pnmtofits assert failure: *** buffer overflow detected ***: /usr/bin/pnmtofits terminated

Bug #914196 reported by Max Brustkern
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
netpbm-free (Ubuntu)
Confirmed
Medium
Unassigned

Bug Description

pnmtofits has a buffer overflow when attempting to convert the attached image on Precise and Oneiric amd64. Output follows:

*** buffer overflow detected ***: /usr/bin/pnmtofits terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7fa0ad6ce887]
/lib/x86_64-linux-gnu/libc.so.6(+0xf77a0)[0x7fa0ad6cd7a0]
/lib/x86_64-linux-gnu/libc.so.6(+0xf6c09)[0x7fa0ad6ccc09]
/lib/x86_64-linux-gnu/libc.so.6(_IO_default_xsputn+0xdd)[0x7fa0ad64be1d]
/lib/x86_64-linux-gnu/libc.so.6(_IO_vfprintf+0x1aeb)[0x7fa0ad61efeb]
/lib/x86_64-linux-gnu/libc.so.6(__vsprintf_chk+0x94)[0x7fa0ad6ccca4]
/lib/x86_64-linux-gnu/libc.so.6(__sprintf_chk+0x7d)[0x7fa0ad6ccbed]
/usr/bin/pnmtofits[0x400c17]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7fa0ad5f730d]
/usr/bin/pnmtofits[0x401251]
======= Memory map: ========
00400000-00402000 r-xp 00000000 07:00 402998 /usr/bin/pnmtofits
00601000-00602000 r--p 00001000 07:00 402998 /usr/bin/pnmtofits
00602000-00603000 rw-p 00002000 07:00 402998 /usr/bin/pnmtofits
025fc000-0261d000 rw-p 00000000 00:00 0 [heap]
7fa0ad3c0000-7fa0ad3d5000 r-xp 00000000 07:00 261242 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fa0ad3d5000-7fa0ad5d4000 ---p 00015000 07:00 261242 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fa0ad5d4000-7fa0ad5d5000 r--p 00014000 07:00 261242 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fa0ad5d5000-7fa0ad5d6000 rw-p 00015000 07:00 261242 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fa0ad5d6000-7fa0ad76b000 r-xp 00000000 07:00 270433 /lib/x86_64-linux-gnu/libc-2.13.so
7fa0ad76b000-7fa0ad96a000 ---p 00195000 07:00 270433 /lib/x86_64-linux-gnu/libc-2.13.so
7fa0ad96a000-7fa0ad96e000 r--p 00194000 07:00 270433 /lib/x86_64-linux-gnu/libc-2.13.so
7fa0ad96e000-7fa0ad96f000 rw-p 00198000 07:00 270433 /lib/x86_64-linux-gnu/libc-2.13.so
7fa0ad96f000-7fa0ad975000 rw-p 00000000 00:00 0
7fa0ad975000-7fa0ad993000 r-xp 00000000 07:00 403294 /usr/lib/libnetpbm.so.10.0
7fa0ad993000-7fa0adb93000 ---p 0001e000 07:00 403294 /usr/lib/libnetpbm.so.10.0
7fa0adb93000-7fa0adb94000 r--p 0001e000 07:00 403294 /usr/lib/libnetpbm.so.10.0
7fa0adb94000-7fa0adb98000 rw-p 0001f000 07:00 403294 /usr/lib/libnetpbm.so.10.0
7fa0adb98000-7fa0adbb9000 r-xp 00000000 07:00 270748 /lib/x86_64-linux-gnu/ld-2.13.so
7fa0add99000-7fa0add9c000 rw-p 00000000 00:00 0
7fa0addb5000-7fa0addb8000 rw-p 00000000 00:00 0
7fa0addb8000-7fa0addb9000 r--p 00020000 07:00 270748 /lib/x86_64-linux-gnu/ld-2.13.so
7fa0addb9000-7fa0addbb000 rw-p 00021000 07:00 270748 /lib/x86_64-linux-gnu/ld-2.13.so
7ffffe818000-7ffffe839000 rw-p 00000000 00:00 0 [stack]
7ffffe9ff000-7ffffea00000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
SIMPLE = T BITPIX = 8 NAXIS = 3 NAXIS1 = 92 NAXIS2 = 84 NAXIS3 = 3

----------------------------------------------------------------------

ProblemType: Crash
DistroRelease: Ubuntu 12.04
Package: netpbm 2:10.0-15
ProcVersionSignature: Ubuntu 3.2.0-8.14-generic 3.2.0
Uname: Linux 3.2.0-8-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 1.90-0ubuntu1
Architecture: amd64
AssertionMessage: *** buffer overflow detected ***: /usr/bin/pnmtofits terminated
Date: Tue Jan 10 04:54:49 2012
ExecutablePath: /usr/bin/pnmtofits
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release amd64 (20110427.1)
ProcCmdline: /usr/bin/pnmtofits -quiet /tmp/netpbm-KQUEPe/pnmtofits.pnm
ProcEnviron:
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
Signal: 6
SourcePackage: netpbm-free
StacktraceTop:
 raise () from /lib/x86_64-linux-gnu/libc.so.6
 abort () from /lib/x86_64-linux-gnu/libc.so.6
 ?? () from /lib/x86_64-linux-gnu/libc.so.6
 __fortify_fail () from /lib/x86_64-linux-gnu/libc.so.6
 __chk_fail () from /lib/x86_64-linux-gnu/libc.so.6
Title: pnmtofits assert failure: *** buffer overflow detected ***: /usr/bin/pnmtofits terminated
UpgradeStatus: Upgraded to precise on 2012-01-09 (0 days ago)
UserGroups: adm admin cdrom dialout libvirtd lpadmin plugdev sambashare

Revision history for this message
Max Brustkern (nuclearbob) wrote :
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 __libc_message (do_abort=2, fmt=0x7f287489669e "*** %s ***: %s terminated\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
 __GI___fortify_fail (msg=0x7f2874896635 "buffer overflow detected") at fortify_fail.c:32
 __GI___chk_fail () at chk_fail.c:29
 _IO_str_chk_overflow (fp=<optimized out>, c=<optimized out>) at vsprintf_chk.c:35
 _IO_default_xsputn (f=0x7ffffcc37f30, data=<optimized out>, n=51) at genops.c:485

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in netpbm-free (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
visibility: private → public
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in netpbm-free (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.