[Bug 313820] [NEW] built source package crashes with buffer overflow
Steven Van Acker
deepstar+launchpad at singularity.be
Sun Jan 4 19:54:49 UTC 2009
Public bug reported:
Binary package hint: ircd-ratbox
Hi,
I'm trying to patch ircd-ratbox and use debuild to build the resulting
code into a package. When I do that, I get a buffer overflow for some
reason. So I tried just building the source package itself without any
patches, and the resulting binary also segfaults:
root at guest-laptop:/usr/src# /etc/init.d/ircd-ratbox start
* Starting ircd-ratbox ircd-ratbox [ OK ]
root at guest-laptop:/usr/src# *** buffer overflow detected ***: /usr/sbin/ircd-ratbox terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7fbd558]
/lib/tls/i686/cmov/libc.so.6[0xb7fbb680]
/lib/tls/i686/cmov/libc.so.6(__strcpy_chk+0x44)[0xb7fba944]
/usr/sbin/ircd-ratbox[0x8066be7]
/usr/sbin/ircd-ratbox(conf_call_set+0x31b)[0x8067bbb]
/usr/sbin/ircd-ratbox(yyparse+0x718)[0x807c9b8]
/usr/sbin/ircd-ratbox(read_conf_files+0x529)[0x806e439]
/usr/sbin/ircd-ratbox(main+0x453)[0x805f323]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7ed9685]
/usr/sbin/ircd-ratbox[0x8051a01]
This is on Ubuntu Server 8.10, ircd-ratbox 2.2.8.dfsg, built and installed like so:
cd /usr/src
apt-get source ircd-ratbox
cd ircd-ratbox-2.2.8.dfsg/
debuild -us -uc
cd ..
dpkg -i ./ircd-ratbox_2.2.8.dfsg-2_i386.deb
When I install ircd-ratbox with apt-get directly, it doesn't crash. Was
it built using a different process?
kind regards,
-- Steven
root at guest-laptop:/usr/src# lsb_release -rd
Description: Ubuntu 8.10
Release: 8.10
root at guest-laptop:/usr/src# apt-cache policy ircd-ratbox
ircd-ratbox:
Installed: 2.2.8.dfsg-2
Candidate: 2.2.8.dfsg-2
Version table:
2.2.8.dfsg-2 0
500 http://us.archive.ubuntu.com intrepid/universe Packages
*** 2.2.8.dfsg-2 0
100 /var/lib/dpkg/status
** Affects: ircd-ratbox (Ubuntu)
Importance: Undecided
Status: New
--
built source package crashes with buffer overflow
https://bugs.launchpad.net/bugs/313820
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list