Public bug reported:
(gdb) info frame
Stack level 0, frame at 0x7fff8c8e31d0:
rip = 0x7d6c6229eb1c in __pthread_kill_implementation
(./nptl/pthread_kill.c:44); saved rip = 0x7d6c6224526e
inlined into frame 1
source language c.
Arglist at unknown address.
Locals at unknown address, Previous frame's sp in rsp
(gdb) bt
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>)
at ./nptl/pthread_kill.c:44
#1 __pthread_kill_internal (signo=6, threadid=<optimized out>)
at ./nptl/pthread_kill.c:78
#2 __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6)
at ./nptl/pthread_kill.c:89
#3 0x00007d6c6224526e in __GI_raise (sig=sig@entry=6)
at ../sysdeps/posix/raise.c:26
#4 0x00007d6c622288ff in __GI_abort () at ./stdlib/abort.c:79
#5 0x00007d6c622297b6 in __libc_message_impl (
fmt=fmt@entry=0x7d6c623ce765 "*** %s ***: terminated\n")
at ../sysdeps/posix/libc_fatal.c:132
#6 0x00007d6c62336c19 in __GI___fortify_fail (
msg=msg@entry=0x7d6c623ce74c "buffer overflow detected")
at ./debug/fortify_fail.c:24
#7 0x00007d6c623365d4 in __GI___chk_fail () at ./debug/chk_fail.c:28
#8 0x00007d6c62337e88 in ___sprintf_chk (s=s@entry=0x7d6c6259b520 "rame_hdr",
flag=flag@entry=2, slen=slen@entry=0,
format=format@entry=0x7d6c62599000 "%02x%c") at ./debug/sprintf_chk.c:37
#9 0x00007d6c625981ed in sprintf (__fmt=0x7d6c62599000 "%02x%c",
__s=0x7d6c6259b520 "rame_hdr")
at /usr/include/x86_64-linux-gnu/bits/stdio2.h:30
#10 parse_mac2str (ret=0x5f543ef3f818, mac=0x7d6c62553060 "E", okey=4, len=14)
--Type <RET> for more, q to quit, c to continue without paging--
at /build/ulogd2-P2jEpk/ulogd2-2.0.8/filter/ulogd_filter_HWHDR.c:128
#11 0x00005f543d3c248e in ulogd_propagate_results (pi=pi@entry=0x5f543ef3c760)
at /usr/src/ulogd2-2.0.8-2build1/src/ulogd.c:618
#12 0x00007d6c62610a66 in interp_packet (upi=upi@entry=0x5f543ef3c760,
pf_family=2 '\002', ldata=ldata@entry=0x7fff8c8e3660, ct=ct@entry=0x0)
at /build/ulogd2-P2jEpk/ulogd2-2.0.8/input/packet/ulogd_inppkt_NFLOG.c:459
#13 0x00007d6c6261137f in msg_cb (gh=<optimized out>, nfmsg=0x7d6c62553020,
nfa=0x7fff8c8e3660, data=0x5f543ef38860)
at /build/ulogd2-P2jEpk/ulogd2-2.0.8/input/packet/ulogd_inppkt_NFLOG.c:539
#14 0x00007d6c626094b0 in __nflog_rcv_pkt (nlh=<optimized out>,
nfa=<optimized out>, data=<optimized out>)
at
/build/libnetfilter-log-WtIomG/libnetfilter-log-1.0.2/src/libnetfilter_log.c:161
#15 0x00007d6c625c9823 in __nfnl_handle_msg (len=164, nlh=0x7d6c62553010,
h=<optimized out>)
at /build/libnfnetlink-wh9ask/libnfnetlink-1.0.2/src/libnfnetlink.c:1261
#16 nfnl_handle_packet (h=0x5f543ef3b470, buf=0x7d6c62553010 "\244",
len=len@entry=164)
at /build/libnfnetlink-wh9ask/libnfnetlink-1.0.2/src/libnfnetlink.c:1281
#17 0x00007d6c6260971c in nflog_handle_packet (h=<optimized out>,
buf=<optimized out>, len=len@entry=164)
at
/build/libnetfilter-log-WtIomG/libnetfilter-log-1.0.2/src/libnetfilter_log.c:368
--Type <RET> for more, q to quit, c to continue without paging--
#18 0x00007d6c62610b48 in nful_read_cb (fd=<optimized out>,
what=<optimized out>, param=0x5f543ef38860)
at /build/ulogd2-P2jEpk/ulogd2-2.0.8/input/packet/ulogd_inppkt_NFLOG.c:522
#19 0x00005f543d3c28f4 in ulogd_select_main (tv=tv@entry=0x0)
at /usr/src/ulogd2-2.0.8-2build1/src/select.c:105
#20 0x00005f543d3c0177 in ulogd_main_loop ()
at /usr/src/ulogd2-2.0.8-2build1/src/ulogd.c:1069
#21 main (argc=<optimized out>, argv=<optimized out>)
at /usr/src/ulogd2-2.0.8-2build1/src/ulogd.c:1648
(gdb)
** Affects: ulogd2 (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: "crashdump"
https://bugs.launchpad.net/bugs/2080677/+attachment/5816955/+files/_usr_sbin_ulogd.124.crash
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2080677
Title:
buffer overflow leads to crash 2.0.8-2build1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ulogd2/+bug/2080677/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
