Attempting to decypt token causes buffer overflow and crash

Bug #663058 reported by Tim White on 2010-10-19
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
pidentd (Ubuntu)
Undecided
Unassigned

Bug Description

Binary package hint: idecrypt

Buffer overflow causes crash. Expected result is the string decoded
Reproduced on 2 machines, one 64bit maverick, one 32bit lucid.

# idecrypt
22 , 56075 : USERID : OTHER :[MHv2sGXYp1ORc8YWhwVHY5AGDDMJYwXK]
*** buffer overflow detected ***: idecrypt terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x37)[0x7f0df3f2f537]
/lib/libc.so.6(+0xfe3f0)[0x7f0df3f2e3f0]
idecrypt[0x40189e]
idecrypt[0x401ab8]
idecrypt[0x401bd4]
/lib/libc.so.6(__libc_start_main+0xfe)[0x7f0df3e4ed8e]
idecrypt[0x4015c9]
======= Memory map: ========
00400000-00404000 r-xp 00000000 08:01 4428 /usr/sbin/idecrypt
00603000-00604000 r--p 00003000 08:01 4428 /usr/sbin/idecrypt
00604000-00605000 rw-p 00004000 08:01 4428 /usr/sbin/idecrypt
015d3000-015f4000 rw-p 00000000 00:00 0 [heap]
7f0df37fe000-7f0df3814000 r-xp 00000000 08:01 874 /lib/libgcc_s.so.1
7f0df3814000-7f0df3a13000 ---p 00016000 08:01 874 /lib/libgcc_s.so.1
7f0df3a13000-7f0df3a14000 r--p 00015000 08:01 874 /lib/libgcc_s.so.1
7f0df3a14000-7f0df3a15000 rw-p 00016000 08:01 874 /lib/libgcc_s.so.1
7f0df3a15000-7f0df3a2b000 r-xp 00000000 08:01 2213 /lib/libz.so.1.2.3.3
7f0df3a2b000-7f0df3c2a000 ---p 00016000 08:01 2213 /lib/libz.so.1.2.3.3
7f0df3c2a000-7f0df3c2b000 r--p 00015000 08:01 2213 /lib/libz.so.1.2.3.3
7f0df3c2b000-7f0df3c2c000 rw-p 00016000 08:01 2213 /lib/libz.so.1.2.3.3
7f0df3c2c000-7f0df3c2e000 r-xp 00000000 08:01 14812 /lib/libdl-2.12.1.so
7f0df3c2e000-7f0df3e2e000 ---p 00002000 08:01 14812 /lib/libdl-2.12.1.so
7f0df3e2e000-7f0df3e2f000 r--p 00002000 08:01 14812 /lib/libdl-2.12.1.so
7f0df3e2f000-7f0df3e30000 rw-p 00003000 08:01 14812 /lib/libdl-2.12.1.so
7f0df3e30000-7f0df3faa000 r-xp 00000000 08:01 1469 /lib/libc-2.12.1.so
7f0df3faa000-7f0df41a9000 ---p 0017a000 08:01 1469 /lib/libc-2.12.1.so
7f0df41a9000-7f0df41ad000 r--p 00179000 08:01 1469 /lib/libc-2.12.1.so
7f0df41ad000-7f0df41ae000 rw-p 0017d000 08:01 1469 /lib/libc-2.12.1.so
7f0df41ae000-7f0df41b3000 rw-p 00000000 00:00 0
7f0df41b3000-7f0df4316000 r-xp 00000000 08:01 14938 /lib/libcrypto.so.0.9.8
7f0df4316000-7f0df4516000 ---p 00163000 08:01 14938 /lib/libcrypto.so.0.9.8
7f0df4516000-7f0df4523000 r--p 00163000 08:01 14938 /lib/libcrypto.so.0.9.8
7f0df4523000-7f0df453c000 rw-p 00170000 08:01 14938 /lib/libcrypto.so.0.9.8
7f0df453c000-7f0df453f000 rw-p 00000000 00:00 0
7f0df453f000-7f0df4557000 r-xp 00000000 08:01 1471 /lib/libpthread-2.12.1.so
7f0df4557000-7f0df4756000 ---p 00018000 08:01 1471 /lib/libpthread-2.12.1.so
7f0df4756000-7f0df4757000 r--p 00017000 08:01 1471 /lib/libpthread-2.12.1.so
7f0df4757000-7f0df4758000 rw-p 00018000 08:01 1471 /lib/libpthread-2.12.1.so
7f0df4758000-7f0df475c000 rw-p 00000000 00:00 0
7f0df475c000-7f0df477c000 r-xp 00000000 08:01 1477 /lib/ld-2.12.1.so
7f0df4950000-7f0df4954000 rw-p 00000000 00:00 0
7f0df4978000-7f0df497c000 rw-p 00000000 00:00 0
7f0df497c000-7f0df497d000 r--p 00020000 08:01 1477 /lib/ld-2.12.1.so
7f0df497d000-7f0df497e000 rw-p 00021000 08:01 1477 /lib/ld-2.12.1.so
7f0df497e000-7f0df497f000 rw-p 00000000 00:00 0
7fff21fba000-7fff21fdb000 rw-p 00000000 00:00 0 [stack]
7fff21fff000-7fff22000000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
22 , 56075 : USERID : OTHER :Aborted

# apt-cache policy idecrypt
idecrypt:
  Installed: 3.0.19.ds1-5
  Candidate: 3.0.19.ds1-5
  Version table:
 *** 3.0.19.ds1-5 0
        500 http://ftp.iinet.net.au/linux/ubuntu/ maverick/universe Packages
        500 http://ftp.iinet.net.au/linux/ubuntu/ lucid/universe Packages
        100 /var/lib/dpkg/status

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers