Bug 473374

Summary: Duel3 buffer overflow
Product: [Fedora] Fedora Reporter: Jerry James <loganjerry>
Component: duel3Assignee: Hans de Goede <hdegoede>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: medium    
Version: 10CC: hdegoede
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-12-07 04:11:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jerry James 2008-11-28 05:22:03 UTC 
Description of problem:
In a fresh Fedora 10 install, I tried playing duel3 with my son.  When the player using the left side of the keyboard hit the left shift button, the game crashed.  In .xsession-errors, I found this:

*** buffer overflow detected ***: duel3 terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail+0x37)[0x34410ff497]
/lib64/libc.so.6[0x34410fd340]
/lib64/libc.so.6[0x34410fc6c9]
/lib64/libc.so.6(_IO_default_xsputn+0x96)[0x3441076606]
/lib64/libc.so.6(_IO_vfprintf+0x1c1c)[0x344104744c]
/lib64/libc.so.6(__vsprintf_chk+0x9d)[0x34410fc76d]
/lib64/libc.so.6(__sprintf_chk+0x80)[0x34410fc6b0]
duel3(_ZN6Player14drawHotSeatHUDEi+0x95)[0x4210f5]
duel3(_ZN4Game4drawEv+0x230)[0x422590]
duel3(_Z8draw_allv+0x5d)[0x414d0d]
duel3(main+0x225)[0x416855]
/lib64/libc.so.6(__libc_start_main+0xe6)[0x344101e546]
duel3(_ZNSt8ios_base4InitD1Ev+0x51)[0x40e869]

Version-Release number of selected component (if applicable):
duel3-0.1-0.5.20060225.fc9.x86_64

How reproducible:
Always.

Steps to Reproduce:
1. Start duel3
2. Choose a 2-player game
3. Push the left shift button
  
Actual results:
Duel3 is killed due to a buffer overflow.

Expected results:
Duel3 continues to work.

Additional info:
Comment 1 Hans de Goede 2008-12-03 18:37:48 UTC 
Thanks for reporting this. I've managed to reproduce this (it only happens when you choose a certain ship in duel mode) and an update fixing this is on its way.
Comment 2 Jerry James 2008-12-03 18:50:59 UTC 
Excellent work!  My son thanks you, because after all, it's HIM that wants to play games, not me.....
Comment 3 Fedora Update System 2008-12-03 18:58:45 UTC 
duel3-0.1-0.6.20060225.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/duel3-0.1-0.6.20060225.fc10
Comment 4 Fedora Update System 2008-12-07 04:11:27 UTC 
duel3-0.1-0.6.20060225.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.