** Description changed: - ---Problem Description--- - lftp: buffer overflow detected when accessing z/VM FTP server and changing the directory - - ---uname output--- - Linux lnxzvmd1 6.11.0-9-generic #9-Ubuntu SMP Mon Oct 14 12:18:15 UTC 2024 s390x s390x s390x GNU/Linux - - ---Steps to Reproduce--- - 1. Connect with lftp to z/VM FTP server: + [ Impact ] + + lftp: buffer overflow detected when accessing z/VM FTP server and + changing the working directory with `cd` + + + [ Test Plan ] + + 1. Connect with lftp to z/VM FTP server + Machine Type = IBM/S390 3906 lftp -u hartmafk gdlvm7.pok.ibm.com 2. Validate correct connection: ls > BOOKM FILE V 65 9 1 2016-08-10 04:45:31 HAR191 > CPFMTXA EXCORIG V 63 711 7 2005-10-10 07:52:28 HAR191 > CPFMTXA EXEC V 63 711 7 2005-10-10 07:52:28 HAR191 > CPFMTXA MODORIG V 96 3 1 2005-10-14 09:30:44 HAR191 > CPFMTXA MODULE V 96 3 1 2005-10-14 09:30:44 HAR191 > CRUISE LASTCMDS V 88 53 1 2024-12-04 09:28:24 HAR191 > DDOPTS OPTIONS V 58 1 1 2002-12-03 16:26:24 HAR191 3. Change directory to SFS directory or minidisk: cd HARTMAFK.191 + + without the fix, observe a crash: *** buffer overflow detected ***: terminated Aborted + with the fix, happily be in the new directory. - - Machine Type = IBM/S390 3906 - + + [ Where problems could occur ] + + * The fix allocates 2 more bytes of memory, so in a constrained + environment this could exhaust the available space and crash during + allocation. + + [ Other Info ] + + ---uname output--- + Linux lnxzvmd1 6.11.0-9-generic #9-Ubuntu SMP Mon Oct 14 12:18:15 UTC 2024 s390x s390x s390x GNU/Linux + + ---Debugger--- A debugger is not configured - - Contact Information = [email protected] - - Userspace tool common name: lftp - - The userspace tool has the following bit modes: 64 + + Contact Information = [email protected] + + Userspace tool common name: lftp + + The userspace tool has the following bit modes: 64 Userspace rpm: lftp - Userspace tool obtained from project website: 4.9.2-3ubuntu1 - - *Additional Instructions for [email protected]: + Userspace tool obtained from project website: 4.9.2-3ubuntu1 + + *Additional Instructions for [email protected]: -Post a private note with access information to the machine that the bug is occuring on. -Attach ltrace and strace of userspace application. =============================================================================== This issue can only be reproduced when lftp is compiled without debug option. I was able to reproduce this issue with a self compiled lftp 4.9.3 on s390x with the default build and with a plain ./configure, I was NOT able to reproduce this issue with ./configure --with-debug
** Summary changed: - [UBUNTU 24.10] lftp: buffer overflow detected when accessing z/VM FTP server and changing the directory + changing the working directory on z/VM causes buffer overflow -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091440 Title: changing the working directory on z/VM causes buffer overflow To manage notifications about this bug go to: https://bugs.launchpad.net/lftp/+bug/2091440/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
