[Bug 1821528] [NEW] libedit applications segfault when passed long strings

Tasos Sahanidis tasos at tasossah.com
Sun Mar 24 14:52:38 UTC 2019 

Public bug reported:

Applications using libedit to process user input segfault on Ubuntu
19.04 when they are passed a long input string. The issue can easily be
reproduced with the example programs bundled with the library.

The issue has been fixed in upstream NetBSD by this diff
https://github.com/IIJ-NetBSD/netbsd-
src/commit/2a926170e92dc4ab635b3c94c1e1bbbcc7f9494c , however the latest
Linux port release (libedit-20181209-3.1.tar.gz) does not contain this
fix.

Applying it manually does indeed correct the issue, and the affected
applications no longer crash.

I have contacted the Linux port maintainer and I am awaiting for a
response, however I would like to see this fixed in disco.

Cosmic and older are not affected.

I have attached a log demonstrating a crash, compiled with
AddressSanitizer.

** Affects: libedit (Ubuntu)
     Importance: Undecided
         Status: New

** Attachment added: "libedit_asan.txt"
   https://bugs.launchpad.net/bugs/1821528/+attachment/5249080/+files/libedit_asan.txt

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libedit in Ubuntu.
https://bugs.launchpad.net/bugs/1821528

Title:
  libedit applications segfault when passed long strings

Status in libedit package in Ubuntu:
  New

Bug description:
  Applications using libedit to process user input segfault on Ubuntu
  19.04 when they are passed a long input string. The issue can easily
  be reproduced with the example programs bundled with the library.

  The issue has been fixed in upstream NetBSD by this diff
  https://github.com/IIJ-NetBSD/netbsd-
  src/commit/2a926170e92dc4ab635b3c94c1e1bbbcc7f9494c , however the
  latest Linux port release (libedit-20181209-3.1.tar.gz) does not
  contain this fix.

  Applying it manually does indeed correct the issue, and the affected
  applications no longer crash.

  I have contacted the Linux port maintainer and I am awaiting for a
  response, however I would like to see this fixed in disco.

  Cosmic and older are not affected.

  I have attached a log demonstrating a crash, compiled with
  AddressSanitizer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libedit/+bug/1821528/+subscriptions

More information about the foundations-bugs mailing list