Bug#858178: marked as done (uuidcdef: buffer overflow)
Your message dated Sun, 21 May 2017 18:49:22 +0000
with message-id <E1dCVus-00067S-Nj@fasolo.debian.org>
and subject line Bug#858178: fixed in xplc 0.3.13-7
has caused the Debian Bug report #858178,
regarding uuidcdef: buffer overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
858178: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858178
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: uuidcdef: buffer overflow
- From: Christian Buhtz <c.buhtz@posteo.jp>
- Date: Sun, 19 Mar 2017 13:45:36 +0100
- Message-id: <148992753692.2635.17780867249027590622.reportbug@localhost>
Package: uuidcdef
Version: 0.3.13-6
Severity: normal
Dear Maintainer,
I simply tried to run "uuidcdef" and got this output.
user@TONNE:/etc$ uuidcdef
*** buffer overflow detected ***: uuidcdef terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7fcfa7284bcb]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7fcfa730d0b7]
/lib/x86_64-linux-gnu/libc.so.6(+0xf71f0)[0x7fcfa730b1f0]
/lib/x86_64-linux-gnu/libc.so.6(+0xf67a9)[0x7fcfa730a7a9]
/lib/x86_64-linux-gnu/libc.so.6(_IO_default_xsputn+0xac)[0x7fcfa7288bdc]
/lib/x86_64-linux-gnu/libc.so.6(_IO_vfprintf+0x789)[0x7fcfa725b4a9]
/lib/x86_64-linux-gnu/libc.so.6(__vsprintf_chk+0x8c)[0x7fcfa730a83c]
/lib/x86_64-linux-gnu/libc.so.6(__sprintf_chk+0x7d)[0x7fcfa730a78d]
uuidcdef(+0xd5b)[0x563bec86bd5b]
uuidcdef(+0xa7b)[0x563bec86ba7b]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7fcfa72342b1]
uuidcdef(+0xad9)[0x563bec86bad9]
======= Memory map: ========
563bec86b000-563bec86d000 r-xp 00000000 08:01 95421035
/usr/bin/uuidcdef
563beca6c000-563beca6d000 r--p 00001000 08:01 95421035
/usr/bin/uuidcdef
563beca6d000-563beca6e000 rw-p 00002000 08:01 95421035
/usr/bin/uuidcdef
563becad6000-563becaf7000 rw-p 00000000 00:00 0 [heap]
7fcfa6df8000-7fcfa6e0e000 r-xp 00000000 08:01 95683143
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fcfa6e0e000-7fcfa700d000 ---p 00016000 08:01 95683143
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fcfa700d000-7fcfa700e000 r--p 00015000 08:01 95683143
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fcfa700e000-7fcfa700f000 rw-p 00016000 08:01 95683143
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fcfa700f000-7fcfa7013000 r-xp 00000000 08:01 95682770
/lib/x86_64-linux-gnu/libuuid.so.1.3.0
7fcfa7013000-7fcfa7212000 ---p 00004000 08:01 95682770
/lib/x86_64-linux-gnu/libuuid.so.1.3.0
7fcfa7212000-7fcfa7213000 r--p 00003000 08:01 95682770
/lib/x86_64-linux-gnu/libuuid.so.1.3.0
7fcfa7213000-7fcfa7214000 rw-p 00004000 08:01 95682770
/lib/x86_64-linux-gnu/libuuid.so.1.3.0
7fcfa7214000-7fcfa73a9000 r-xp 00000000 08:01 95688887
/lib/x86_64-linux-gnu/libc-2.24.so
7fcfa73a9000-7fcfa75a8000 ---p 00195000 08:01 95688887
/lib/x86_64-linux-gnu/libc-2.24.so
7fcfa75a8000-7fcfa75ac000 r--p 00194000 08:01 95688887
/lib/x86_64-linux-gnu/libc-2.24.so
7fcfa75ac000-7fcfa75ae000 rw-p 00198000 08:01 95688887
/lib/x86_64-linux-gnu/libc-2.24.so
7fcfa75ae000-7fcfa75b2000 rw-p 00000000 00:00 0
7fcfa75b2000-7fcfa75d5000 r-xp 00000000 08:01 95686995
/lib/x86_64-linux-gnu/ld-2.24.so
7fcfa77a8000-7fcfa77ab000 rw-p 00000000 00:00 0
7fcfa77d1000-7fcfa77d5000 rw-p 00000000 00:00 0
7fcfa77d5000-7fcfa77d6000 r--p 00023000 08:01 95686995
/lib/x86_64-linux-gnu/ld-2.24.so
7fcfa77d6000-7fcfa77d7000 rw-p 00024000 08:01 95686995
/lib/x86_64-linux-gnu/ld-2.24.so
7fcfa77d7000-7fcfa77d8000 rw-p 00000000 00:00 0
7ffc8c9bd000-7ffc8c9de000 rw-p 00000000 00:00 0
[stack]
7ffc8c9ed000-7ffc8c9ef000 r--p 00000000 00:00 0 [vvar]
7ffc8c9ef000-7ffc8c9f1000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
[vsyscall]
Abgebrochen
And by the way: The manpage mentioned the existence of "uuidgen". But it is not
in the system.
kind
-- System Information:
Debian Release: 9.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.10.4-towo.1-siduction-amd64 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages uuidcdef depends on:
ii libc6 2.24-9
ii libuuid1 2.29.1-1
uuidcdef recommends no packages.
uuidcdef suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: xplc
Source-Version: 0.3.13-7
We believe that the bug you reported is fixed in the latest version of
xplc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 858178@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Reiner Herrmann <reiner@reiner-h.de> (supplier of updated xplc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 21 May 2017 19:06:24 +0200
Source: xplc
Binary: libxplc0.3.13 libxplc0.3.13-dev uuidcdef
Architecture: source
Version: 0.3.13-7
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Reiner Herrmann <reiner@reiner-h.de>
Description:
libxplc0.3.13 - Light weight component system
libxplc0.3.13-dev - Light weight component system (Development libraries and headers)
uuidcdef - Universally Unique Identifier (UUID) generator
Closes: 858178
Changes:
xplc (0.3.13-7) unstable; urgency=medium
.
* QA upload.
* Fix buffer overflow in uuidcdef.
Thanks to Chris West <solo-debianbugs@goeswhere.com> (Closes: #858178)
* Mark other patches as forwarded.
Checksums-Sha1:
ba4824a258f1980a3876d244473ebb6d36c347e1 1973 xplc_0.3.13-7.dsc
43864f36638d4a1065396159b483b3f9485d5ca7 6276 xplc_0.3.13-7.debian.tar.xz
f48bdc2d477a7ddea009833840c321d7ad28c9f5 6521 xplc_0.3.13-7_amd64.buildinfo
Checksums-Sha256:
a9f677df1eeba8bdbebce936920325c4dd0d972c6ea1d0c6e120fbfca1c4a87a 1973 xplc_0.3.13-7.dsc
fb64fd57b6370c065f3533279ad938f226174cb7291dbcfe806e2eabb3cfdf5a 6276 xplc_0.3.13-7.debian.tar.xz
4c2535ed144109395c89e416ae9a1a9da4b09602fe3d3d64c0bc9e8d2edd14aa 6521 xplc_0.3.13-7_amd64.buildinfo
Files:
56c4662c57cb6c887a8955550fd13401 1973 libs optional xplc_0.3.13-7.dsc
5c73c8d8909d3cf6eae65f948973b871 6276 libs optional xplc_0.3.13-7.debian.tar.xz
283054ef3dbc3763d3ec5102fe04056f 6521 libs optional xplc_0.3.13-7_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlkh3B4ACgkQCBa54Yx2
K62sZxAApVzC5VOfu8yTMtabU2fyD27XnhH8SkXRi9UMdXi91NoeTS9rVTSdfK82
0gELeWQe5Lc7hvWymdHBfUSjW/SzLIXok4B4p6VjwLZknuZJ0n1tct+GbjuV3JKL
EksWYooRZTM00vovSTacY5klAh9GssFy9nNCtcXQraH89S0CUD1ik2TqcFVAc/v4
DOjmoD5zG186FjAl3AJ+jEw8mey7p7nJATc5F3/YX76IcJE/H3N/x2nlmtNzUotR
MjM7zpGAaJ79Xmr6hsPAFil8fT94/MCyWhVKMdYuE1Bua/7rjzetIfnJr7A7GYLo
H3bl+BTdctTDoskqSGqN+tQnL0k/uCKcOl5Lu1Bejco4Bic/4dHPRGXKE2dBz2fR
sNZKoOBRZb29MyTiOKMWUcpc9I+Teu+aMg76ic+x+gyeJgzdsNT2N7CfI60EgKZS
hG5m04I35LrzX7YNsF5QSpHJxrnIE4Z3vk2tPfhijz+Px8yrUV6Yp3KNnKWe+5u8
nF++OYa9kaolrYnGee8/0b/PyBn96XsvJgQ3fIv2a96TjlDfqSYL4I5HDK9FsApg
yAonl6n61wVJVRrI9aahTgedjFxrdJGyvG+dipOHi4MiUApZvAXT+iVk2xQYr41S
qI/usJOpSq1RWwVWxBN8yJOmESWIptb8jPGbsoGt7paBPB37p0M=
=xm+y
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: