[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#659415: marked as done (telnet: assertion failure on ring buffer overflow)

Your message dated Sat, 04 Mar 2023 21:48:59 +0000
with message-id <E1pYZkR-00FwHl-68@fasolo.debian.org>
and subject line Bug#659415: fixed in netkit-telnet-ssl 0.17.41+really0.17-4
has caused the Debian Bug report #659415,
regarding telnet: assertion failure on ring buffer overflow
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
659415: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659415
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: telnet
Version: 0.17-36
Severity: normal
Tags: patch

Assertion in ring.cc is too tigh causing abort() to be called on ring buffer
overflow.

A way to reproduce the bug:

$ nc -l -p 4444 | sleep 100000 &

$ telnet 127.0.0.1 4444 </dev/zero
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.


telnet: buffer overflow, losing data, sorry
telnet: ring.cc:143: int ringbuf::flush(): Assertion `top-bot > 0 && top-bot <=
count' failed.
zsh: abort (core dumped)  telnet 127.0.0.1 4444 < /dev/zero



-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.1.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=pl_PL.utf8, LC_CTYPE=pl_PL.utf8 (charmap=UTF-8) (ignored: LC_ALL set to pl_PL.utf8)
Shell: /bin/sh linked to /bin/dash

Versions of packages telnet depends on:
ii  libc6        2.13-26
ii  libgcc1      1:4.6.2-12
ii  libncurses5  5.9-4
ii  libstdc++6   4.6.2-12
ii  netbase      4.47

telnet recommends no packages.

telnet suggests no packages.

-- no debconf information

--- netkit-telnet-0.17/telnet/ring.cc	2012-02-10 22:50:42.000000000 +0100
+++ ring.cc	2012-02-10 22:49:54.000000000 +0100
@@ -138,11 +138,11 @@
     while (count > 0) {
 	int bot = tail;
 	int top = head;
 	if (top < bot) top = size;
 	if (marked > bot) top = marked;
-	assert(top-bot > 0 && top-bot <= count);
+	assert(top-bot >= 0 && top-bot <= count);
 
 	int n;
 	if (marked==bot) n = binding->writeurg(buf+bot, top-bot);
 	else n = binding->write(buf+bot, top-bot);
 	if (n < 0) { busy=0; return -2; }

--- End Message ---
--- Begin Message --- 
Source: netkit-telnet-ssl
Source-Version: 0.17.41+really0.17-4
Done: Bastian Germann <bage@debian.org>

We believe that the bug you reported is fixed in the latest version of
netkit-telnet-ssl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 659415@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastian Germann <bage@debian.org> (supplier of updated netkit-telnet-ssl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 04 Mar 2023 22:36:56 +0100
Source: netkit-telnet-ssl
Architecture: source
Version: 0.17.41+really0.17-4
Distribution: unstable
Urgency: high
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Bastian Germann <bage@debian.org>
Closes: 659415
Changes:
 netkit-telnet-ssl (0.17.41+really0.17-4) unstable; urgency=high
 .
   * QA upload.
 .
   [ Marcos Marado ]
   * Fix ring buffer overflow. (Closes: #659415)
Checksums-Sha1:
 420bb6af20c1a8a63956f61555629058ecdd1f18 1772 netkit-telnet-ssl_0.17.41+really0.17-4.dsc
 63ac0891e71db6915f8884abf36540948d33b798 88584 netkit-telnet-ssl_0.17.41+really0.17-4.debian.tar.xz
 73d40adc63997f18f9afdbb8b00e403e6f1e020e 6172 netkit-telnet-ssl_0.17.41+really0.17-4_source.buildinfo
Checksums-Sha256:
 bf54872e8c67bcff15f50b43ba2b883e5872ca156ad2ac54ed7c77a66bd60123 1772 netkit-telnet-ssl_0.17.41+really0.17-4.dsc
 6ecf88a521f693cded55eb2f54c0827edef3297e87b6e0e95ea479ae5880cba3 88584 netkit-telnet-ssl_0.17.41+really0.17-4.debian.tar.xz
 ffa863035192b37f096e2869d7de4def3b39dd6030f13ca6eaff5327dc82bba8 6172 netkit-telnet-ssl_0.17.41+really0.17-4_source.buildinfo
Files:
 88def26eecfe6fe0a3d7c7b8f50e3f2a 1772 net optional netkit-telnet-ssl_0.17.41+really0.17-4.dsc
 791d7cd26ddd28fff13506230c854b19 88584 net optional netkit-telnet-ssl_0.17.41+really0.17-4.debian.tar.xz
 5bdc8ea5015b4ebc09befcd1891a2409 6172 net optional netkit-telnet-ssl_0.17.41+really0.17-4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmQDuokQHGJhZ2VAZGVi
aWFuLm9yZwAKCRAfXHqLRVZDFHCQDADJspLNF30Rsau57QULBpEbhSZtcRGPLe0R
Q6hlVNOBDe4Lhqs81FsVjZRvfWMY3pkzZ5/PqTLHJsM6XpoueAwcPsNdN8YflyU/
yVICMVsE8idC9IIDTRv44Ix4ymDsGJ8rt1ZjmIONSFpyOjtzN2xReEruBdFpqJ0b
W4aegjrxwGiPb97Ood9B0TOhgV6OREFSuKS6USct8c1bx3NRZDe1sxcYC7xZZHvg
0oVKfsAM7aQvNLvvJn4Vi6qWJDkNUMMkd3RdvIlPKIE+SJVsY+DzslQcLbVGZ3J4
v0wNqMz1uCzmuGpfbJ3tZHqmaOCMtvHPscufJJ9YkdiXEo5NEFcCPB2ySSLe5oWb
3ycbzrxCDZMZRwdl+61Rbh4HcGZPkqW/UXchXHm15+g6gYSrq6utRsalGpfwp5vn
0SepKN6coZM3dneFfitWfoGxKVf7b7ZOL633o+eYZfB72XSdh3rsZ1gXLPNq/n1r
THgKrQKo6IsDPA5Sp8Bh03NEwQzhoO8=
=AUho
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: