[Bug 313820] [NEW] built source package crashes with buffer overflow

Steven Van Acker deepstar+launchpad at singularity.be
Sun Jan 4 19:54:49 UTC 2009 

Public bug reported:

Binary package hint: ircd-ratbox

Hi,

I'm trying to patch ircd-ratbox and use debuild to build the resulting
code into a package. When I do that, I get a buffer overflow for some
reason. So I tried just building the source package itself without any
patches, and the resulting binary also segfaults:

root at guest-laptop:/usr/src# /etc/init.d/ircd-ratbox start
 * Starting ircd-ratbox ircd-ratbox                                                                                                                   [ OK ] 
root at guest-laptop:/usr/src# *** buffer overflow detected ***: /usr/sbin/ircd-ratbox terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7fbd558]
/lib/tls/i686/cmov/libc.so.6[0xb7fbb680]
/lib/tls/i686/cmov/libc.so.6(__strcpy_chk+0x44)[0xb7fba944]
/usr/sbin/ircd-ratbox[0x8066be7]
/usr/sbin/ircd-ratbox(conf_call_set+0x31b)[0x8067bbb]
/usr/sbin/ircd-ratbox(yyparse+0x718)[0x807c9b8]
/usr/sbin/ircd-ratbox(read_conf_files+0x529)[0x806e439]
/usr/sbin/ircd-ratbox(main+0x453)[0x805f323]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7ed9685]
/usr/sbin/ircd-ratbox[0x8051a01]


This is on Ubuntu Server 8.10, ircd-ratbox 2.2.8.dfsg, built and installed like so:

cd /usr/src
apt-get source ircd-ratbox
cd ircd-ratbox-2.2.8.dfsg/
debuild -us -uc
cd ..
dpkg -i ./ircd-ratbox_2.2.8.dfsg-2_i386.deb

When I install ircd-ratbox with apt-get directly, it doesn't crash. Was
it built using a different process?

kind regards,
-- Steven

root at guest-laptop:/usr/src# lsb_release -rd
Description:	Ubuntu 8.10
Release:	8.10

root at guest-laptop:/usr/src# apt-cache policy ircd-ratbox
ircd-ratbox:
  Installed: 2.2.8.dfsg-2
  Candidate: 2.2.8.dfsg-2
  Version table:
     2.2.8.dfsg-2 0
        500 http://us.archive.ubuntu.com intrepid/universe Packages
 *** 2.2.8.dfsg-2 0
        100 /var/lib/dpkg/status

** Affects: ircd-ratbox (Ubuntu)
     Importance: Undecided
         Status: New

-- 
built source package crashes with buffer overflow
https://bugs.launchpad.net/bugs/313820
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

More information about the universe-bugs mailing list