Package: gnuchess
Version: 6.2.5-1
Trying to pinpoint a problem I have driving gnuchess from another program, I
stumbled on this:
$ printf "xboard\n" | gnuchess -x
Chess
*** buffer overflow detected ***: gnuchess terminated
Aborted (core dumped)
$ gdb gnuchess ./core
GNU gdb (Debian 9.2-1) 9.2
...
Reading symbols from gnuchess...
Reading symbols from
/usr/lib/debug/.build-id/38/08b38668f2dc7a592f79338e964d9bc2438872.debug...
[New LWP 3348306]
[New LWP 3348307]
[New LWP 3348309]
[New LWP 3348308]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `gnuchess -x'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
[Current thread is 1 (Thread 0x7f7969611740 (LWP 3348306))]
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007f796963b55b in __GI_abort () at abort.c:79
#2 0x00007f7969694038 in __libc_message (action=<optimized out>,
fmt=fmt@entry=0x7f79697a0d32 "*** %s ***: %s terminated\n") at
../sysdeps/posix/libc_fatal.c:181
#3 0x00007f7969722d7d in __GI___fortify_fail_abort
(need_backtrace=need_backtrace@entry=true, msg=msg@entry=0x7f79697a0cbe "buffer
overflow detected") at fortify_fail.c:28
#4 0x00007f7969722db1 in __GI___fortify_fail (msg=msg@entry=0x7f79697a0cbe
"buffer overflow detected") at fortify_fail.c:44
#5 0x00007f7969721750 in __GI___chk_fail () at chk_fail.c:28
#6 0x00007f7969720f85 in __stpcpy_chk (dest=0x55e45e4678a0 <userinputbuf> "",
src=src@entry=0x7ffe62215000
"xboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboa"...,
destlen=destlen@entry=4096) at stpcpy_chk.c:31
#7 0x000055e45e16aa25 in strcat (
__src=0x7ffe62215000
"xboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboard\nxboa"...,
__dest=0x55e45e4678a0 <userinputbuf> "") at
/usr/include/x86_64-linux-gnu/bits/string3.h:148
#8 ReadFromUser () at engine.cc:189
#9 0x000055e45e15d907 in main (argc=<optimized out>, argv=<optimized out>) at
main.cc:513
Note that the binary we shipped in jessie, when run on current testing,
perfectly reacts to
even:
$ printf "xboard\nprotover 2\n" | /srv/chroot/jessie/usr/games/gnuchess -x
Chess
TimeLimit[0] = 0
TimeLimit[1] = 0
TimeLimit[0] = 0
TimeLimit[1] = 0
feature done=0
feature analyze=1
feature colors=0
feature draw=1
feature ics=1
feature myname="GNU Chess"
feature name=1
feature pause=0
feature ping=1
feature playother=1
feature reuse=1
feature san=0
feature setboard=1
feature sigint=0
feature sigterm=0
feature time=1
feature usermove=1
feature variants="normal"
feature done=1
^C
Could it have any link with #936023 ?
