xvnc4viewer assert failure: *** stack smashing detected ***: vncviewer terminated

Bug #845855 reported by Rodney Lorrimar on 2011-09-09
160
This bug affects 29 people
Affects Status Importance Assigned to Milestone
vnc4 (Ubuntu)
Medium
Unassigned

Bug Description

xvnc4viewer crashes at startup when run like this:

vncviewer :1

ProblemType: Crash
DistroRelease: Ubuntu 11.10
Package: xvnc4viewer 4.1.1+xorg4.3.0-37ubuntu3
ProcVersionSignature: Ubuntu 3.0.0-10.16-generic 3.0.4
Uname: Linux 3.0.0-10-generic x86_64
Architecture: amd64
AssertionMessage: *** stack smashing detected ***: vncviewer terminated
Date: Fri Sep 9 19:39:50 2011
ExecutablePath: /usr/bin/xvnc4viewer
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release amd64 (20101007)
ProcCmdline: vncviewer :1
Signal: 6
SourcePackage: vnc4
StacktraceTop:
 raise () from /lib/x86_64-linux-gnu/libc.so.6
 abort () from /lib/x86_64-linux-gnu/libc.so.6
 ?? () from /lib/x86_64-linux-gnu/libc.so.6
 __fortify_fail () from /lib/x86_64-linux-gnu/libc.so.6
 __stack_chk_fail () from /lib/x86_64-linux-gnu/libc.so.6
Title: xvnc4viewer assert failure: *** stack smashing detected ***: vncviewer terminated
UpgradeStatus: Upgraded to oneiric on 2011-09-05 (4 days ago)
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare
XsessionErrors:
 (nautilus:3413): Gdk-CRITICAL **: gdk_window_get_window_type: assertion `GDK_IS_WINDOW (window)' failed
 (nautilus:3413): GLib-CRITICAL **: g_main_loop_is_running: assertion `g_atomic_int_get (&loop->ref_count) > 0' failed
 (nautilus:3413): GLib-CRITICAL **: g_main_loop_is_running: assertion `g_atomic_int_get (&loop->ref_count) > 0' failed
 (gedit:8263): Gtk-WARNING **: Unable to retrieve the file info for `file:///home/vicki/.local/share/applications/ankivnc.desktop': Error stating file '/home/vicki/.local/share/applications/ankivnc.desktop': No such file or directory

Related branches

Rodney Lorrimar (rodney-rodney) wrote :
visibility: private → public

StacktraceTop:
 __libc_message (do_abort=2, fmt=0x7f00c35d961e "*** %s ***: %s terminated\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
 __GI___fortify_fail (msg=0x7f00c35d9606 "stack smashing detected") at fortify_fail.c:32
 __stack_chk_fail () at stack_chk_fail.c:29
 network::TcpSocket::sameMachine (this=0x25fd4d0) at TcpSocket.cxx:266
 CConn::CConn (this=0x7fff333da1f0, dpy_=0x25e55f0, argc_=2, argv_=0x7fff333dccf8, sock_=0x0, vncServerName=0x7fff333de528 ":1", reverse=false, ipVersion=0) at CConn.cxx:119

Changed in vnc4 (Ubuntu):
importance: Undecided → Medium
tags: removed: need-amd64-retrace
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in vnc4 (Ubuntu):
status: New → Confirmed
knorr (a-sokolov) wrote :

On x86 too

knorr (a-sokolov) wrote :

with -listen option

Kazuhiro NISHIYAMA (znz) wrote :

I met same bug with "xvnc4viewer -via target localhost:1".

I tried with DEB_BUILD_OPTIONS=nostrip,debug and get backtrace.

(gdb) bt
#0 0x00130416 in __kernel_vsyscall ()
#1 0x003c5c8f in raise () from /lib/i386-linux-gnu/libc.so.6
#2 0x003c92b5 in abort () from /lib/i386-linux-gnu/libc.so.6
#3 0x003fbdfc in ?? () from /lib/i386-linux-gnu/libc.so.6
#4 0x0047f8d5 in __fortify_fail () from /lib/i386-linux-gnu/libc.so.6
#5 0x0047f887 in __stack_chk_fail () from /lib/i386-linux-gnu/libc.so.6
#6 0x08082f91 in __stack_chk_fail_local ()
#7 0x0807e534 in network::TcpSocket::sameMachine (this=0x80b0e20)
    at TcpSocket.cxx:266
#8 0x0805064b in CConn::CConn (this=0xbfffd7e8, dpy_=0x809d648, argc_=4,
    argv_=0xbffff314, sock_=0x0, vncServerName=0x809d320 "localhost::5599",
    reverse=false, ipVersion=0) at CConn.cxx:119
#9 0x0805a056 in main (argc=4, argv=0xbffff314) at vncviewer.cxx:325

I add
  addrlen = sizeof(struct sockaddr_in);
before
  getsockname(getFd(), (struct sockaddr *)&myaddr, &addrlen);
in common/network/TcpSocket.cxx, and then
  xvnc4viewer -via target localhost:1
works for me.

The attachment "TcpSocket.cxx.patch" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-sponsors please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

tags: added: patch
ftoperso (ftoperso) wrote :

same problem with
xvncviewer -listen
vncviewer -listen

Download full text (5.6 KiB)

I believe I'm experiencing the same bug. On a fresh install of Ubuntu 11.10 on a Dell Dimension 2400, using xvnc4viewer (in listen mode) I got the following output when accepting a reverse connection from another PC:

vncviewer -listen

VNC Viewer Free Edition 4.1.1 for X - built Sep 7 2011 11:20:11
Copyright (C) 2002-2005 RealVNC Ltd.
See http://www.realvnc.com for information on VNC.

Fri Nov 18 04:09:13 2011
 main: Listening on port 5500

Fri Nov 18 04:09:17 2011
 CConn: Accepted connection from 0.0.0.0::55083
*** stack smashing detected ***: vncviewer terminated
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(__fortify_fail+0x45)[0x32b8d5]
/lib/i386-linux-gnu/libc.so.6(+0xe7887)[0x32b887]
vncviewer[0x8082f91]
vncviewer[0x807e534]
vncviewer[0x805064b]
vncviewer[0x805a056]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0x25d113]
vncviewer[0x804c6b1]
======= Memory map: ========
00110000-00121000 r-xp 00000000 08:01 1444223 /usr/lib/i386-linux-gnu/libXext.so.6.4.0
00121000-00122000 r--p 00010000 08:01 1444223 /usr/lib/i386-linux-gnu/libXext.so.6.4.0
00122000-00123000 rw-p 00011000 08:01 1444223 /usr/lib/i386-linux-gnu/libXext.so.6.4.0
00123000-00126000 r-xp 00000000 08:01 655025 /lib/i386-linux-gnu/libdl-2.13.so
00126000-00127000 r--p 00002000 08:01 655025 /lib/i386-linux-gnu/libdl-2.13.so
00127000-00128000 rw-p 00003000 08:01 655025 /lib/i386-linux-gnu/libdl-2.13.so
00128000-0012a000 r-xp 00000000 08:01 1444213 /usr/lib/i386-linux-gnu/libXau.so.6.0.0
0012a000-0012b000 r--p 00001000 08:01 1444213 /usr/lib/i386-linux-gnu/libXau.so.6.0.0
0012b000-0012c000 rw-p 00002000 08:01 1444213 /usr/lib/i386-linux-gnu/libXau.so.6.0.0
0012c000-00135000 r-xp 00000000 08:01 1444235 /usr/lib/i386-linux-gnu/libXrender.so.1.3.0
00135000-00136000 r--p 00008000 08:01 1444235 /usr/lib/i386-linux-gnu/libXrender.so.1.3.0
00136000-00137000 rw-p 00009000 08:01 1444235 /usr/lib/i386-linux-gnu/libXrender.so.1.3.0
00226000-00242000 r-xp 00000000 08:01 655035 /lib/i386-linux-gnu/libgcc_s.so.1
00242000-00243000 r--p 0001b000 08:01 655035 /lib/i386-linux-gnu/libgcc_s.so.1
00243000-00244000 rw-p 0001c000 08:01 655035 /lib/i386-linux-gnu/libgcc_s.so.1
00244000-003ba000 r-xp 00000000 08:01 655014 /lib/i386-linux-gnu/libc-2.13.so
003ba000-003bc000 r--p 00176000 08:01 655014 /lib/i386-linux-gnu/libc-2.13.so
003bc000-003bd000 rw-p 00178000 08:01 655014 /lib/i386-linux-gnu/libc-2.13.so
003bd000-003c0000 rw-p 00000000 00:00 0
00421000-0043f000 r-xp 00000000 08:01 655001 /lib/i386-linux-gnu/ld-2.13.so
0043f000-00440000 r--p 0001d000 08:01 655001 /lib/i386-linux-gnu/ld-2.13.so
00440000-00441000 rw-p 0001e000 08:01 655001 /lib/i386-linux-gnu/ld-2.13.so
004b0000-004b4000 r-xp 00000000 08:01 1444225 /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0
004b4000-004b5000 r--p 00003000 08:01 1444225 /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0
004b5000-004b6000 rw-p 00004000 08:01 1444225 /usr/lib/i386-linux-gnu/libXfixes.so.3.1.0
004e4000-0050c000 r-xp 00000000 08:01 655044 /lib/i386-linux-gnu/libm-2.13.so
0050c000-0050d000 r--p 00028000...

Read more...

jp.fox (jp.fox) wrote :

Is someone having a temporary solution to get incoming VNC connection on 5500 port ?

Andrzej (ndrwrdck) wrote :

@jp.fox, apparently recompiling vncviewer with a gcc option -fno-stack-protector should "fix" that. Unfortunately the vncviewer build system is rather unusual. Let me know if you have any success with compilation.

Raúl Porcel (armin76) wrote :

Hi, for those in need of a working VNC, may want to have a look at tigervnc while this bug gets fixed... http://www.tigervnc.com/ Tigervnc is simply a fork of RealVNC.

In fact if you google, you may even find a debian/ubuntu repository, anyway on their webpage there are binaries available...

dargaud (dargaud) wrote :

As an alternative, install xtightvncviewer from the standard repository and run "xtightvncviewer localhost:0" instead of "vncviewer localhost:0"

Alkis Georgopoulos (alkisg) wrote :

Same problem with `xvnc4viewer -listen` on Precise/amd64.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vnc4 - 4.1.1+xorg4.3.0-37ubuntu4

---------------
vnc4 (4.1.1+xorg4.3.0-37ubuntu4) precise; urgency=low

  * Reinitialize addrlen to avoid stack smashing (LP: #845855).
    Patch by Kazuhiro NISHIYAMA.
 -- Alkis Georgopoulos <email address hidden> Sun, 05 Feb 2012 19:08:14 +0200

Changed in vnc4 (Ubuntu):
status: Confirmed → Fix Released
Alkis Georgopoulos (alkisg) wrote :

Users looking for a backport may find one in the Epoptes stable PPA:
https://code.launchpad.net/~epoptes/+archive/ppa/

If some of the persons that commented on this bug discovers that his symptoms were caused by something else, please file separate bug reports.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers