Source: bamtools Version: 2.5.2+dfsg-4 Severity: normal Dear Maintainer,
In Ubuntu the autopkgtest fails due to the buffer overflow detected[1] with the following stack trace: (gdb) where #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 #1 0x000003fff789fd56 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78 #2 0x000003fff784ba90 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0x000003fff782b4cc in __GI_abort () at abort.c:79 #4 0x000003fff78921f8 in __libc_message_impl (fmt=fmt@entry=0x3fff79a428e "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:132 #5 0x000003fff792a50c in __GI___fortify_fail (msg=msg@entry=0x3fff79a424a "buffer overflow detected") at fortify_fail.c:24 #6 0x000003fff7929d38 in __GI___chk_fail () at chk_fail.c:28 #7 0x000003fff792adae in __GI___memcpy_chk (dstpp=dstpp@entry=0x2aa000ab261, srcpp=srcpp@entry=0x3ffffff99b4, len=len@entry=4, dstlen=dstlen@entry=3) at memcpy_chk.c:27 #8 0x000003fff7e2b6ba in memcpy (__len=4, __src=0x3ffffff99b4, __dest=0x2aa000ab261) at /usr/include/s390x-linux- gnu/bits/string_fortified.h:29 #9 BamTools::SwapEndian_32p (data=0x2aa000ab261 "") at /usr/src/bamtools-2.5.2+dfsg-5/src/api/BamAux.h:229 #10 BamTools::Internal::BamWriterPrivate::WriteAlignment (this=0x2aa000890d0, al=...) at /usr/src/bamtools-2.5.2+dfsg-5/src/api/internal/bam/BamWriter_p.cpp:353 #11 0x000003fff7e1445c in BamTools::Internal::BamWriterPrivate::SaveAlignment (al=..., this=0x2aa000890d0) at /usr/src/bamtools-2.5.2+dfsg-5/src/api/internal/bam/BamWriter_p.cpp:263 #12 BamTools::BamWriter::SaveAlignment (this=<optimized out>, alignment=...) at /usr/src/bamtools-2.5.2+dfsg-5/src/api/BamWriter.cpp:131 #13 0x000002aa00035f08 in BamTools::RevertTool::RevertToolPrivate::Run() () #14 0x000002aa0003e3fe in BamTools::RevertTool::Run(int, char**) () #15 0x000002aa0001017a in main () (gdb) print i $1 = 17 This is due to the write loop in src/api/internal/bam/BamWriter_p.cpp using single byte instead of sizeof(uint32_t) increment to swap bytes in the integer data. The output file on s390x is corrupted. [1] https://objectstorage.prodstack5.canonical.com/swift/v1/AUTH_0f9aae918d5b4744bf7b827671c86842/autopkgtest- oracular/oracular/s390x/b/bamtools/20240701_175546_4de2a@/log.gz -- System Information: Debian Release: trixie/sid APT prefers noble-updates APT policy: (500, 'noble-updates'), (500, 'noble-security'), (500, 'noble'), (100, 'noble-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.8.0-36-generic (SMP w/32 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
