Debian GNU/Linux

g15macro crashes with buffer overflow

Reported by Andreas Sonnenbichler on 2010-10-10
62
This bug affects 12 people
Affects Status Importance Assigned to Milestone
g15daemon (Debian)
New
Undecided
Unassigned
g15daemon (Ubuntu)
Undecided
Unassigned
Natty
Undecided
Unassigned
Oneiric
Undecided
Unassigned
g15macro (Ubuntu)
Undecided
Unassigned
Natty
Undecided
Unassigned
Oneiric
Undecided
Unassigned

Bug Description

Binary package hint: g15macro

acs@shibyeni:~$ g15macro
restoring codes
XTest disabled by configure option. Using XSendEvent instead.
*** buffer overflow detected ***: g15macro terminated

ADDITIONAL INFORMATION
Ubuntu 10.10 RC AMD64 Desktop Standard

acs@shibyeni:~$ uname -a
Linux shibyeni 2.6.35-22-generic #33-Ubuntu SMP Sun Sep 19 20:32:27 UTC 2010 x86_64 GNU/Linux

acs@shibyeni:~$ ps axu | grep g15
nobody 2515 0.2 0.0 40068 1324 ? Ssl 08:47 0:19 g15daemon
acs 2530 0.1 0.0 39420 1520 ? Sl 08:48 0:13 g15stats
acs 19903 0.0 0.0 12760 880 pts/0 S+ 11:20 0:00 grep --color=auto g15

Alex (a-t-page) wrote :

Very similar situation here. The LCD on the keyboard does flash the g15macro logo before crashing. Killing g15stats first doesn't change the result. 2.6.35-23-generic x86_64.

This is a bug in libg15daemon_client.

fix at http://www.g15tools.com/node/82

BrandonTomlinson (druke) wrote :

Not sure how long it will take for this to get fixed, I added a patched recipe into my ppa. g15macro works great now.

Changed in g15macro (Ubuntu):
status: New → Invalid
Changed in g15daemon (Ubuntu):
status: New → Confirmed
Changed in g15macro (Ubuntu Natty):
status: New → Invalid
Changed in g15daemon (Ubuntu Natty):
status: New → Confirmed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package g15daemon - 1.9.5.3-8.2ubuntu1

---------------
g15daemon (1.9.5.3-8.2ubuntu1) oneiric; urgency=low

  * libg15daemon_client/g15daemon_net.c: Fixed a potential buffer-overflow
    related to (LP: #657598), as suggested at http://www.g15tools.com/node/82
 -- Brandon Tomlinson <email address hidden> Fri, 10 Jun 2011 06:59:38 -0500

Changed in g15daemon (Ubuntu Oneiric):
status: Confirmed → Fix Released
Marc Deslauriers (mdeslaur) wrote :

Thanks for the merge request. The patch looks good. I've gone ahead and uploaded the fix to Oneiric, and will prepare an SRU for Natty.

Could you please report this issue to Debian, and link the Debian bug here. Thanks!

Marc Deslauriers (mdeslaur) wrote :

SRU request:

Impact: program will terminate on Natty with a buffer overflow error.
The problem has been corrected by adding a minimal patch, see attached debdiff.

Marc Deslauriers (mdeslaur) wrote :
Martin Pitt (pitti) wrote :

@security team: Should this be handled in natty-security instead?

Chris Halse Rogers (raof) wrote :

10:52 <micahg> RAOF: it's not a security issue per say since it crashes on startup

Approved by SRU team. Please accept into natty-proposed.

Kees Cook (kees) wrote :

@pitti no need -- it's not a security vulnerability. (because of the compiler flags, this is just a crash, not an exploitable bug)

Accepted g15daemon into natty-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in g15daemon (Ubuntu Natty):
status: Confirmed → Fix Committed
tags: added: verification-needed
Jamie Strandboge (jdstrand) wrote :

This looks like just a crasher and that stack protector should catch it. Unsubscribing ubuntu-security.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments