[SRU] `xmms2 add --playlist ... ` causes a core dump
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
xmms2 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned | ||
Mantic |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[ Impact ]
xmms2 client cli will crash with a buffer overflow if the real path of the files is longer than 255 bytes.
The user will see:
*** buffer overflow detected ***: terminated
Aborted (core dumped)
[ Test Plan ]
* copy few mp3 files to a folder, I will use a folder named "testmp3"
* Use the following command to create a playlist
xmms2 playlist create testlist
* Try adding the mp3 files to the list:
xmms2 add --playlist testlist testmp3/*
If the package is not fixed it will crash, with the fixed package it will not crash and add it to the playlist.
[ Where problems could occur ]
* This patch has been accepted upstream and is only modifying the size of the local buffer where the path is stored. There is minimum chance of regression just for this patch.
[ Other Info ]
* There might be other parts of the code which are still using the old buffer size and might cause some other problem.
[ Original Bug Description ]
1) The release of Ubuntu you are using, via?
$ lsb_release -rd
No LSB modules are available.
Description: Ubuntu 23.04
Release: 23.04
2) The version of the package you are using, via?
$ apt-cache policy xmms2
xmms2:
Installed: 0.8+dfsg-22ubuntu6
Candidate: 0.8+dfsg-22ubuntu6
Version table:
*** 0.8+dfsg-22ubuntu6 500
500 http://
100 /var/lib/
3). I ran $ xmms2 add --playlist These+Same+Skies "/home/
I expected it to populate the playlist `These+Same+Skies` that I had already created withthe files in thee directory `/home/
4) it core dumped like so
$ xmms2 add --playlist These+Same+Skies "/home/
*** buffer overflow detected ***: terminated
Aborted (core dumped)
ProblemType: Bug
DistroRelease: Ubuntu 23.04
Package: xmms2 0.8+dfsg-22ubuntu6
ProcVersionSign
Uname: Linux 6.2.0-20-generic x86_64
ApportVersion: 2.26.1-0ubuntu2
Architecture: amd64
CasperMD5CheckR
CurrentDesktop: ubuntu:GNOME
Date: Thu May 4 16:11:01 2023
InstallationDate: Installed on 2023-04-21 (12 days ago)
InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Release amd64 (20221020)
SourcePackage: xmms2
UpgradeStatus: No upgrade log present (probably fresh install)
Changed in xmms2 (Ubuntu): | |
status: | Confirmed → In Progress |
Changed in xmms2 (Ubuntu Jammy): | |
status: | New → In Progress |
Changed in xmms2 (Ubuntu Mantic): | |
status: | New → In Progress |
Changed in xmms2 (Ubuntu): | |
status: | In Progress → Confirmed |
Changed in xmms2 (Ubuntu Jammy): | |
status: | In Progress → Confirmed |
Changed in xmms2 (Ubuntu Mantic): | |
status: | In Progress → Confirmed |
Status changed to 'Confirmed' because the bug affects multiple users.