usbrelay buffer overflows from argv

Bug #1837755 reported by jenna
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
usbrelay (Ubuntu)
Undecided
Unassigned

Bug Description

The program copies strings from argv into fixed size heap buffers with unchecked strcpy.

https://salsa.debian.org/debian/usbrelay/blob/master/usbrelay.c#L60

$ usbrelay 1111111111
*** buffer overflow detected ***: usbrelay terminated
Aborted (core dumped)

$ lsb_release -rd
Description: Ubuntu 18.04.2 LTS
Release: 18.04

$ apt-cache policy usbrelay
usbrelay:
  Installed: 0.2-1build1
  Candidate: 0.2-1build1
  Version table:
 *** 0.2-1build1 500
        500 http://us.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
        100 /var/lib/dpkg/status

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: ubuntu-release-upgrader-core 1:18.04.34
ProcVersionSignature: Ubuntu 4.18.0-25.26~18.04.1-generic 4.18.20
Uname: Linux 4.18.0-25-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.9-0ubuntu7.7
Architecture: amd64
CrashDB: ubuntu
CurrentDesktop: KDE
Date: Wed Jul 24 11:36:41 2019
InstallationDate: Installed on 2019-06-10 (43 days ago)
InstallationMedia: Kubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 (20190210)
PackageArchitecture: all
SourcePackage: ubuntu-release-upgrader
Symptom: release-upgrade
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
jenna (giantpune) wrote :
affects: ubuntu-release-upgrader (Ubuntu) → usbrelay (Ubuntu)
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers