Ubuntu
linux package

ndiswrapper linux 2.6.35-10

Bug #609714 reported by Hunter Laux on 2010-07-25

262

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Expired	Undecided	Unassigned

Bug Description

Binary package hint: linux-image-2.6.35-10-generic

I was trying to figure out where ndiswrapper was compiled for 2.6.35.
A quick look at the source shows a modified version for Ubuntu.
In wrapndis.c line 972 index 'i' is used uninitialized.
Seems like a buffer overrun to me.

Has 2.6.35 support been sent upstream?

memcpy(buf + i * ETH_ALEN, ha->addr, ETH_ALEN);

Please see linux-2.6.35/ubuntu/ndiswrapper/wrapndis.c.

ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: linux-image-2.6.35-10-generic 2.6.35-10.15
Regression: No
Reproducible: Yes
ProcVersionSignature: Ubuntu 2.6.35-10.15-generic 2.6.35-rc5
Uname: Linux 2.6.35-10-generic x86_64
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.23.
AplayDevices:
**** List of PLAYBACK Hardware Devices ****
card 0: SB [HDA ATI SB], device 0: STAC92xx Analog [STAC92xx Analog]
   Subdevices: 1/1
   Subdevice #0: subdevice #0
Architecture: amd64
ArecordDevices:
**** List of CAPTURE Hardware Devices ****
card 0: SB [HDA ATI SB], device 0: STAC92xx Analog [STAC92xx Analog]
   Subdevices: 1/1
   Subdevice #0: subdevice #0
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC0: hlaux 2038 F.... pulseaudio
Card0.Amixer.info:
Card hw:0 'SB'/'HDA ATI SB at 0xc0000000 irq 16'
   Mixer name : 'SigmaTel STAC9200'
   Components : 'HDA:14f12bfa,14f100c3,00090000 HDA:83847690,102801f5,00102201'
   Controls : 7
   Simple ctrls : 5
Date: Sun Jul 25 03:48:52 2010
EcryptfsInUse: Yes
HibernationDevice: RESUME=UUID=1775a891-fa1f-4acf-b465-012bb88345c2
MachineType: Dell Inc. Inspiron 1501
ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.35-10-generic root=UUID=28ae6991-6268-4edf-9dd0-4d88800561ca ro crashkernel=384M-2G:64M,2G-:128M quiet splash
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
RelatedPackageVersions: linux-firmware 1.37
SourcePackage: linux
WpaSupplicantLog:

dmi.bios.date: 12/07/2007
dmi.bios.vendor: Dell Inc.
dmi.bios.version: 2.6.3
dmi.board.name: 0UW744
dmi.board.vendor: Dell Inc.
dmi.chassis.type: 8
dmi.chassis.vendor: Dell Inc.
dmi.chassis.version: Not Specified
dmi.modalias: dmi:bvnDellInc.:bvr2.6.3:bd12/07/2007:svnDellInc.:pnInspiron1501:pvrNotSpecified:rvnDellInc.:rn0UW744:rvr:cvnDellInc.:ct8:cvrNotSpecified:
dmi.product.name: Inspiron 1501
dmi.product.version: Not Specified
dmi.sys.vendor: Dell Inc.

Tags:

Revision history for this message

Hunter Laux (jolting) wrote on 2010-07-25:

AcpiTables.txt Edit (123.9 KiB, text/plain; charset="utf-8")
AlsaDevices.txt Edit (459 bytes, text/plain; charset="utf-8")
BootDmesg.txt Edit (63.0 KiB, text/plain; charset="utf-8")
CRDA.txt Edit (257 bytes, text/plain; charset="utf-8")
Card0.Amixer.values.txt Edit (1.1 KiB, text/plain; charset="utf-8")
Card0.Codecs.codec.0.txt Edit (145 bytes, text/plain; charset="utf-8")
Card0.Codecs.codec.1.txt Edit (5.4 KiB, text/plain; charset="utf-8")
CurrentDmesg.txt Edit (247.7 KiB, text/plain; charset="utf-8")
Dependencies.txt Edit (1.8 KiB, text/plain; charset="utf-8")
IwConfig.txt Edit (520 bytes, text/plain; charset="utf-8")
Lspci.txt Edit (13.5 KiB, text/plain; charset="utf-8")
Lsusb.txt Edit (377 bytes, text/plain; charset="utf-8")
PciMultimedia.txt Edit (565 bytes, text/plain; charset="utf-8")
ProcCpuinfo.txt Edit (1.5 KiB, text/plain; charset="utf-8")
ProcInterrupts.txt Edit (1.5 KiB, text/plain; charset="utf-8")
ProcModules.txt Edit (3.4 KiB, text/plain; charset="utf-8")
RfKill.txt Edit (120 bytes, text/plain; charset="utf-8")
UdevDb.txt Edit (101.8 KiB, text/plain; charset="utf-8")
UdevLog.txt Edit (226.3 KiB, text/plain; charset="utf-8")
WifiSyslog.txt Edit (1.2 MiB, text/plain; charset="utf-8")

wrapndis.patch Edit (642 bytes, text/plain)

Hunter Laux (jolting) on 2010-07-25

visibility:

private → public

Revision history for this message

Jeremy Foshee (jeremyfoshee) wrote on 2010-07-26:

Hi Hunter,

If you could also please test the latest upstream kernel available that would be great. It will allow additional upstream developers to examine the issue. Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Once you've tested the upstream kernel, please remove the 'needs-upstream-testing' tag. This can be done by clicking on the yellow pencil icon next to the tag located at the bottom of the bug description and deleting the 'needs-upstream-testing' text. Please let us know your results.

Thanks in advance.

[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]

tags:	added: kj-triage
Changed in linux (Ubuntu):
status:	New → Incomplete

Revision history for this message

Jeremy Foshee (jeremyfoshee) wrote on 2010-09-23:

This bug report was marked as Incomplete and has not had any updated comments for quite some time. As a result this bug is being closed. Please reopen if this is still an issue in the current Ubuntu development release http://cdimage.ubuntu.com/daily-live/current/ . Also, please be sure to provide any requested information that may have been missing. To reopen the bug, click on the current status under the Status column and change the status back to "New". Thanks.

[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]