tcpprep crashes with a "buffer overflow detected" message

Bug #971990 reported by Gordonjcp
34
This bug affects 7 people
Affects Status Importance Assigned to Milestone
tcpreplay (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

The tcpprep package shipped with 3.4.3 has a bug that causes it to crash with the following:
*** buffer overflow detected ***: tcpprep terminated

followed by a ream of backtrace and other not-astoundingly-helpful debug information.

The fix appears to be in src/common/cache.c change line 173 from:

strncpy(cache_header->version, CACHEVERSION, strlen(CACHEMAGIC));

to

strncpy(cache_header->version, CACHEVERSION, strlen(CACHEVERSION));

HTH
Gordonjcp

Tags: patch
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in tcpreplay (Ubuntu):
status: New → Confirmed
Revision history for this message
Gordonjcp (gordonjcp) wrote :

Here is a patch that can be applied to cure this issue

Revision history for this message
Gordonjcp (gordonjcp) wrote :

Oh no it doesn't. Despite following the Debian instructions for creating a patch, it actually has the patch lines backwards.

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "fix-tcpprep-crash.patch" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-reviewers team please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

tags: added: patch
Revision history for this message
Kostya Keeper (kostya-keeper) wrote :

Correct patch, maked by quilt

Revision history for this message
Kostya Keeper (kostya-keeper) wrote :

And debdiff

Sorry for my bad English.

information type: Public → Public Security
information type: Public Security → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers