Ubuntu
dvdauthor package

dvdauthor crashes when dvd output path contains more than 177 characters

Bug #554902 reported by kit
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
dvdauthor (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Binary package hint: dvdauthor

Karmic, dvdauthor v0.6.14

dvdauthor crashes immediately after it creates the directory and AUDIO_TS/VIDEO_TS subdirectories.
No files are created in these subdirectories.
Underlying filesystem is EXT4.

kit@desktop:~$ dvdauthor -t -o *[any path containing more than 177 characters]* any.mpg
DVDAuthor::dvdauthor, version 0.6.14.
Build options: gnugetopt magick iconv freetype
Send bugs to <email address hidden>

INFO: dvdauthor creating VTS
STAT: Picking VTS 01

STAT: Processing any.mpg...
*** buffer overflow detected ***: dvdauthor terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7fe24962e647]
/lib/libc.so.6[0x7fe24962d5f0]
/lib/libc.so.6[0x7fe24962ca59]
/lib/libc.so.6(_IO_default_xsputn+0x98)[0x7fe2495ab448]
/lib/libc.so.6(_IO_vfprintf+0x5a5)[0x7fe24957c345]
/lib/libc.so.6(__vsprintf_chk+0x99)[0x7fe24962caf9]
/lib/libc.so.6(__sprintf_chk+0x7f)[0x7fe24962ca3f]
dvdauthor[0x40e584]
dvdauthor[0x404633]
dvdauthor[0x413e03]
/lib/libc.so.6(__libc_start_main+0xfd)[0x7fe249555abd]
dvdauthor[0x401c99]
======= Memory map: ========
00400000-0041e000 r-xp 00000000 08:03 1302 /usr/bin/dvdauthor
0061d000-0061e000 r--p 0001d000 08:03 1302 /usr/bin/dvdauthor
0061e000-0061f000 rw-p 0001e000 08:03 1302 /usr/bin/dvdauthor
0061f000-00656000 rw-p 00000000 00:00 0
0244f000-02470000 rw-p 00000000 00:00 0 [heap]
7fe248c81000-7fe248c97000 r-xp 00000000 08:03 807 /lib/libgcc_s.so.1
7fe248c97000-7fe248e96000 ---p 00016000 08:03 807 /lib/libgcc_s.so.1
7fe248e96000-7fe248e97000 r--p 00015000 08:03 807 /lib/libgcc_s.so.1
7fe248e97000-7fe248e98000 rw-p 00016000 08:03 807 /lib/libgcc_s.so.1
7fe248e98000-7fe248f1a000 r-xp 00000000 08:03 1634 /lib/libm-2.10.1.so
7fe248f1a000-7fe24911a000 ---p 00082000 08:03 1634 /lib/libm-2.10.1.so
7fe24911a000-7fe24911b000 r--p 00082000 08:03 1634 /lib/libm-2.10.1.so
7fe24911b000-7fe24911c000 rw-p 00083000 08:03 1634 /lib/libm-2.10.1.so
7fe24911c000-7fe249132000 r-xp 00000000 08:03 1829 /lib/libz.so.1.2.3.3
7fe249132000-7fe249331000 ---p 00016000 08:03 1829 /lib/libz.so.1.2.3.3
7fe249331000-7fe249332000 r--p 00015000 08:03 1829 /lib/libz.so.1.2.3.3
7fe249332000-7fe249333000 rw-p 00016000 08:03 1829 /lib/libz.so.1.2.3.3
7fe249333000-7fe249335000 r-xp 00000000 08:03 1633 /lib/libdl-2.10.1.so
7fe249335000-7fe249535000 ---p 00002000 08:03 1633 /lib/libdl-2.10.1.so
7fe249535000-7fe249536000 r--p 00002000 08:03 1633 /lib/libdl-2.10.1.so
7fe249536000-7fe249537000 rw-p 00003000 08:03 1633 /lib/libdl-2.10.1.so
7fe249537000-7fe24969d000 r-xp 00000000 08:03 1629 /lib/libc-2.10.1.so
7fe24969d000-7fe24989c000 ---p 00166000 08:03 1629 /lib/libc-2.10.1.so
7fe24989c000-7fe2498a0000 r--p 00165000 08:03 1629 /lib/libc-2.10.1.so
7fe2498a0000-7fe2498a1000 rw-p 00169000 08:03 1629 /lib/libc-2.10.1.so
7fe2498a1000-7fe2498a6000 rw-p 00000000 00:00 0
7fe2498a6000-7fe2499ec000 r-xp 00000000 08:03 6926 /usr/lib/libxml2.so.2.7.5
7fe2499ec000-7fe249beb000 ---p 00146000 08:03 6926 /usr/lib/libxml2.so.2.7.5
7fe249beb000-7fe249bf3000 r--p 00145000 08:03 6926 /usr/lib/libxml2.so.2.7.5
7fe249bf3000-7fe249bf5000 rw-p 0014d000 08:03 6926 /usr/lib/libxml2.so.2.7.5
7fe249bf5000-7fe249bf6000 rw-p 00000000 00:00 0
7fe249bf6000-7fe249c15000 r-xp 00000000 08:03 1626 /lib/ld-2.10.1.so
7fe249df2000-7fe249df5000 rw-p 00000000 00:00 0
7fe249e10000-7fe249e14000 rw-p 00000000 00:00 0
7fe249e14000-7fe249e15000 r--p 0001e000 08:03 1626 /lib/ld-2.10.1.so
7fe249e15000-7fe249e16000 rw-p 0001f000 08:03 1626 /lib/ld-2.10.1.so
7fff965bd000-7fff965d2000 rw-p 00000000 00:00 0 [stack]
7fff965ff000-7fff96600000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted

If I delete one character from the output path, the conversion begins and completes normally.

See original description
kit (kitrule)
summary: - dvdauthor crashes when dvd output path > 178 characters
+ dvdauthor crashes when dvd output path > 177 characters
description: updated
description: updated
summary: - dvdauthor crashes when dvd output path > 177 characters
+ dvdauthor crashes when dvd output path contains more than 177 characters
description: updated
Revision history for this message
Stefano Rivera (stefanor) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. However, I am closing it because the bug has been fixed in the latest development version of Ubuntu - Maverick Meerkat.

If you need a fix for the bug in previous versions of Ubuntu, please follow the instructions for "How to request new packages" at https://help.ubuntu.com/community/UbuntuBackports#request-new-packages

Changed in dvdauthor (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.