Ubuntu
ecere-sdk package

[SRU] The eC compiler and IDE crashed on buffer overflows

Bug #1107864 reported by Jerome St-Louis
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ecere-sdk (Ubuntu)
Fix Released
Undecided
Jerome St-Louis
Quantal
Won't Fix
Medium
Unassigned

Bug Description

The eC compiler and IDE crashed on buffer overflows.
These included:
   - The GCC command for preprocessing in ecp and ecc
   - The communication with integrated GDB
   - Opening in the Code Editor a file specifying a text property containing a long string of text
   - Using a very long set of command line arguments (Project Settings/Workspace), when writing to the workspace file

[Test Case]
   - Build the HelloWorld sample in debug config (so as to produce the symbols)
     Then in a shell run ecc with a lot of arguments to be passed down to GCC for processing:

jerome@quantal:~/sdk/samples/eC/HelloWorld$ ecc -c HelloWorld.ec -o obj/debug.linux/HelloWorld.c -symbols obj/debug.linux/ -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument -Isomeveryveryveryveryveryveryveryveryveryveryveryveryverylongargument

*** stack smashing detected ***: ecc terminated
Aborted (core dumped)

   - Cause a long (>1024 chars) GDB command to be issued (Set a long set of command line arguments in Project Settings/Workspace)

   - Open up ide/src/about.ec in the IDE:

jerome@quantal:~/sdk$ ide ide/src/about.ec
*** stack smashing detected ***: ide terminated
Aborted (core dumped)

   - Set up a very long set of command line arguments (Project Settings/Workspace)

[Regression Potential]
Since the size for these buffers have either been increased and passed along to snprintf/vsnprintf, or they have been replaced by dynamic buffer, things should work better. Unless a mistake was inadvertently made, nothing should break.

See original description
Jerome St-Louis (jerstlouis)
Changed in ecere-sdk (Ubuntu):
assignee: nobody → Jerome St-Louis (jerstlouis)
Jerome St-Louis (jerstlouis)
Changed in ecere-sdk (Ubuntu):
status: New → Confirmed
Jerome St-Louis (jerstlouis)
description: updated
Jerome St-Louis (jerstlouis)
description: updated
Jerome St-Louis (jerstlouis)
description: updated
description: updated
Dimitri John Ledkov (xnox)
Changed in ecere-sdk (Ubuntu):
status: Confirmed → Fix Committed
Changed in ecere-sdk (Ubuntu Quantal):
status: New → Confirmed
Changed in ecere-sdk (Ubuntu):
status: Fix Committed → Fix Released
Changed in ecere-sdk (Ubuntu Quantal):
importance: Undecided → Medium
Revision history for this message
Jerome St-Louis (jerstlouis) wrote :

Fixed by http://bazaar.launchpad.net/~jerstlouis/ecere/quantal_sru/revision/810

.debdiff can be found in bug https://bugs.launchpad.net/ubuntu/+source/ecere-sdk/+bug/1107774

Revision history for this message
Rolf Leggewie (r0lf) wrote :

quantal has seen the end of its life and is no longer receiving any updates. Marking the quantal task for this ticket as "Won't Fix".

Changed in ecere-sdk (Ubuntu Quantal):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.