[Bug 413278]
Progonsaytu
413278 at bugs.launchpad.net
Tue Oct 19 07:15:04 UTC 2021
https://www.ремонты-квартир.com/
https://www.дизайн-квартиры.com/
https://www.о-ремонте.com/
https://www.о-заборах.com/
https://www.bsegypt.com/
https://www.buyingrealty.net/
https://www.khersonnews.com/
https://www.kontrolstroy.info/
https://www.sama-mama.com/
https://www.secretovnet.org/
https://www.teleriko.com/
https://www.us-best-store.com/
https://www.віктор.com/
https://www.accord-hotel.ru/
https://releazer.ru/
https://www.a-n-e-k-d-o-t.ru/
https://www.adhan.ru/
http://www.al-aures.ru/
https://www.apriori-design.ru/
http://artdoski.ru/
https://www.bombusmod.net.ru/
https://www.canadianahealthandcaremallreviews.ru/
https://www.celestiaproject.ru/
https://www.cryptogu.ru/
https://www.downloadskypefree.ru/
https://www.encyclopedia-flowers.ru/
https://www.factura.net.ru/
http://freewizards.ru/
http://futurefactory.ru/
https://glina-med.ru/
http://google-dmoz.ru/
http://iix.su/
https://www.imperia51.ru/
https://www.info-tehnologii.ru/
https://www.kvartira-v-bolgarii.ru/
https://ljubi-i-pozdravljaj.ru/
https://www.majesticarticles.ru/
https://www.onlinecredit247.ru/
https://www.orfey.net.ru/
https://www.pgpk.net.ru/
https://www.rainbow.net.ru/
http://www.rainbowbaby.ru/
http://www.respublika-okon.ru/
https://ribku-lovim.ru/
http://rusorchestra.ru/
http://shmoscow.ru/
https://www.skifspb.ru/
https://www.spare.net.ru/
https://www.stranainform.ru/
https://www.taxi-smile.ru/
https://www.tkanishik.ru/
http://www.tremulous.net.ru/
https://trust-women.ru/
http://uralbel.ru/
https://www.yar-art-union.ru/
https://www.xn----7sbcngq4awkg0k.xn--p1ai/
https://www.xn----7sbbmgbytlh3a0ll.xn--p1ai/
https://www.xn--35-mlcuxidl.xn--p1ai/
https://www.xn--f1addf1alkk1d.xn--p1ai/
https://www.history-of-great-discoveries.com/
https://www.it-business-trends.com
https://www.interesting-history-of-art.com
https://www.interesting-news-about-cars.com
https://www.architecture-and-design-news.com
https://history-of-great-discoveries.blogspot.com/
https://it-business-trends.blogspot.com/
https://interesting-history-of-art.blogspot.com/
https://interesting-news-about-cars.blogspot.com/
https://architecture-and-design-news.blogspot.com/
https://www.secretovnet.org/archives/18806
https://www.secretovnet.org/archives/17685
https://www.secretovnet.org/archives/17683
https://www.secretovnet.org/archives / 17681
https://www.secretovnet.org/archives/13740
https://www.secretovnet.org/archives/13737
https://www.secretovnet.org/archives/13734
https://www.secretovnet.org / archives / 13732
https://www.secretovnet.org/archives/13729
https://www.secretovnet.org/archives/17679
https://www.secretovnet.org/archives/17677
https://www.secretovnet .org / archives / 17675
https://www.secretovnet.org/archives/17670
https://www.secretovnet.org/archives/17667
https://www.secretovnet.org/archives/18686
https://www.secretovnet.org/archives/18684
https://www.secretovnet.org/archives/18682
https://www.secretovnet.org/archives/17665
https://www.secretovnet.org/archives / 17663
https://www.secretovnet.org/archives/17661
https://www.secretovnet.org/archives/17659
https://www.secretovnet.org/archives/17657
https://www.secretovnet.org / archives / 13723
https://www.secretovnet.org/archives/13717
https://www.secretovnet.org/archives/13714
https://www.secretovnet.org/archives/13711
https://www.secretovnet .org / archives / 13708
https://www.secretovnet.org/archives/17655
https://www.secretovnet.org/archives/13702
https://www.secretovnet.org/archives/17647
https://www.secretovnet.org/archives/17645
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/413278
Title:
stack protector guard value does not lead with a NULL byte
Status in GLibC:
Fix Released
Status in eglibc package in Ubuntu:
Fix Released
Status in glibc package in Ubuntu:
Invalid
Status in eglibc source package in Jaunty:
Invalid
Status in glibc source package in Jaunty:
Fix Released
Status in eglibc source package in Karmic:
Fix Released
Status in glibc source package in Karmic:
Invalid
Bug description:
IMPACT: stack protections are weakened due to strcpy function being able to write the stack guard (since it does not start with a zero byte).
ADDRESSED: correctly implement leading zero, as done in Karmic.
DISCUSSION: regression potential is low, since the patch is isolated and well tested.
TEST CASE:
$ bzr branch lp:~ubuntu-bugcontrol/qa-regression-testing/master qa-regression-testing
$ cd qa-regression-testing/scripts
$ ./test-glibc-security.py -v
Build helper tools ... (9.10) ok
glibc heap protection ... ok
sprintf not pre-truncated with -D_FORTIFY_SOURCE=2 ... ok
glibc pointer obfuscation ... ok
Password hashes ... (sha512) ok
Stack guard exists ... ok
Stack guard leads with zero byte ... FAIL
Stack guard is randomized ... ok
======================================================================
FAIL: Stack guard leads with zero byte
----------------------------------------------------------------------
Traceback (most recent call last):
File "./test-glibc-security.py", line 170, in test_81_stack_guard_leads_zero
self.assertEqual(one.startswith('00 '), expected, one)
AssertionError: 62 55 59 69 cd 20 39 80
----------------------------------------------------------------------
Ran 8 tests in 0.145s
FAILED (failures=1)
expected outcome: 0 failures.
ProblemType: Bug
Architecture: amd64
Date: Thu Aug 13 13:59:02 2009
Dependencies:
findutils 4.4.2-1
gcc-4.4-base 4.4.1-1ubuntu3
libc6 2.10.1-0ubuntu6
libgcc1 1:4.4.1-1ubuntu3
DistroRelease: Ubuntu 9.10
Package: libc6 2.10.1-0ubuntu6
ProcEnviron:
LANGUAGE=en_US.UTF-8
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.31-5.24-generic
SourcePackage: eglibc
Uname: Linux 2.6.31-5-generic x86_64
To manage notifications about this bug go to:
https://bugs.launchpad.net/glibc/+bug/413278/+subscriptions
More information about the foundations-bugs
mailing list