Ubuntu
rats package

Segmentation fault when auditing code

Bug #63561 reported by Yagisan
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
rats (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

I installed the following version of rats to help audit some code. It segfaults when attempting to run it like this -> rats -w3 --html *

apt-cache show rats
Package: rats
Priority: optional
Section: universe/utils
Installed-Size: 768
Maintainer: Steve Kemp <email address hidden>
Architecture: amd64
Version: 2.1-6
Depends: libc6 (>= 2.4-1), libexpat1 (>= 1.95.8)
Filename: pool/universe/r/rats/rats_2.1-6_amd64.deb
Size: 167686
MD5sum: e0e12b335d6288e1783dc7fc4d1ea31b
Description: Rough Auditing Tool for Security
 RATS, the Rough Auditing Tool for Security, is a security auditing
 utility for C, C++, php, perl, and python code. RATS scans source code,
 finding potentially dangerous function calls. The goal of rats is not to
 definitively find bugs (yet), but to provide a reasonable starting point
 for performing manual security audits.
 .
 The initial vulnerability database is taken directly from things that
 could be easily found when starting with the book, "Building Secure
 Software" by Viega and McGraw.
 .
 The homepage for rats is:
    http://www.securesoftware.com/resources/download_rats.html
Bugs: mailto:<email address hidden>
Origin: Ubuntu

Related branches

lp:ubuntu/lucid/rats
Revision history for this message
Yagisan (yagisan) wrote :
Revision history for this message
ville palo (vi64pa) wrote :

Could you give us a link to files you were auditing when this crash happened.

Changed in rats:
status: Unconfirmed → Needs Info
Revision history for this message
Yagisan (yagisan) wrote :

Sure thing, I've attached some to this report.

Revision history for this message
ville palo (vi64pa) wrote :

Thank you, this is reproducible with these files on my edgy too.

Changed in rats:
status: Needs Info → Confirmed
Revision history for this message
ville palo (vi64pa) wrote :

There were couple of null pointer cases. Here's a fix for this problem.

ville palo (vi64pa)
Changed in rats:
status: Confirmed → In Progress
status: In Progress → Fix Committed
Revision history for this message
William Grant (wgrant) wrote :

I find the Confirmed->In Progress->Fix Committed changes to be rather unnecessary.

Changed in rats:
status: Fix Committed → Confirmed
Revision history for this message
Reinhard Tartler (siretart) wrote :

uploaded to gutsy. please forward the patch as wishlist bug against debian. Thanks

Changed in rats:
status: Confirmed → Fix Committed
Revision history for this message
Reinhard Tartler (siretart) wrote :

rats (2.1-7ubuntu1) gutsy; urgency=low

  * apply patch http://librarian.launchpad.net/5055905/report.diff from
    https://bugs.launchpad.net/ubuntu/+source/rats/+bug/63561, thanks to ville palo.
    (Fixes LP: #63561)

 -- Reinhard Tartler <email address hidden> Mon, 28 May 2007 04:34:11 -0500

Changed in rats:
status: Fix Committed → Fix Released
Revision history for this message
Andrew Austin (andrewaclt) wrote :

Package: rats (2.1-8) [universe]

Much like the first report, I get a seg fault when generating html on an OSS project called OpenEMR (http://downloads.sourceforge.net/openemr/openemr-3.1.0.tar.gz)

andrew@ubuntu:~$ rats openemr-3.1.0 --html
.
.
.
<ul>
<li>File: <b>openemr-3.1.0/gacl/admin/smarty/libs/internals/core.rm_auto.php</b><br/>Lines:
22 </li>
  </ul>
Segmentation fault

The bug does not occur without the --html flag.

Changed in rats (Ubuntu):
status: Fix Released → New
status: New → Incomplete
Revision history for this message
Ilya Barygin (randomaction) wrote :

Andrew, thanks for reporting this. You however may be experiencing a different problem. Could you please file a new crash report using Apport?

https://wiki.ubuntu.com/Apport

If possible, please describe the steps to reproduce the crash in the new bug report.

Changed in rats (Ubuntu):
status: Incomplete → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Patches

Remote bug watches

Bug watches keep track of this bug in other bug trackers.