Stack smashing in aptitude on safe-upgrade

Bug #499631 reported by Reiger on 2009-12-22
This bug affects 27 people
Affects Status Importance Assigned to Milestone
aptitude (Ubuntu)

Bug Description

Binary package hint: aptitude

Latest update of the system causes aptitude to crash on safe-upgrade (FWIW it does the same on install); apparently a protection against stack smashing kicks in and terminates the application.

The error message spit out:

*** stack smashing detected ***: aptitude terminated
======= Backtrace: =========
======= Memory map: ========
00110000-001c9000 r-xp 00000000 08:05 4035 /usr/lib/
001c9000-001ca000 ---p 000b9000 08:05 4035 /usr/lib/
001ca000-001cd000 r--p 000b9000 08:05 4035 /usr/lib/
001cd000-001ce000 rw-p 000bc000 08:05 4035 /usr/lib/
001ce000-0023d000 r-xp 00000000 08:05 4048 /usr/lib/
0023d000-0023e000 r--p 0006e000 08:05 4048 /usr/lib/
0023e000-0023f000 rw-p 0006f000 08:05 4048 /usr/lib/

Which appears to refer to a TLS/SSL encryption library and FWIW the latest upgrade I did, included what looks like an https library for aptitude/apt: apt-transport-https.

On the other hand the same bug does not manifest itself when using apt; i.e. apt install and apt upgrade continue to function normally; which suggest that it is not the libraries themselves that are at fault.

ProblemType: Bug
Architecture: i386
Date: Wed Dec 23 00:11:09 2009
DistroRelease: Ubuntu 10.04
Package: aptitude
 PATH=(custom, no user)
ProcVersionSignature: Ubuntu 2.6.32-8.12-generic
SourcePackage: aptitude
Tags: lucid
Uname: Linux 2.6.32-8-generic i686

Related branches

Reiger (jm-ouwerkerk) wrote :
Reiger (jm-ouwerkerk) wrote :

Forgot to mention: aptitude --version info:

aptitude compiled at Sep 28 2009 12:52:07
Compiler: g++ 4.4.1
Compiled against:
  apt version 4.8.1
  NCurses version 5.7
  libsigc++ version: 2.0.18
  Ept support enabled.

Current library versions:
  NCurses version: ncurses 5.7.20090803
  cwidget version: 0.5.13
  Apt version: 4.8.0

Reiger (jm-ouwerkerk) wrote :
Download full text (12.2 KiB)

Further testing (trying to purge packages with aptitude):

sudo aptitude
*** glibc detected *** aptitude: free(): invalid pointer: 0xb39032b8 ***
======= Backtrace: =========
======= Memory map: ========
00110000-00125000 r-xp 00000000 08:05 40553 /lib/tls/i686/cmov/
00125000-00126000 r--p 00014000 08:05 40553 /lib/tls/i686/cmov/

Benjamin Drung (bdrung) wrote :

I experience this bug with pbuilder. Every lucid build fails due to this bug. Log attached.

Changed in aptitude (Ubuntu):
status: New → Confirmed
Bryce Harrington (bryce) wrote :

I've been able to reproduce this in my lucid pbuilder environment, both amd64 and i386 arch's.

*** stack smashing detected ***: aptitude terminated
======= Backtrace: =========

Changed in aptitude (Ubuntu):
importance: Undecided → High
milestone: none → lucid-alpha-2
Kees Cook (kees) wrote :

I'm not able to reproduce this yet; what command lines in particular are crashing, and can you enable apport and try to catch the overflow?

Benjamin Drung (bdrung) wrote :

It started with the pbuilder update today or yesterday. So run

sudo pbuilder update
sudo pbuilder build foobar.dsc

(replace foobar by any source package)

Mahesh Asolkar (asolkar) wrote :

Attaching aptitude log just as a data point.

Kees Cook (kees) wrote :

I suspect the recent apt upload, even though the crash appears in aptitude...

#0 0x00007ffff5f264c5 in *__GI_raise (sig=<value optimized out>)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007ffff5f29f60 in *__GI_abort () at abort.c:92
#2 0x00007ffff5f5eca7 in __libc_message (do_abort=<value optimized out>,
    fmt=<value optimized out>) at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#3 0x00007ffff5feae67 in *__GI___fortify_fail (
    msg=0x7ffff6029552 "stack smashing detected") at fortify_fail.c:32
#4 0x00007ffff5feae30 in __stack_chk_fail () at stack_chk_fail.c:29
#5 0x00000000004e858a in cmdline_show_preview (
    as_upgrade=<value optimized out>, to_install=<value optimized out>,
    to_hold=<value optimized out>, to_remove=<value optimized out>,
    showvers=<value optimized out>, showdeps=<value optimized out>,
    showsize=false, showwhy=false, verbose=0) at
#6 0x00000000004e8df0 in cmdline_do_prompt (
    as_upgrade=<value optimized out>, to_install=<value optimized out>,
    to_hold=<value optimized out>, to_remove=<value optimized out>,
    to_purge=<value optimized out>, showvers=<value optimized out>,
    showdeps=false, showsize=false, showwhy=false, always_prompt=false,
    verbose=0, assume_yes=false, force_no_change=false, policy=...,
    arch_only=false) at
#7 0x00000000005019fe in cmdline_upgrade (argc=<value optimized out>,
    argv=<value optimized out>, status_fname=0x0,
    simulate=<value optimized out>, no_new_installs=<value optimized out>,
    assume_yes=<value optimized out>, download_only=false, showvers=false,
    showdeps=false, showsize=<value optimized out>,
    showwhy=<value optimized out>, user_tags=..., visual_preview=false,
    always_prompt=<value optimized out>, arch_only=<value optimized out>,
    queue_only=false, verbose=0) at
#8 0x000000000041b1f6 in main (argc=2, argv=0x7fffffffe7a8) at

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package aptitude -

aptitude ( lucid; urgency=low

  * No-change rebuild to handle libapt ABI changes (LP: #499631).
 -- Kees Cook <email address hidden> Tue, 22 Dec 2009 23:17:50 -0800

Changed in aptitude (Ubuntu):
status: Confirmed → Fix Released
Untitled No. 4 (untitled-no4) wrote :

Works for me after getting aptitude (

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers