Ubuntu
fcrackzip package

buffer opverflow after " fcrackzip -D -p /home/techzilla/Documents/Dictionsary/allist"

Bug #733868 reported by techzilla
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
fcrackzip (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Binary package hint: fcrackzip

techzilla@Zilla64:~/Customizations/templates$ fcrackzip -D -p /home/techzilla/Documents/Dictionsary/cracklibd
*** buffer overflow detected ***: fcrackzip terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7ffff7b58537]
/lib/libc.so.6(+0xfe3f0)[0x7ffff7b573f0]
fcrackzip[0x401d01]
/lib/libc.so.6(__libc_start_main+0xfe)[0x7ffff7a77d8e]
fcrackzip[0x400eb9]
======= Memory map: ========
00400000-00409000 r-xp 00000000 08:01 2230784 /usr/bin/fcrackzip
00608000-00609000 r--p 00008000 08:01 2230784 /usr/bin/fcrackzip
00609000-0060a000 rw-p 00009000 08:01 2230784 /usr/bin/fcrackzip
0060a000-00633000 rw-p 00000000 00:00 0 [heap]
7ffff7843000-7ffff7858000 r-xp 00000000 08:01 1835087 /lib/libgcc_s.so.1
7ffff7858000-7ffff7a57000 ---p 00015000 08:01 1835087 /lib/libgcc_s.so.1
7ffff7a57000-7ffff7a58000 r--p 00014000 08:01 1835087 /lib/libgcc_s.so.1
7ffff7a58000-7ffff7a59000 rw-p 00015000 08:01 1835087 /lib/libgcc_s.so.1
7ffff7a59000-7ffff7bd3000 r-xp 00000000 08:01 1838809 /lib/libc-2.12.1.so
7ffff7bd3000-7ffff7dd2000 ---p 0017a000 08:01 1838809 /lib/libc-2.12.1.so
7ffff7dd2000-7ffff7dd6000 r--p 00179000 08:01 1838809 /lib/libc-2.12.1.so
7ffff7dd6000-7ffff7dd7000 rw-p 0017d000 08:01 1838809 /lib/libc-2.12.1.so
7ffff7dd7000-7ffff7ddc000 rw-p 00000000 00:00 0
7ffff7ddc000-7ffff7dfc000 r-xp 00000000 08:01 1838817 /lib/ld-2.12.1.so
7ffff7fd9000-7ffff7fdc000 rw-p 00000000 00:00 0
7ffff7ff9000-7ffff7ffb000 rw-p 00000000 00:00 0
7ffff7ffb000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00020000 08:01 1838817 /lib/ld-2.12.1.so
7ffff7ffd000-7ffff7ffe000 rw-p 00021000 08:01 1838817 /lib/ld-2.12.1.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted

uname -a
Linux Zilla64 2.6.35-25-generic #44-Ubuntu SMP Fri Jan 21 17:40:44 UTC 2011 x86_64 GNU/Linux

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in fcrackzip (Ubuntu):
status: New → Confirmed
Revision history for this message
Jari Aalto (jari-aalto) wrote :

Can't reproduce with 1.0-5 (2013) http://packages.qa.debian.org/f/fcrackzip.html

# For /usr/share/dict/cracklib-small
apt-get install cracklib-runtime

zip -e test.zip *.txt
Enter password: abc
Verify password: abc

fcrackzip -D -p /usr/share/dict/cracklib-small test.zip
(... normal output, no segfault...)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.