gw6c crashes with buffer overflow on start
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gw6c (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: tspc
$ lsb_release -rd
Description: Ubuntu 9.10
Release: 9.10
$ apt-cache policy gw6c
gw6c:
Installé : 6.0.1dfsg.1-3
Candidat : 6.0.1dfsg.1-3
Table de version :
*** 6.0.1dfsg.1-3 0
500 http://
100 /var/lib/
How to reproduce:
0. Run Ubuntu on a 64-bit architecture.
1. Edit the configuration in /etc/gw6c/gw6c.conf by setting the "client_v4" parameter to an IP address.
2. Restart the gw6c daemon.
3. Check that the gw6c daemon is running.
The gw6c daemon crashes when started if the client_v4 is set to an IP address instead of the default value of "auto". The reason is a buffer overflow caused by a memcpy from an integer with a length that is dependent of the architecture to an inet_addr_t structure that is always 32-bit long.
affects: | tspc (Ubuntu) → gw6c (Ubuntu) |
Changed in gw6c (Ubuntu): | |
status: | New → In Progress |
description: | updated |
description: | updated |
Changed in gw6c (Ubuntu): | |
status: | Fix Committed → Fix Released |
This bug is still affecting me on Karmic release. As far as I know, it is not possible to use this package on a 64-bit platform.
Apport report has just been attached to bug #475511.