subject:"Bug#962627\: eboard\: playing against crafty causes \"\*\*\* buffer overflow detected \*\*\*\: eboard terminated\""

Bug#962627: eboard: playing against crafty causes "* buffer overflow detected *: eboard terminated"

2020-09-04 Thread Bernhard Übelacker

Dear Maintainer,
this buffer is caused by a variable of length 256 being
snprintf'ed to with a length of 512.

This got fixed upstream in [1] and was also reported here [2].

This issue is visible in the build log [3] with this warning:
  at proto_xboard.cc:1086:13:
  ... specified bound 512 exceeds destination size 256 ...

There is another location in the build log with a similar warning:
  at util.cc:785:15:
  ...specified bound 1024 exceeds destination size 280 ...

Kind regards,
Bernhard


[1] 
https://github.com/fbergo/eboard/commit/ed33049aff2cefd7508bcda8ab738b8ec871c948

[2] https://bugs.launchpad.net/ubuntu/+source/eboard/+bug/1306419

[3] 
https://buildd.debian.org/status/fetch.php?pkg=eboard=amd64=1.1.3-0.3=1558101455=0


(rr) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x7fd306ea0537 in __GI_abort () at abort.c:79
#2  0x7fd306ef9828 in __libc_message (action=action@entry=do_abort, 
fmt=fmt@entry=0x7fd307007c28 "*** %s ***: terminated\n") at 
../sysdeps/posix/libc_fatal.c:155
#3  0x7fd306f88712 in __GI___fortify_fail (msg=msg@entry=0x7fd307007bbe 
"buffer overflow detected") at fortify_fail.c:26
#4  0x7fd306f87110 in __GI___chk_fail () at chk_fail.c:28
#5  0x7fd306f86d45 in ___snprintf_chk (s=s@entry=0x557098bb5664 
"~/.eboard/eng-out", maxlen=maxlen@entry=512, flag=flag@entry=1, 
slen=slen@entry=256, format=format@entry=0x557097beb6bc "%s/.eboard/craftylog") 
at snprintf_chk.c:29
#6  0x557097bd3a8c in snprintf (__fmt=0x557097beb6bc 
"%s/.eboard/craftylog", __n=512, __s=0x557098bb5664 "~/.eboard/eng-out") at 
/usr/include/x86_64-linux-gnu/bits/stdio2.h:67
#7  CraftyProtocol::readDialog() (this=0x557098bb5410) at proto_xboard.cc:1086
#8  0x557097bd3780 in XBoardProtocol::run() (this=0x557098bb5410) at 
proto_xboard.cc:450
...


# Bullseye/testing amd64 qemu VM 2020-09-04


apt update
apt dist-upgrade


apt install systemd-coredump lightdm xserver-xorg openbox xterm ccache cmake 
make g++-multilib gdb pkg-config coreutils python3-pexpect manpages-dev git 
ninja-build capnproto libcapnp-dev fakeroot mc gdb eboard eboard-dbgsym 
libgtk2.0-0-dbgsym libglib2.0-0-dbgsym
apt build-dep eboard

reboot

echo 1 > /proc/sys/kernel/perf_event_paranoid



mkdir /home/benutzer/source/rr/git -p
cd/home/benutzer/source/rr/git
git clone https://github.com/mozilla/rr.git
cd

cd /home/benutzer/source/rr/git/
mkdir obj && cd obj
cmake ../rr
make -j4



mkdir /home/benutzer/source/eboard/orig -p
cd/home/benutzer/source/eboard/orig
apt source eboard
cd







export DISPLAY=:0
/home/benutzer/source/rr/git/obj/bin/rr eboard

/home/benutzer/source/rr/git/obj/bin/rr replay 
/home/benutzer/.local/share/rr/eboard-1

set width 0
set pagination off
directory /home/benutzer/source/eboard/orig/eboard-1.1.3
cont





benutzer@debian:~$ /home/benutzer/source/rr/git/obj/bin/rr eboard
rr: Saving execution to trace directory 
`/home/benutzer/.local/share/rr/eboard-1'.
*** buffer overflow detected ***: terminated
Abgebrochen





benutzer@debian:~$ /home/benutzer/source/rr/git/obj/bin/rr replay 
/home/benutzer/.local/share/rr/eboard-1
...
(rr) cont
Continuing.
*** buffer overflow detected ***: terminated

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50  ../sysdeps/unix/sysv/linux/raise.c: Datei oder Verzeichnis nicht 
gefunden.
(rr) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x7fd306ea0537 in __GI_abort () at abort.c:79
#2  0x7fd306ef9828 in __libc_message (action=action@entry=do_abort, 
fmt=fmt@entry=0x7fd307007c28 "*** %s ***: terminated\n") at 
../sysdeps/posix/libc_fatal.c:155
#3  0x7fd306f88712 in __GI___fortify_fail (msg=msg@entry=0x7fd307007bbe 
"buffer overflow detected") at fortify_fail.c:26
#4  0x7fd306f87110 in __GI___chk_fail () at chk_fail.c:28
#5  0x7fd306f86d45 in ___snprintf_chk (s=, maxlen=, flag=, slen=, format=) at 
snprintf_chk.c:29
#6  0x557097bd3a8c in ?? ()
#7  0x557097bd3780 in ?? ()
#8  0x557097bab471 in ?? ()
#9  0x7fd3074a6fd2 in g_closure_invoke () from 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#10 0x7fd3074ba784 in ?? () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#11 0x7fd3074c554f in g_signal_emit_valist () from 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#12 0x7fd3074c5edf in g_signal_emit () from 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#13 0x7fd307e5e7ba in gtk_widget_activate () from 
/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
#14 0x7fd307d59eed in gtk_menu_shell_activate_item () from 
/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
#15 0x7fd307d5a1b9 in ?? () from /lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
#16 0x7fd307d47a8b in ?? () from /lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
#17 0x7fd3074a6fd2 in g_closure_invoke () from 
/lib/x86_64-linux-gnu/libgobject-2.0.so.0
#18 0x7fd3074b9f06 in ?? () from /lib/x86_64-linux-gnu/libgobject-2.0.so.0
#19

Bug#962627: eboard: playing against crafty causes "* buffer overflow detected *: eboard terminated"

2020-06-10 Thread Eric Cooper

Package: eboard
Version: 1.1.3-0.3
Severity: normal

Newly installed crafty and eboard.

Whan I run eboard, and choose Peer > Play against engine > Crafty > OK (all 
default
options), I get this message:

*** buffer overflow detected ***: eboard terminated
Aborted

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing'), (400, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.6.0-2-amd64 (SMP w/32 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages eboard depends on:
ii  libatk1.0-0  2.36.0-2
ii  libc62.30-8
ii  libcairo21.16.0-4
ii  libfontconfig1   2.13.1-4.2
ii  libfreetype6 2.10.1-2
ii  libgcc-s1 [libgcc1]  10.1.0-3
ii  libgdk-pixbuf2.0-0   2.40.0+dfsg-4
ii  libglib2.0-0 2.64.3-1
ii  libgstreamer1.0-01.16.2-2
ii  libgtk2.0-0  2.24.32-4
ii  libpango-1.0-0   1.44.7-4
ii  libpangocairo-1.0-0  1.44.7-4
ii  libpangoft2-1.0-01.44.7-4
ii  libpng16-16  1.6.37-2
ii  libstdc++6   10.1.0-3
ii  zlib1g   1:1.2.11.dfsg-2

Versions of packages eboard recommends:
ii  xfonts-75dpi  1:1.0.4+nmu1

Versions of packages eboard suggests:
ii  crafty  23.4-7

-- no debconf information

Bug#962627: eboard: playing against crafty causes "* buffer overflow detected *: eboard terminated"

Bug#962627: eboard: playing against crafty causes "* buffer overflow detected *: eboard terminated"

2 matches

Site Navigation

Mail list logo

Footer information

Bug#962627: eboard: playing against crafty causes "*** buffer overflow detected ***: eboard terminated"

Bug#962627: eboard: playing against crafty causes "*** buffer overflow detected ***: eboard terminated"

2 matches

Mail list logo

Bug#962627: eboard: playing against crafty causes "* buffer overflow detected *: eboard terminated"

Bug#962627: eboard: playing against crafty causes "* buffer overflow detected *: eboard terminated"