Bug#520920: texlive-base-bin: bibtex crashes on realloc (invalid next size)

To: Vincent Lefevre <vincent@vinc17.org>, 520920@bugs.debian.org
Subject: Bug#520920: texlive-base-bin: bibtex crashes on realloc (invalid next size)
From: Hilmar Preusse <hille42@web.de>
Date: Thu, 26 Mar 2009 14:07:08 +0100
Message-id: <20090326130707.GA5892@PC23>
Reply-to: Hilmar Preusse <hille42@web.de>, 520920@bugs.debian.org
In-reply-to: <20090323155330.GA1323@vin.lip.ens-lyon.fr>
References: <20090323155330.GA1323@vin.lip.ens-lyon.fr>

On 23.03.09 Vincent Lefevre (vincent@vinc17.org) wrote:

Hi Vincent,

> Package: texlive-base-bin
> Version: 2007.dfsg.2-5
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> (Note: I suppose that there's some memory corruption, that can lead
> to security problems, hence the severity.)
> 
> I've got the following error with bibtex (someone else here
> mentioned the same problem on a different machine, but on the same
> set of files, possibly a slightly different version). Unfortenately
> I don't have a simple testcase (I'll try to make one, but this may
> be difficult), and the files are private.
> 
I can reproduce the problem using bibtex. Then I tried bibtex8 and
could generate a livre_fp.bbl file (blg file is attached). Do you
still assume it an "user security hole", which justifies the severity
"grave" or can you accept the work around and hence a lower severity?

H.
-- 
sigmentation fault

This is 8-bit Big BibTeX version 0.99c
Implementation:  C for Unix
Release version: 3.71 (31 May 2005)

The 8-bit codepage and sorting file: 88591lat.csf
The top-level auxiliary file: livre_fp.aux
A level-1 auxilliary file: ch_introduction.aux
A level-1 auxilliary file: ch_definitions.aux
A level-1 auxilliary file: ch_formats.aux
A level-1 auxilliary file: ch_smallalgs.aux
A level-1 auxilliary file: ch_fma.aux
A level-1 auxilliary file: ch_summation.aux
A level-1 auxilliary file: ch_languages.aux
A level-1 auxilliary file: ch_algorithms.aux
A level-1 auxilliary file: ch_hard.aux
A level-1 auxilliary file: ch_soft.aux
A level-1 auxilliary file: ch_elemfun.aux
A level-1 auxilliary file: ch_correctrounding.aux
A level-1 auxilliary file: ch_certifying.aux
A level-1 auxilliary file: ch_extending.aux
A level-1 auxilliary file: ch_nttools.aux
The style file: plain.bst
Database file #1: biblio.bib
Warning--empty institution in SebGou02
Warning--empty note in Gonnet2002
Warning--empty publisher in Newton1664
Warning--empty institution in SunInterval2002
Warning--empty note in May2008
Warning--empty note in Bernstein2001

Here's how much of BibTeX's memory you used:
 Cites:               405 out of 750
 Fields:             5394 out of 17250
 Hash table:         3854 out of 5000
 Strings:            2942 out of 4000
 String pool:       64883 out of 65530
 Wizard functions:   2118 out of 3000
(There were 6 warnings)

Reply to:

Follow-Ups:
- Bug#520920: texlive-base-bin: bibtex crashes on realloc (invalid next size)
  - From: Vincent Lefevre <vincent@vinc17.org>

References:
- Bug#520920: texlive-base-bin: bibtex crashes on realloc (invalid next size)
  - From: Vincent Lefevre <vincent@vinc17.org>

Prev by Date: Re: trigger question for tex-common
Next by Date: Bug#520920: texlive-base-bin: bibtex crashes on realloc (invalid next size)
Previous by thread: Processed: Re: Bug#520920: Acknowledgement (texlive-base-bin: bibtex crashes on realloc (invalid next size))
Next by thread: Bug#520920: texlive-base-bin: bibtex crashes on realloc (invalid next size)
Index(es):
- Date
- Thread