Login
Log in using an SSO provider:
Fedora Account System
Red Hat Associate
Red Hat Customer
Login using a Red Hat Bugzilla account
Forgot Password
Create an Account
Red Hat Bugzilla – Attachment 571239 Details for
Bug 785934
Buffer overflow in pstree
Home
New
Search
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh92 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
[?]
This site requires JavaScript to be enabled to function correctly, please enable it.
File: backtrace
backtrace (text/plain), 7.64 KB, created by
Pavel Šimerda (pavlix)
on 2012-03-19 23:17:27 UTC
(
hide
)
Description:
File: backtrace
Filename:
MIME Type:
Creator:
Pavel Šimerda (pavlix)
Created:
2012-03-19 23:17:27 UTC
Size:
7.64 KB
patch
obsolete
>[New LWP 2847] >Core was generated by `pstree'. >Program terminated with signal 6, Aborted. >#0 0x00000033474358d5 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 >64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory. > >Thread 1 (LWP 2847): >#0 0x00000033474358d5 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 > resultvar = 0 > pid = 2847 > selftid = 2847 >#1 0x0000003347437088 in __GI_abort () at abort.c:91 > save_stage = 2 > act = {__sigaction_handler = {sa_handler = 0x7fffdc1ac45a, sa_sigaction = 0x7fffdc1ac45a}, sa_mask = {__val = {6, 220240244259, 2, 140736886129774, 2, 220240237572, 1, 220240244255, 3, 140736886129750, 10, 220240244259, 2, 140736886130432, 8, 140736886132192}}, sa_flags = 52, sa_restorer = 0x5} > sigs = {__val = {32, 0 <repeats 15 times>}} >#2 0x0000003347474d0b in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x3347576e80 "*** %s ***: %s terminated\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:198 > ap = {{gp_offset = 32, fp_offset = 48, overflow_arg_area = 0x7fffdc1acdf0, reg_save_area = 0x7fffdc1acd00}} > ap_copy = {{gp_offset = 16, fp_offset = 48, overflow_arg_area = 0x7fffdc1acdf0, reg_save_area = 0x7fffdc1acd00}} > fd = 6 > on_2 = <optimized out> > list = <optimized out> > nlist = <optimized out> > cp = <optimized out> > written = <optimized out> >#3 0x0000003347508eb7 in __GI___fortify_fail (msg=msg@entry=0x3347576e26 "buffer overflow detected") at fortify_fail.c:32 >No locals. >#4 0x0000003347507070 in __GI___chk_fail () at chk_fail.c:29 >No locals. >#5 0x0000000000402f7b in strcpy (__src=0xf00f30 "{gdm-simple-slav}", __dest=0xf01a30 "{gdm-simple-slav}\032\360") at /usr/include/bits/string3.h:105 >No locals. >#6 new_proc (comm=0xf00f30 "{gdm-simple-slav}", pid=931, uid=0, scontext=0xf019e0 "system_u:system_r:xdm_t:s0-s0:c0.c1023") at pstree.c:267 > new = 0xf01a30 >#7 0x000000000040318b in add_proc (comm=comm@entry=0xf00f30 "{gdm-simple-slav}", pid=931, ppid=ppid@entry=894, uid=0, args=args@entry=0x0, size=size@entry=0, isthread=1 '\001', isthread@entry=-48 '\320', scontext=0xf019e0 "system_u:system_r:xdm_t:s0-s0:c0.c1023") at pstree.c:350 > this = 0x0 > parent = <optimized out> >#8 0x0000000000401f67 in read_proc () at pstree.c:695 > dt = <optimized out> > taskpath = 0xf01a10 "/proc/894/task" > thread = 6 > taskdir = 0xf071d0 > threadname = <optimized out> > dir = 0xef4050 > file = 0xefc0a0 > comm = 0x7fffdc1ad585 "gdm-simple-slav" > buffer = 0x0 > readbuf = "894 (gdm-simple-slav\000 S 876 876 876 0 -1 4202752 1849 15995 0 4 2 15 14 66 20 0 2 0 6172 253394944 951 18446744073709551615 1 1 0 0 0 0 0 0 85739 18446744073709551615 0 0 17 1 0 0 10 0 0 0 0 0\n\000 0\n", '\000' <repeats 4483 times>"\253"... > empty = 0 > scontext = 0xf019e0 "system_u:system_r:xdm_t:s0-s0:c0.c1023" > de = <optimized out> > st = {st_dev = 3, st_ino = 19703, st_nlink = 8, st_mode = 16749, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 0, st_blksize = 1024, st_blocks = 0, st_atim = {tv_sec = 1332199438, tv_nsec = 777994302}, st_mtim = {tv_sec = 1332199438, tv_nsec = 777994302}, st_ctim = {tv_sec = 1332199438, tv_nsec = 777994302}, __unused = {0, 0, 0}} > path = <optimized out> > size = <optimized out> > pid = 894 > fd = <optimized out> > buffer_size = 81 > tmpptr = <optimized out> > ppid = 876 > selinux_enabled = 1 >#9 main (argc=<optimized out>, argv=<optimized out>) at pstree.c:990 > current = <optimized out> > winsz = {ws_row = 24, ws_col = 80, ws_xpixel = 0, ws_ypixel = 0} > pw = 0x0 > pid = 1 > highlight = 0 > termcap_area = '\000' <repeats 1023 times> > termname = <optimized out> > c = <optimized out> > options = {{name = 0x40357f "arguments", has_arg = 0, flag = 0x0, val = 97}, {name = 0x403589 "ascii", has_arg = 0, flag = 0x0, val = 65}, {name = 0x40358f "compact", has_arg = 0, flag = 0x0, val = 99}, {name = 0x403597 "vt100", has_arg = 0, flag = 0x0, val = 71}, {name = 0x40359d "highlight-all", has_arg = 0, flag = 0x0, val = 104}, {name = 0x4035ab "highlight-pid", has_arg = 1, flag = 0x0, val = 72}, {name = 0x4035b9 "long", has_arg = 0, flag = 0x0, val = 108}, {name = 0x4035be "numeric-sort", has_arg = 0, flag = 0x0, val = 110}, {name = 0x4035cb "show-pids", has_arg = 0, flag = 0x0, val = 112}, {name = 0x4035d5 "show-parents", has_arg = 0, flag = 0x0, val = 115}, {name = 0x4035e2 "uid-changes", has_arg = 0, flag = 0x0, val = 117}, {name = 0x4035ee "unicode", has_arg = 0, flag = 0x0, val = 85}, {name = 0x4035f6 "version", has_arg = 0, flag = 0x0, val = 86}, {name = 0x4035fe "security-context", has_arg = 0, flag = 0x0, val = 90}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}} >From To Syms Read Shared Object Library >0x000000335640cd90 0x0000003356418c48 Yes /lib64/libtinfo.so.5 >0x0000003348c05e90 0x0000003348c16260 Yes /lib64/libselinux.so.1 >0x000000334741ef60 0x000000334755f070 Yes /lib64/libc.so.6 >0x0000003347c00ea0 0x0000003347c019e0 Yes /lib64/libdl.so.2 >0x0000003347000b20 0x000000334701a269 Yes /lib64/ld-linux-x86-64.so.2 >0x000000334a8029d0 0x000000334a812148 Yes /lib64/libgcc_s.so.1 >$1 = 0x7f059eefa000 "" >No symbol "__glib_assert_msg" in current context. >rax 0x0 0 >rbx 0x0 0 >rcx 0xffffffffffffffff -1 >rdx 0x6 6 >rsi 0xb1f 2847 >rdi 0xb1f 2847 >rbp 0x7fffdc1acde0 0x7fffdc1acde0 >rsp 0x7fffdc1ac428 0x7fffdc1ac428 >r8 0x334756ebe0 220240210912 >r9 0x1c 28 >r10 0x8 8 >r11 0x246 582 >r12 0x7 7 >r13 0x5 5 >r14 0x5 5 >r15 0x7fffdc1ac5b0 140736886130096 >rip 0x33474358d5 0x33474358d5 <__GI_raise+53> >eflags 0x246 [ PF ZF IF ] >cs 0x33 51 >ss 0x2b 43 >ds 0x0 0 >es 0x0 0 >fs 0x0 0 >gs 0x0 0 >Dump of assembler code for function __GI_raise: > 0x00000033474358a0 <+0>: mov %fs:0x2d4,%eax > 0x00000033474358a8 <+8>: mov %fs:0x2d0,%esi > 0x00000033474358b0 <+16>: test %esi,%esi > 0x00000033474358b2 <+18>: jne 0x33474358e0 <__GI_raise+64> > 0x00000033474358b4 <+20>: mov $0xba,%eax > 0x00000033474358b9 <+25>: syscall > 0x00000033474358bb <+27>: mov %eax,%esi > 0x00000033474358bd <+29>: mov %eax,%fs:0x2d0 > 0x00000033474358c5 <+37>: movslq %edi,%rdx > 0x00000033474358c8 <+40>: movslq %esi,%rsi > 0x00000033474358cb <+43>: movslq %eax,%rdi > 0x00000033474358ce <+46>: mov $0xea,%eax > 0x00000033474358d3 <+51>: syscall >=> 0x00000033474358d5 <+53>: cmp $0xfffffffffffff000,%rax > 0x00000033474358db <+59>: ja 0x33474358ef <__GI_raise+79> > 0x00000033474358dd <+61>: repz retq > 0x00000033474358df <+63>: nop > 0x00000033474358e0 <+64>: test %eax,%eax > 0x00000033474358e2 <+66>: jg 0x33474358c5 <__GI_raise+37> > 0x00000033474358e4 <+68>: test $0x7fffffff,%eax > 0x00000033474358e9 <+73>: je 0x3347435900 <__GI_raise+96> > 0x00000033474358eb <+75>: neg %eax > 0x00000033474358ed <+77>: jmp 0x33474358c5 <__GI_raise+37> > 0x00000033474358ef <+79>: mov 0x37953a(%rip),%rdx # 0x33477aee30 > 0x00000033474358f6 <+86>: neg %eax > 0x00000033474358f8 <+88>: mov %eax,%fs:(%rdx) > 0x00000033474358fb <+91>: or $0xffffffffffffffff,%rax > 0x00000033474358ff <+95>: retq > 0x0000003347435900 <+96>: mov %esi,%eax > 0x0000003347435902 <+98>: jmp 0x33474358c5 <__GI_raise+37> >End of assembler dump.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=571239">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 785934
:
565723
| 571239