Ubuntu
pcp package

pmcd buffer overflows in cpu_name in pmda_linux.so on quadcore cpu in jaunty

Bug #384776 reported by Samuel Kleiner
264
This bug affects 2 people
Affects Status Importance Assigned to Milestone
pcp (Ubuntu)
Fix Released
Undecided
Unassigned
Nominated for Jaunty by Fail2Ban

Bug Description

Binary package hint: pcp

Steps to reproduce

1. apt-get install pcp (version 2.7.8-20081205 is installed on jaunty)
2. /etc/init.d/pcp start
3. more /var/log/pcp/pmcd/pmcd.log

Expected result:

No backtrace

Actual result:

*** buffer overflow detected ***: /usr/lib/pcp/bin/pmcd terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7f8737b8a2c7]
/lib/libc.so.6[0x7f8737b88170]
/lib/libc.so.6[0x7f8737b8882b]
/var/lib/pcp/pmdas/linux/pmda_linux.so(cpu_name+0x1d9)[0x7f873746ae69]
/var/lib/pcp/pmdas/linux/pmda_linux.so(refresh_proc_stat+0x870)[0x7f8737464180]
/var/lib/pcp/pmdas/linux/pmda_linux.so[0x7f873745f5b2]
/var/lib/pcp/pmdas/linux/pmda_linux.so(linux_init+0x21b)[0x7f873745fa7b]
/usr/lib/pcp/bin/pmcd[0x408e84]
/usr/lib/pcp/bin/pmcd(ParseInitAgents+0x6ad)[0x40981d]
/usr/lib/pcp/bin/pmcd(main+0xa23)[0x405f13]
/lib/libc.so.6(__libc_start_main+0xe6)[0x7f8737aa95a6]
/usr/lib/pcp/bin/pmcd[0x4046a9]
======= Memory map: ========
00400000-00414000 r-xp 00000000 08:06 137882307 /usr/lib/pcp/bin/pmcd
00613000-00614000 r--p 00013000 08:06 137882307 /usr/lib/pcp/bin/pmcd
00614000-00615000 rw-p 00014000 08:06 137882307 /usr/lib/pcp/bin/pmcd
00615000-00616000 rw-p 00615000 00:00 0
01ed6000-01ef7000 rw-p 01ed6000 00:00 0 [heap]
7f8737025000-7f873703b000 r-xp 00000000 08:06 463 /lib/libgcc_s.so.1
7f873703b000-7f873723b000 ---p 00016000 08:06 463 /lib/libgcc_s.so.1
7f873723b000-7f873723c000 r--p 00016000 08:06 463 /lib/libgcc_s.so.1
7f873723c000-7f873723d000 rw-p 00017000 08:06 463 /lib/libgcc_s.so.1
7f873723d000-7f8737254000 r-xp 00000000 08:06 2481 /lib/libpthread-2.9.so
7f8737254000-7f8737453000 ---p 00017000 08:06 2481 /lib/libpthread-2.9.so
7f8737453000-7f8737454000 r--p 00016000 08:06 2481 /lib/libpthread-2.9.so
7f8737454000-7f8737455000 rw-p 00017000 08:06 2481 /lib/libpthread-2.9.so
7f8737455000-7f8737459000 rw-p 7f8737455000 00:00 0
7f8737459000-7f8737470000 r-xp 00000000 08:06 2141686 /var/lib/pcp/pmdas/linux/pmda_linux.so
7f8737470000-7f8737670000 ---p 00017000 08:06 2141686 /var/lib/pcp/pmdas/linux/pmda_linux.so
7f8737670000-7f8737671000 r--p 00017000 08:06 2141686 /var/lib/pcp/pmdas/linux/pmda_linux.so
7f8737671000-7f8737677000 rw-p 00018000 08:06 2141686 /var/lib/pcp/pmdas/linux/pmda_linux.so
7f8737677000-7f8737679000 rw-p 7f8737677000 00:00 0
7f8737679000-7f8737683000 r-xp 00000000 08:06 404155733 /usr/lib/libpcp_pmda.so.3
7f8737683000-7f8737882000 ---p 0000a000 08:06 404155733 /usr/lib/libpcp_pmda.so.3
7f8737882000-7f8737883000 r--p 00009000 08:06 404155733 /usr/lib/libpcp_pmda.so.3
7f8737883000-7f8737884000 rw-p 0000a000 08:06 404155733 /usr/lib/libpcp_pmda.so.3
7f8737884000-7f8737885000 rw-p 7f8737884000 00:00 0
7f8737885000-7f873788a000 r-xp 00000000 08:06 404149258 /var/lib/pcp/pmdas/pmcd/pmda_pmcd.so
7f873788a000-7f8737a89000 ---p 00005000 08:06 404149258 /var/lib/pcp/pmdas/pmcd/pmda_pmcd.so
7f8737a89000-7f8737a8a000 r--p 00004000 08:06 404149258 /var/lib/pcp/pmdas/pmcd/pmda_pmcd.so
7f8737a8a000-7f8737a8b000 rw-p 00005000 08:06 404149258 /var/lib/pcp/pmdas/pmcd/pmda_pmcd.so
7f8737a8b000-7f8737bf3000 r-xp 00000000 08:06 650 /lib/libc-2.9.so
7f8737bf3000-7f8737df3000 ---p 00168000 08:06 650 /lib/libc-2.9.so
7f8737df3000-7f8737df7000 r--p 00168000 08:06 650 /lib/libc-2.9.so
7f8737df7000-7f8737df8000 rw-p 0016c000 08:06 650 /lib/libc-2.9.so
7f8737df8000-7f8737dfd000 rw-p 7f8737df8000 00:00 0
7f8737dfd000-7f8737dff000 r-xp 00000000 08:06 653 /lib/libdl-2.9.so
7f8737dff000-7f8737fff000 ---p 00002000 08:06 653 /lib/libdl-2.9.so
7f8737fff000-7f8738000000 r--p 00002000 08:06 653 /lib/libdl-2.9.so
7f8738000000-7f8738001000 rw-p 00003000 08:06 653 /lib/libdl-2.9.so
7f8738001000-7f8738037000 r-xp 00000000 08:06 404150714 /usr/lib/libpcp.so.3
7f8738037000-7f8738237000 ---p 00036000 08:06 404150714 /usr/lib/libpcp.so.3
7f8738237000-7f8738238000 r--p 00036000 08:06 404150714 /usr/lib/libpcp.so.3
7f8738238000-7f8738239000 rw-p 00037000 08:06 404150714 /usr/lib/libpcp.so.3
7f8738239000-7f873823b000 rw-p 7f8738239000 00:00 0
7f873823b000-7f873825b000 r-xp 00000000 08:06 644 /lib/ld-2.9.so
7f8738438000-7f873844b000 r--p 00000000 08:06 2141685 /var/lib/pcp/pmdas/linux/help.pag
7f873844b000-7f873844d000 r--p 00000000 08:06 2141684 /var/lib/pcp/pmdas/linux/help.dir
7f873844d000-7f873844f000 rw-p 7f873844d000 00:00 0
7f8738450000-7f8738455000 r--p 00000000 08:06 404149260 /var/lib/pcp/pmdas/pmcd/help.pag
7f8738455000-7f8738456000 r--p 00000000 08:06 404149259 /var/lib/pcp/pmdas/pmcd/help.dir
7f8738456000-7f873845a000 rw-p 7f8738456000 00:00 0
7f873845a000-7f873845b000 r--p 0001f000 08:06 644 /lib/ld-2.9.so
7f873845b000-7f873845c000 rw-p 00020000 08:06 644 /lib/ld-2.9.so
7fff40446000-7fff4045b000 rw-p 7ffffffea000 00:00 0 [stack]
7fff405fe000-7fff405ff000 r-xp 7fff405fe000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]

If pmda_linux.so is commented out of /etc/pmcd/pmcd.conf it works.

Tested on Xeon Q9550 and Q5140, fails on both.

Revision history for this message
Nathan Scott (nathans) wrote :

Hi Samuel,

This bug has just been fixed upstream. It was reported by someone to the
(upstream) developers directly - google found this bug report as well, so I
just wanted to let you know there's a fix available. pcp-2.9.0 will be released
within the next week, and pushed into Debian unstable shortly thereafter -
that version will be the first release with the fix.

cheers.

--
Nathan

Fail2Ban (failtoban)
Changed in pcp (Ubuntu):
status: New → Fix Released
security vulnerability: no → yes
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.