Bug 180011

Summary: hciattach buffer overflow detected
Product: [Fedora] Fedora Reporter: Zachary Whitley <mail>
Component: bluez-utilsAssignee: David Woodhouse <dwmw2>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 4   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-09-10 09:31:01 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Zachary Whitley 2006-02-04 16:35:50 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20051201 Fedora/1.5-1.1.fc4.nr Firefox/1.5

Description of problem:
[root@currituck ~]# hciattach -p /dev/bluetooth/rfcomm/0 bcsp 230400 00:05:4F:00:29:A5
*** buffer overflow detected ***: hciattach terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x1eec45]
/lib/libc.so.6(__strcpy_chk+0x0)[0x1ee298]
hciattach(main+0x31b)[0x5b503a]
/lib/libc.so.6(__libc_start_main+0xdf)[0x125d5f]
hciattach[0x5b3e51]
======= Memory map: ========
00111000-00234000 r-xp 00000000 09:01 11305127   /lib/libc-2.3.5.so
00234000-00236000 r-xp 00123000 09:01 11305127   /lib/libc-2.3.5.so
00236000-00238000 rwxp 00125000 09:01 11305127   /lib/libc-2.3.5.so
00238000-0023a000 rwxp 00238000 00:00 0
0056e000-0056f000 r-xp 0056e000 00:00 0          [vdso]
005b3000-005b7000 r-xp 00000000 09:01 26647578   /usr/sbin/hciattach
005b7000-005b8000 rwxp 00003000 09:01 26647578   /usr/sbin/hciattach
0063d000-00646000 r-xp 00000000 09:01 11306016   /lib/libgcc_s-4.0.2-20051126.so.1
00646000-00647000 rwxp 00009000 09:01 11306016   /lib/libgcc_s-4.0.2-20051126.so.1
00682000-0068e000 r-xp 00000000 09:01 26646991   /usr/lib/libbluetooth.so.1.0.15
0068e000-0068f000 rwxp 0000c000 09:01 26646991   /usr/lib/libbluetooth.so.1.0.15
007db000-007f5000 r-xp 00000000 09:01 11305124   /lib/ld-2.3.5.so
007f5000-007f6000 r-xp 00019000 09:01 11305124   /lib/ld-2.3.5.so
007f6000-007f7000 rwxp 0001a000 09:01 11305124   /lib/ld-2.3.5.so
09bbf000-09be0000 rw-p 09bbf000 00:00 0          [heap]
b7f2a000-b7f2b000 rw-p b7f2a000 00:00 0
b7f41000-b7f42000 rw-p b7f41000 00:00 0
bfc2d000-bfc42000 rw-p bfc2d000 00:00 0          [stack]
Aborted

bluez-hcidump-1.18-1
bluez-utils-2.15-7
bluez-libs-devel-2.15-1
bluez-libs-2.15-1
bluez-pin-0.24-2




Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.run hciattach command
2.buffer overflow detected
3.
  

Additional info:

Comment 1 David Woodhouse 2006-09-10 09:31:01 UTC
Cannot reproduce in current version