[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: wheezy/lts - segfault in xrdp after upgrade to 0.5.0-2+deb7u2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Frank,

You were faster than me, seems that you found the problem.

Probably I did not exercise this part of the source code in my tests,
thanks for the report and the provided patch.

I will apply your patch, run another round of tests and upload the
fixed version.

Cheers.

On Tue, 2017-12-12 at 14:13 +0100, Frank Richter wrote:
> Hi,
> 
> the following patch fixes the regression, at least for me:
> 
> --- a/sesman/libscp/libscp_v0.c	2017-12-12 14:07:58.000000000
> +0100
> +++ b/sesman/libscp/libscp_v0.c	2017-12-12 14:09:16.000000000
> +0100
> @@ -203,7 +203,7 @@
> 
>       /* reading username */
>       in_uint16_be(c->in_s, sz);
> -    buf[sz]=g_new0(char, sz);
> +    buf=g_new0(char, sz);
>       in_uint8a(c->in_s, buf, sz);
>   	buf[sz] = '\0';
>       if (0 != scp_session_set_username(session, buf))
> @@ -217,7 +217,7 @@
> 
>       /* reading password */
>       in_uint16_be(c->in_s, sz);
> -    buf[sz]=g_new0(char, sz);
> +    buf=g_new0(char, sz);
>       in_uint8a(c->in_s, buf, sz);
>   	buf[sz] = '\0';
>       if (0 != scp_session_set_password(session, buf))
> 
> 
> > Hi again,
> > 
> > > > > > After the update xrdp-sesman started to segfault in libscp:
> > > > 
> > > > Thanks for the report. I did not catch this segfault during my
> > > > tests.
> > > 
> > > Thanks for investigation.
> > > 
> > > I have a spare server with same configuration and will try to 
> > > reproduce the issue.
> > 
> > I can reproduce the error on this spare server.
> > 
> > I would like to provide a backtrace, but have difficulties building
> > a 
> > version with debug symbols included -- they get stripped, although
> > i did:
> > 
> > export DEB_BUILD_OPTIONS=nostrip,noopt
> > dpkg-buildpackage -rfakeroot -uc -us
> > 
> > I'm not a C developer and am a bit lost between all this autoconf-
> > stuff.
> > 
> > Is there another easy way to get a gdb-friendly version of libscp?
> > 
> > Best regards,
> > 
> > Frank.
> > 
> 
> 
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAlov2MEACgkQ+COicpiD
yXyGTA//ZaX2V4stxUNJPynz6O/O8CcSaXcZ99NHg7nUh8uqLYGOC/PteAzmGpx5
+rm3ojiQFyorg9ioIxy5zlJFJ54xjMiODQCK4OSze98jfJiltAxRJIOXZZvBFaTd
rSiutGpidvE5gujm064DjDXJAhbTeb+oaQBHnR9if05/at6y3tgcr+UAAHnsji8z
im368sMkg3c496QSRrBX9cUpVW5IJsTLj8Up0vvyoHhtDvQSrmPGipQKtwkMHsny
COabvVMYJDuOTQ+UYBnyJp5mKHbcZ67x0VpdsW9LNfAcOFZhdNzZW+NHa9yWnzSS
CGN3J+I7u48Erp1w8bnd482j1tdzNimw443lyLP98UTNj2znZao4RXz6ToQDPRA/
V07F9DQ9NbAvT37WejNjVj+5kg5D93L7opD6X6EbNTBQMXCYJ+i5p4eFjjIP/pdS
ShZ/qB0ZtBhKlUCYceLwfXpE80mfnITnyEKYlEuLZCwIpnnfdtF9FqTi9qUPZYh3
QuVJ/hA/Q6/7RxykFShqnIvO7VlQsmmQ0h7pj6Q+0Jc7eVjd7vUuHrenBJDzJ33a
+8wcaGwlR6FfK306hcbpcvJzGIeU6LYYDe412/RaFNCv9Qiz84A9gTWkCkpD1CNS
V3g8pQe76lx4KQtgnB9zOGqll0BBQNF/uq/kcI1b7b5mJtO8sOA=
=tXmx
-----END PGP SIGNATURE-----
Reply to: