Bug#260856: marked as done (xbase-clients: [xconsole] possible buffer overrun due to unchecked return from read())

To: Stéphane Aulery <lkppo@free.fr>
Subject: Bug#260856: marked as done (xbase-clients: [xconsole] possible buffer overrun due to unchecked return from read())
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sun, 06 Apr 2014 19:48:11 +0000
Message-id: <[🔎] handler.260856.D260856.13968135601303.ackdone@bugs.debian.org>
References: <[🔎] 20140406204312.GB9360@free.fr> <20040722152226.GT7144@lysator.liu.se>

Your message dated Sun, 6 Apr 2014 22:43:12 +0200
with message-id <[🔎] 20140406204312.GB9360@free.fr>
and subject line xbase-clients: [xconsole] possible buffer overrun due to
has caused the Debian Bug report #260856,
regarding xbase-clients: [xconsole] possible buffer overrun due to unchecked return from read()
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
260856: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=260856
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: [xconsole] possible buffer error
From: Tommy Pettersson <ptp@lysator.liu.se>
Date: Thu, 22 Jul 2004 17:22:26 +0200
Message-id: <20040722152226.GT7144@lysator.liu.se>

Package: xbase-clients
Version: 4.3.0
Severity: minor
Tags: patch

Well, I do not know for sure that this error ever happens,
but it looks like it could, and than will have some bad
implications.

Sometimes I get screwed up lines in xconsole that are not
in any of the /var/foolog files.  I hope this patch will
fix that.  It is just trial and error, but the code I found
looks so wrong that I decided to send in the patch anyway.

In inputReady() there is a test on the returned value from
read(), and a code block that is executed on error.  There is
a path through that block where the function may continue with
inappropriate values, in the worst case indexing outside an
array on the stack.


diff -rN -u xconsole-old/xconsole.c xconsole-new/xconsole.c
--- xconsole-old/xconsole.c     Thu Jul 22 17:04:15 2004
+++ xconsole-new/xconsole.c     Thu Jul 22 15:45:27 2004
@@ -469,8 +469,14 @@
        {
            OpenConsole();
        }
+       else
+       {
+           TextAppend (text, "I/O Error: All input stopped!\n", 30);
+       }
 
+       return;
     }
+
     Notify ();
     buffer[n] = '\0';
     if (app_resources.stripNonprint)


-- 
Tommy Pettersson <ptp@lysator.liu.se>

--- End Message ---

--- Begin Message ---

To: 260856@bugs.debian.org, control@bugs.debian.org

Cc: 260856-done@bugs.debian.org

Subject: xbase-clients: [xconsole] possible buffer overrun due to

From: Stéphane Aulery <lkppo@free.fr>

Date: Sun, 6 Apr 2014 22:43:12 +0200

Message-id: <[🔎] 20140406204312.GB9360@free.fr>
unchecked return from read()

fixed 260856 x11-apps/0.1
stop

See

http://cgit.freedesktop.org/xorg/app/xconsole/commit/?id=219ef4e86f05e7a473e399c5188efdb7f16f31f1

and

https://bugs.freedesktop.org/show_bug.cgi?id=77095
--- End Message ---

Reply to:

References:
- Bug#260856: xbase-clients: [xconsole] possible buffer overrun due to
  - From: Stéphane Aulery <lkppo@free.fr>

Prev by Date: Processed (with 1 errors): xbase-clients: [xconsole] possible buffer overrun due to
Next by Date: Bug#505891: xmessage: -title option isn't documented
Previous by thread: Processed (with 1 errors): xbase-clients: [xconsole] possible buffer overrun due to
Next by thread: Bug#505891: xmessage: -title option isn't documented
Index(es):
- Date
- Thread