I tested this and the bug still exists where lockfile-create segfaults with a long hostname. The problem here is the 23 characters allowed for the system name is still not sufficient. gethostname() can return a hostname up to 256 characters long.
on precise with liblockfile-bin 1.09-3ubuntu0.1 installed: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ root@areallylonghostnamethatshouldbreakeverything:~# lockfile-create /var/lock/ntpdate *** glibc detected *** lockfile-create: free(): invalid next size (fast): 0x000000000128f0a0 *** Segmentation fault (core dumped) from the patch: ~~~~~~~~~~~~ #define TMPLOCKSTR ".lk" #define TMPLOCKSTRSZ strlen(TMPLOCKSTR) +#define TMPLOCKPIDSZ 5 #define TMPLOCKTIMESZ 1 #define TMPLOCKSYSNAMESZ 23 #define TMPLOCKFILENAMESZ (TMPLOCKSTRSZ + TMPLOCKPIDSZ + \ TMPLOCKTIMESZ + TMPLOCKSYSNAMESZ) TMPLOCKSYSNAMESZ needs to be much larger than 23. This should actually be the same as the size of sysname which in this case is 256. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/941968 Title: lockfile-create hangs inside lxc containers (potential buffer overflow?) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/liblockfile/+bug/941968/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs