[Bug 401834] [NEW] Icebreaker works first time, but crashes on every subsequent startup

Alec Faithfull alec at snapdragon.demon.co.uk
Mon Jul 20 17:17:59 UTC 2009


Public bug reported:

Source package: icebreaker, version 1.21-11
Ubuntu release: 9.04

Icebreaker runs quite happily the first time it's started, but crashes
immediately on every subsequent attempt.

alec at TRAILBLAZER:~$ icebreaker
*** stack smashing detected ***: icebreaker terminated
======= Backtrace: =========
[...]

The problem is a buffer overflow in options.c: sscanf is used to read
strings without setting any space aside for the null terminator. As a
result, when it tries to read its own configuration file, the string
"icebreaker\0" - eleven characters - is written into a ten-character
buffer, which corrupts a sentinel value and thus causes a crash.

The attached patch extends both of the relevant buffers to be long
enough to include null bytes, and it seems to fix the problem - comments
are, of course, welcome.

** Affects: icebreaker (Ubuntu)
     Importance: Undecided
         Status: New

-- 
Icebreaker works first time, but crashes on every subsequent startup
https://bugs.launchpad.net/bugs/401834
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs




More information about the universe-bugs mailing list