(While intrepid's version technically works, if it were recompiled for
another SRU, it would fail. For now, in the interests of minimal
changes and no regressions, intrepid can be skipped.)
** Changed in: nvram-wakeup (Ubuntu Jaunty)
Status: Triaged => In Progress
** Changed in: nvram-wakeup (Ubuntu Intrepid)
Status: Triaged => In Progress
** Description changed:
Binary package hint: nvram-wakeup
nvram-wakeup 0.97-14lenny1 triggers buffer overflow protection (fortify?):
+ SRU STATEMENT: Package does not function at all on Intrepid and Jaunty,
fixing the overflow solves this.
+ ADDRESSED: buffer overflow was identified and fixed.
+ REPRODUCE: sudo nvram-wakeup -A -C /etc/nvram-wakeup.conf --settime
1441154840
+ REGRESSION POTENTIAL: none -- the package does not work at all currently.
+
+
/usr/sbin/nvram-wakeup -A -C /etc/nvram-wakeup.conf --settime
1241154840
*** buffer overflow detected ***: /usr/sbin/nvram-wakeup terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7f24da8]
/lib/tls/i686/cmov/libc.so.6[0xb7f22eb0]
/lib/tls/i686/cmov/libc.so.6[0xb7f225a8]
/lib/tls/i686/cmov/libc.so.6(_IO_default_xsputn+0xc8)[0xb7e94bb8]
/lib/tls/i686/cmov/libc.so.6(_IO_vfprintf+0x6f3)[0xb7e66f23]
/lib/tls/i686/cmov/libc.so.6(__vsprintf_chk+0xa4)[0xb7f22654]
/lib/tls/i686/cmov/libc.so.6(__sprintf_chk+0x2d)[0xb7f2259d]
/usr/sbin/nvram-wakeup[0x80522b9]
/usr/sbin/nvram-wakeup[0x80499ab]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7e3d775]
/usr/sbin/nvram-wakeup[0x8048d71]
======= Memory map: ========
08048000-0805f000 r-xp 00000000 08:02 783832 /usr/sbin/nvram-wakeup
0805f000-08060000 r--p 00016000 08:02 783832 /usr/sbin/nvram-wakeup
08060000-08061000 rw-p 00017000 08:02 783832 /usr/sbin/nvram-wakeup
08966000-08987000 rw-p 08966000 00:00 0 [heap]
b7e17000-b7e24000 r-xp 00000000 08:02 589901 /lib/libgcc_s.so.1
b7e24000-b7e25000 r--p 0000c000 08:02 589901 /lib/libgcc_s.so.1
b7e25000-b7e26000 rw-p 0000d000 08:02 589901 /lib/libgcc_s.so.1
b7e26000-b7e27000 rw-p b7e26000 00:00 0
b7e27000-b7f83000 r-xp 00000000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f83000-b7f84000 ---p 0015c000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f84000-b7f86000 r--p 0015c000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f86000-b7f87000 rw-p 0015e000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f87000-b7f8a000 rw-p b7f87000 00:00 0
b7f9d000-b7f9f000 rw-p b7f9d000 00:00 0
b7f9f000-b7fa0000 r-xp b7f9f000 00:00 0 [vdso]
b7fa0000-b7fbc000 r-xp 00000000 08:02 589858 /lib/ld-2.9.so
b7fbc000-b7fbd000 r--p 0001b000 08:02 589858 /lib/ld-2.9.so
b7fbd000-b7fbe000 rw-p 0001c000 08:02 589858 /lib/ld-2.9.so
bfca9000-bfcbe000 rw-p bffeb000 00:00 0 [stack]
Aborted
temporary workaround: compile with -D_FORTIFY_SOURCE=0 -fno-stack-
protector
** Changed in: nvram-wakeup (Ubuntu Intrepid)
Assignee: (unassigned) => Kees Cook (kees)
** Changed in: nvram-wakeup (Ubuntu Jaunty)
Assignee: (unassigned) => Kees Cook (kees)
** Description changed:
Binary package hint: nvram-wakeup
nvram-wakeup 0.97-14lenny1 triggers buffer overflow protection (fortify?):
SRU STATEMENT: Package does not function at all on Intrepid and Jaunty,
fixing the overflow solves this.
ADDRESSED: buffer overflow was identified and fixed.
- REPRODUCE: sudo nvram-wakeup -A -C /etc/nvram-wakeup.conf --settime
1441154840
+ TEST CASE: sudo nvram-wakeup -A -C /etc/nvram-wakeup.conf --settime
1441154840
REGRESSION POTENTIAL: none -- the package does not work at all currently.
/usr/sbin/nvram-wakeup -A -C /etc/nvram-wakeup.conf --settime
1241154840
*** buffer overflow detected ***: /usr/sbin/nvram-wakeup terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7f24da8]
/lib/tls/i686/cmov/libc.so.6[0xb7f22eb0]
/lib/tls/i686/cmov/libc.so.6[0xb7f225a8]
/lib/tls/i686/cmov/libc.so.6(_IO_default_xsputn+0xc8)[0xb7e94bb8]
/lib/tls/i686/cmov/libc.so.6(_IO_vfprintf+0x6f3)[0xb7e66f23]
/lib/tls/i686/cmov/libc.so.6(__vsprintf_chk+0xa4)[0xb7f22654]
/lib/tls/i686/cmov/libc.so.6(__sprintf_chk+0x2d)[0xb7f2259d]
/usr/sbin/nvram-wakeup[0x80522b9]
/usr/sbin/nvram-wakeup[0x80499ab]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7e3d775]
/usr/sbin/nvram-wakeup[0x8048d71]
======= Memory map: ========
08048000-0805f000 r-xp 00000000 08:02 783832 /usr/sbin/nvram-wakeup
0805f000-08060000 r--p 00016000 08:02 783832 /usr/sbin/nvram-wakeup
08060000-08061000 rw-p 00017000 08:02 783832 /usr/sbin/nvram-wakeup
08966000-08987000 rw-p 08966000 00:00 0 [heap]
b7e17000-b7e24000 r-xp 00000000 08:02 589901 /lib/libgcc_s.so.1
b7e24000-b7e25000 r--p 0000c000 08:02 589901 /lib/libgcc_s.so.1
b7e25000-b7e26000 rw-p 0000d000 08:02 589901 /lib/libgcc_s.so.1
b7e26000-b7e27000 rw-p b7e26000 00:00 0
b7e27000-b7f83000 r-xp 00000000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f83000-b7f84000 ---p 0015c000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f84000-b7f86000 r--p 0015c000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f86000-b7f87000 rw-p 0015e000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f87000-b7f8a000 rw-p b7f87000 00:00 0
b7f9d000-b7f9f000 rw-p b7f9d000 00:00 0
b7f9f000-b7fa0000 r-xp b7f9f000 00:00 0 [vdso]
b7fa0000-b7fbc000 r-xp 00000000 08:02 589858 /lib/ld-2.9.so
b7fbc000-b7fbd000 r--p 0001b000 08:02 589858 /lib/ld-2.9.so
b7fbd000-b7fbe000 rw-p 0001c000 08:02 589858 /lib/ld-2.9.so
bfca9000-bfcbe000 rw-p bffeb000 00:00 0 [stack]
Aborted
temporary workaround: compile with -D_FORTIFY_SOURCE=0 -fno-stack-
protector
** Changed in: nvram-wakeup (Ubuntu Intrepid)
Status: In Progress => Invalid
** Description changed:
Binary package hint: nvram-wakeup
nvram-wakeup 0.97-14lenny1 triggers buffer overflow protection (fortify?):
- SRU STATEMENT: Package does not function at all on Intrepid and Jaunty,
fixing the overflow solves this.
+ SRU STATEMENT: Package does not function at all on Jaunty, fixing the
overflow solves this.
ADDRESSED: buffer overflow was identified and fixed.
TEST CASE: sudo nvram-wakeup -A -C /etc/nvram-wakeup.conf --settime
1441154840
REGRESSION POTENTIAL: none -- the package does not work at all currently.
/usr/sbin/nvram-wakeup -A -C /etc/nvram-wakeup.conf --settime
1241154840
*** buffer overflow detected ***: /usr/sbin/nvram-wakeup terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7f24da8]
/lib/tls/i686/cmov/libc.so.6[0xb7f22eb0]
/lib/tls/i686/cmov/libc.so.6[0xb7f225a8]
/lib/tls/i686/cmov/libc.so.6(_IO_default_xsputn+0xc8)[0xb7e94bb8]
/lib/tls/i686/cmov/libc.so.6(_IO_vfprintf+0x6f3)[0xb7e66f23]
/lib/tls/i686/cmov/libc.so.6(__vsprintf_chk+0xa4)[0xb7f22654]
/lib/tls/i686/cmov/libc.so.6(__sprintf_chk+0x2d)[0xb7f2259d]
/usr/sbin/nvram-wakeup[0x80522b9]
/usr/sbin/nvram-wakeup[0x80499ab]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7e3d775]
/usr/sbin/nvram-wakeup[0x8048d71]
======= Memory map: ========
08048000-0805f000 r-xp 00000000 08:02 783832 /usr/sbin/nvram-wakeup
0805f000-08060000 r--p 00016000 08:02 783832 /usr/sbin/nvram-wakeup
08060000-08061000 rw-p 00017000 08:02 783832 /usr/sbin/nvram-wakeup
08966000-08987000 rw-p 08966000 00:00 0 [heap]
b7e17000-b7e24000 r-xp 00000000 08:02 589901 /lib/libgcc_s.so.1
b7e24000-b7e25000 r--p 0000c000 08:02 589901 /lib/libgcc_s.so.1
b7e25000-b7e26000 rw-p 0000d000 08:02 589901 /lib/libgcc_s.so.1
b7e26000-b7e27000 rw-p b7e26000 00:00 0
b7e27000-b7f83000 r-xp 00000000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f83000-b7f84000 ---p 0015c000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f84000-b7f86000 r--p 0015c000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f86000-b7f87000 rw-p 0015e000 08:02 598956
/lib/tls/i686/cmov/libc-2.9.so
b7f87000-b7f8a000 rw-p b7f87000 00:00 0
b7f9d000-b7f9f000 rw-p b7f9d000 00:00 0
b7f9f000-b7fa0000 r-xp b7f9f000 00:00 0 [vdso]
b7fa0000-b7fbc000 r-xp 00000000 08:02 589858 /lib/ld-2.9.so
b7fbc000-b7fbd000 r--p 0001b000 08:02 589858 /lib/ld-2.9.so
b7fbd000-b7fbe000 rw-p 0001c000 08:02 589858 /lib/ld-2.9.so
bfca9000-bfcbe000 rw-p bffeb000 00:00 0 [stack]
Aborted
temporary workaround: compile with -D_FORTIFY_SOURCE=0 -fno-stack-
protector
--
nvram-wakeup buffer overflow detected
https://bugs.launchpad.net/bugs/370261
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
