[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
** Also affects: libgcrypt11 (Ubuntu Karmic) Importance: Medium Status: Triaged -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing on VIA chipsets
** Summary changed: - libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing + libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing on VIA chipsets -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing on VIA chipsets https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing on VIA chipsets
This bug was fixed in the package libgcrypt11 - 1.4.4-2ubuntu2 --- libgcrypt11 (1.4.4-2ubuntu2) karmic; urgency=low * Fix stack smashing on VIA processors with Padlock RNG (patch by Tomas Mraz of Red Hat; thanks to Roberto Rosario for the archaeology; LP: #389053). -- Colin Watson cjwat...@ubuntu.com Thu, 02 Jul 2009 11:34:18 +0100 ** Changed in: libgcrypt11 (Ubuntu Karmic) Status: Triaged = Fix Released -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing on VIA chipsets https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
I have a Sylvania Gnetbook with a VIA C7-M CPU and can confirm it's the via-rng module, however once loaded, further unloading the module does not make the problem go away. As per the changelog, libgcrypt added something dealing with RNGs between versions 1.4.1 and 1.4.2rc1: 2008-07-05 Werner Koch w...@g10code.com * random/: New. * Makefile.am (DIST_SUBDIRS): Add random. * configure.ac (AC_CONFIG_FILES): Add random/Makefile. the file random/rndhw.c contains Padlock specific code and the failing function - poll_padlock() -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
Documented for Redhat, fix submitted for Fedora 11, maybe a solution can be found examining their patch. https://bugzilla.redhat.com/show_bug.cgi?id=505724 Fixes fatal crash on VIA processors with Padlock RNG. https://admin.fedoraproject.org/updates/libgcrypt-1.4.4-6.fc11 ** Bug watch added: Red Hat Bugzilla #505724 https://bugzilla.redhat.com/show_bug.cgi?id=505724 -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
patch extracted from redhat/fedora source rpm: libgcrypt-1.4.4-6.fc12.i586 * Thu Jun 18 2009 Tomas Mraz tm...@redhat.com 1.4.4-6 - and now really apply the padlock patch * Wed Jun 17 2009 Tomas Mraz tm...@redhat.com 1.4.4-5 - fix VIA padlock RNG inline assembly call (#505724) Applies cleanly to ubuntu source package libgcrypt11-1.4.4-2ubuntu1 ** Attachment added: libgcrypt-1.4.4-padlock.patch http://launchpadlibrarian.net/28525098/libgcrypt-1.4.4-padlock.patch -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
** Tags added: regression-potential ** Changed in: libgcrypt11 (Ubuntu) Importance: Undecided = Medium ** Changed in: libgcrypt11 (Ubuntu) Status: Confirmed = Triaged -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
** Tags added: metabug -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
** Tags removed: metabug -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
I cannot reproduce this. Do you have any special subversion (or gcrypt) configurations? On a karmic chroot, this checkout works for me without crashing. ** Changed in: libgcrypt11 (Ubuntu) Status: New = Incomplete -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
I do not have any special configurations that I am aware of. Is there anything you would like me to attach? BTW, this seems to have been the cause of the following bug. There might be info there that make sense to you. https://bugs.launchpad.net/bugs/335898 The only thing special that I can think of is that I have a VIA C7 cpu with the Padlock hardware RNG. I don't know if that makes a difference. -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
On Thu, Jun 18, 2009 at 08:38:12PM -, justinchudgar wrote: I do not have any special configurations that I am aware of. Is there anything you would like me to attach? Can you do the following: cd /tmp ulimit -c unlimited svn co (the command that crashes) bzip2 -9 core and then attach that core file? https://bugs.launchpad.net/bugs/335898 Yeah, this bug came to my attention via that bug. :) The only thing special that I can think of is that I have a VIA C7 cpu with the Padlock hardware RNG. I don't know if that makes a difference. Hm, it's possible, but seems weird that libgcrypt11 would be touching that device. Thanks! -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
As requested... the core dump. ** Attachment added: core.bz2 http://launchpadlibrarian.net/28076973/core.bz2 -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
On Thu, Jun 18, 2009 at 10:10:51PM -, justinchudgar wrote: As requested... the core dump. Thanks! And, heh, I think we have a culprit: #6 0x0033b4a4 in __stack_chk_fail_local () from /lib/libgcrypt.so.11 #7 0x00332d14 in poll_padlock (add=value optimized out, origin=value optimized out, fast=0) at rndhw.c:95 -- Kees Cook Ubuntu Security Team ** Changed in: libgcrypt11 (Ubuntu) Status: Incomplete = Confirmed -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
Y'know... I'm really starting to hate VIA right now. The openchrome driver somehow stomps on the bcmwl driver, so I try to build the subversion version of openchrome... to find out that the padlock driver stomps on libgcrypt11. Oh, well. Thanks for finding that so quickly. -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 389053] Re: libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing
As one would expect, removing viarng from /etc/modules means that libgcrypt11 and its dependencies like svn and cupsd work. Since this is a regression, it would be nice to find a fix, but the work-around is not that painful. It will catch anyone with VIA hardware by surprise during the karmic upgrade, though. -- libgcrypt11 version 1.4.4-2ubuntu1 causes stack smashing https://bugs.launchpad.net/bugs/389053 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs