86_64-linux-gnu/libpcre.so.3.13.3 7f9c5a9c-7f9c5abbf000 ---p 00072000 08:01 2404 /lib/x86_64-linux-gnu/libpcre.so.3.13.3 7f9c5abbf000-7f9c5abc r--p 00071000 08:01 2404 /lib/x86_64-linux-gnu/libpcre.so.3.13.3 7f9c5abc-7f9c5abc1000 rw-p 00072000 08:01 2404 /lib/x86_64-linux-gnu/libpcre.so.3.13.3 7f9c5abc1000-7f9c5abd2000 r-xp 08:01 3039 /usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1 7f9c5abd2000-7f9c5add1000 ---p 00011000 08:01 3039 /usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1 7f9c5add1000-7f9c5add2000 r--p 0001 08:01 3039 /usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1 7f9c5add2000-7f9c5add3000 rw-p 00011000 08:01 3039 /usr/lib/x86_64-linux-gnu/liblz4.so.1.7.1 7f9c5add3000-7f9c5adf8000 r-xp 08:01 2740 /lib/x86_64-linux-gnu/liblzma.so.5.2.2 7f9c5adf8000-7f9c5aff7000 ---p 00025000 08:01 2740 /lib/x86_64-linux-gnu/liblzma.so.5.2.2 7f9c5aff7000-7f9c5aff8000 r--p 00024000 08:01 2740 /lib/x86_64-linux-gnu/liblzma.so.5.2.2 7f9c5aff8000-7f9c5aff9000 rw-p 00025000 08:01 2740 /lib/x86_64-linux-gnu/liblzma.so.5.2.2 7f9c5aff9000-7f9c5b00 r-xp 08:01 10890 /lib/x86_64-linux-gnu/librt-2.24.so 7f9c5b00-7f9c5b1ff000 ---p 7000 08:01 10890 /lib/x86_64-linux-gnu/librt-2.24.so 7f9c5b1ff000-7f9c5b20 r--p 6000 08:01 10890 /lib/x86_64-linux-gnu/librt-2.24.so 7f9c5b20-7f9c5b201000 rw-p 7000 08:01 10890