Falselogin gives buffer overflow out-of-the-box

Bug #1130594 reported by Otto Kekäläinen on 2013-02-20
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
falselogin (Ubuntu)
Undecided
Unassigned

Bug Description

I just installed falselogin on an Ubuntu 12.04 machine. I added the path /usr/bin/falselogin as the shell for an account. When I log in it immediately emit buffer overflow and crashes. Same behaviour if I run falselogin locally from inside an session. There are no customizations - falselogin simply fails out-of-the-box.

$ ssh xxx@xxx
xxx@xxx's password:
Welcome to Ubuntu 12.04.2 LTS (GNU/Linux 3.2.0-37-generic x86_64)

 * Documentation: https://help.ubuntu.com/

  System information as of Wed Feb 20 12:20:04 EET 2013

  System load: 0.14 Processes: 72
  Usage of /: 48.4% of 2.88GB Users logged in: 0
  Memory usage: 16% IP address for eth0: xxxx
  Swap usage: 0%

  Graph this data and manage this system at https://landscape.canonical.com/

Last login: Wed Feb 20 12:09:21 2013 from xxxx.com

Welcome to remote (Debian wheezy/sid Linux 3.2.0-37-generic)!

*** buffer overflow detected ***: -falselogin terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f082c42c807]
/lib/x86_64-linux-gnu/libc.so.6(+0x109700)[0x7f082c42b700]
/lib/x86_64-linux-gnu/libc.so.6(+0x108deb)[0x7f082c42adeb]
/lib/x86_64-linux-gnu/libc.so.6(__snprintf_chk+0x78)[0x7f082c42acc8]
-falselogin[0x400fea]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7f082c34376d]
-falselogin[0x400b89]
======= Memory map: ========
00400000-00402000 r-xp 00000000 fd:01 46284 /usr/bin/falselogin
00601000-00602000 r--p 00001000 fd:01 46284 /usr/bin/falselogin
00602000-00603000 rw-p 00002000 fd:01 46284 /usr/bin/falselogin
00fe3000-01004000 rw-p 00000000 00:00 0 [heap]
7f082beff000-7f082bf14000 r-xp 00000000 fd:01 1077 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f082bf14000-7f082c113000 ---p 00015000 fd:01 1077 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f082c113000-7f082c114000 r--p 00014000 fd:01 1077 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f082c114000-7f082c115000 rw-p 00015000 fd:01 1077 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f082c115000-7f082c121000 r-xp 00000000 fd:01 1248 /lib/x86_64-linux-gnu/libnss_files-2.15.so
7f082c121000-7f082c320000 ---p 0000c000 fd:01 1248 /lib/x86_64-linux-gnu/libnss_files-2.15.so
7f082c320000-7f082c321000 r--p 0000b000 fd:01 1248 /lib/x86_64-linux-gnu/libnss_files-2.15.so
7f082c321000-7f082c322000 rw-p 0000c000 fd:01 1248 /lib/x86_64-linux-gnu/libnss_files-2.15.so
7f082c322000-7f082c4d7000 r-xp 00000000 fd:01 1236 /lib/x86_64-linux-gnu/libc-2.15.so
7f082c4d7000-7f082c6d6000 ---p 001b5000 fd:01 1236 /lib/x86_64-linux-gnu/libc-2.15.so
7f082c6d6000-7f082c6da000 r--p 001b4000 fd:01 1236 /lib/x86_64-linux-gnu/libc-2.15.so
7f082c6da000-7f082c6dc000 rw-p 001b8000 fd:01 1236 /lib/x86_64-linux-gnu/libc-2.15.so
7f082c6dc000-7f082c6e1000 rw-p 00000000 00:00 0
7f082c6e1000-7f082c703000 r-xp 00000000 fd:01 1252 /lib/x86_64-linux-gnu/ld-2.15.so
7f082c8fa000-7f082c8fe000 rw-p 00000000 00:00 0
7f082c8fe000-7f082c903000 rw-p 00000000 00:00 0
7f082c903000-7f082c904000 r--p 00022000 fd:01 1252 /lib/x86_64-linux-gnu/ld-2.15.so
7f082c904000-7f082c906000 rw-p 00023000 fd:01 1252 /lib/x86_64-linux-gnu/ld-2.15.so
7fff0134b000-7fff0136c000 rw-p 00000000 00:00 0 [stack]
7fff013ff000-7fff01400000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Connection to xxx closed.

Revision history for this message
Sergio (escuelaint) wrote :

It's something related to a MTA subsystem or a terminal client mechanism that is not installed on the box.

A simple workaround is to comment this line on /etc/falselogin.conf

#You have %mail% messages in your mailbox.

After that you will have again the funny message when trying to login.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers