Bug#779397: marked as done (xterm: buffer overflow with -S option)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sat, 28 Feb 2015 18:51:13 +0100
with message-id <87oaod53hq.fsf@turtle.gmx.de>
and subject line Re: Bug#779397: xterm: buffer overflow with -S option
has caused the Debian Bug report #779397,
regarding xterm: buffer overflow with -S option
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
779397: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779397
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: xterm: buffer overflow with -S option
• From: Vincent Lefevre <vincent@vinc17.net>
• Date: Sat, 28 Feb 2015 03:37:53 +0100
• Message-id: <[🔎] 20150228023752.GA23731@xvii.vinc17.org>

Package: xterm
Version: 312-1
Severity: important
Tags: security

$ xterm -S/dev/pts/20
*** buffer overflow detected ***: /usr/bin/xterm terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x731ff)[0x7f4de0b1b1ff]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f4de0b9e4c7]
/lib/x86_64-linux-gnu/libc.so.6(+0xf46e0)[0x7f4de0b9c6e0]
/lib/x86_64-linux-gnu/libc.so.6(__stpncpy_chk+0x0)[0x7f4de0b9bb40]
/usr/bin/xterm[0x408eb0]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7f4de0ac9b45]
/usr/bin/xterm[0x408f9c]
======= Memory map: ========
[...]

Not sure whether this is a security issue, but a buffer overflow
looks really wrong...

-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages xterm depends on:
ii  libc6           2.19-15
ii  libfontconfig1  2.11.0-6.3
ii  libice6         2:1.0.9-1+b1
ii  libtinfo5       5.9+20140913-1+b1
ii  libutempter0    1.1.5-4
ii  libx11-6        2:1.6.2-3
ii  libxaw7         2:1.0.12-2+b1
ii  libxft2         2.3.2-1
ii  libxmu6         2:1.1.2-1
ii  libxpm4         1:3.5.11-1+b1
ii  libxt6          1:1.1.4-1+b1
ii  xbitmaps        1.1.1-2

Versions of packages xterm recommends:
ii  x11-utils  7.7+2

Versions of packages xterm suggests:
pn  xfonts-cyrillic  <none>

-- no debconf information

--- End Message ---

--- Begin Message ---

• To: Thomas Dickey <dickey@his.com>
• Cc: 779397-done@bugs.debian.org, Vincent Lefevre <vincent@vinc17.net>
• Subject: Re: Bug#779397: xterm: buffer overflow with -S option
• From: Sven Joachim <svenjoac@gmx.de>
• Date: Sat, 28 Feb 2015 18:51:13 +0100
• Message-id: <87oaod53hq.fsf@turtle.gmx.de>
• In-reply-to: <[🔎] 20150228123726.GA4572@aerie.jexium-island.net> (Thomas Dickey's message of "Sat, 28 Feb 2015 07:37:27 -0500")
• References: <[🔎] 20150228023752.GA23731@xvii.vinc17.org> <[🔎] 20150228123726.GA4572@aerie.jexium-island.net>

Package: xterm
Version: 314-1

On 2015-02-28 13:37 +0100, Thomas Dickey wrote:

> On Sat, Feb 28, 2015 at 03:37:53AM +0100, Vincent Lefevre wrote:
>> Package: xterm
>> Version: 312-1
>> Severity: important
>> Tags: security
>> 
>> $ xterm -S/dev/pts/20
>> *** buffer overflow detected ***: /usr/bin/xterm terminated
>
> This was fixed in #314, two months ago.

Thanks.  For the package in jessie/sid, I suppose I would have to apply
the passedPty related changes in main.c, right?

Cheers,
       Sven

--- End Message ---