Bug 948055

Summary: [abrt] dosfstools-3.0.16-2.fc17: _IO_str_chk_overflow: Process /usr/sbin/dosfslabel was killed by signal 6 (SIGABRT)
Product: [Fedora] Fedora Reporter: John Reiser <jreiser>
Component: dosfstoolsAssignee: Jaroslav Škarvada <jskarvad>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 17CC: atkac, jskarvad, todoleza
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard: abrt_hash:b77800651559eadd2a30576ee3bfbe5b0b348bad
Fixed In Version: dosfstools-3.0.16-3.fc17 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-05-06 04:28:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: environ
none
File: limits
none
File: maps
none
File: open_fds
none
File: proc_pid_status
none
File: smolt_data
none
Proposed fix none

Description John Reiser 2013-04-03 21:05:37 UTC 
Description of problem:
# livecd-iso-to-disk --reset-mbr Fedora-19-Alpha-TC3-x86_64-netinst.iso /dev/sdc1
Verifying image...
.../Fedora-19-Alpha-TC3-x86_64-netinst.iso:   0ae0e74993a4c63179a85118d95022d6
Fragment sums: 63e3496e17e1aa219a44a1993c2159232ef9235bc48eeb6adcd6646ad472
Fragment count: 20
Press [Esc] to abort check.
Checking: 100.0%

The media check is complete, the result is: PASS.

It is OK to use this media.
*** buffer overflow detected ***: /sbin/dosfslabel terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail+0x37)[0x30f05094d7]
/lib64/libc.so.6[0x30f0507690]
/lib64/libc.so.6[0x30f0506b19]
/lib64/libc.so.6(_IO_default_xsputn+0xdb)[0x30f047870b]
/lib64/libc.so.6(_IO_vfprintf+0xe1)[0x30f04467b1]
/lib64/libc.so.6(__vsprintf_chk+0x97)[0x30f0506bb7]
/lib64/libc.so.6(__sprintf_chk+0x7d)[0x30f0506afd]
/sbin/dosfslabel[0x40450b]
/sbin/dosfslabel[0x402938]
/sbin/dosfslabel[0x40138b]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x30f0421735]
/sbin/dosfslabel[0x40158d]
======= Memory map: ========
00400000-0040c000 r-xp 00000000 08:0c 412449                             /usr/sbin/dosfslabel
0060b000-0060c000 rw-p 0000b000 08:0c 412449                             /usr/sbin/dosfslabel
0060c000-0060e000 rw-p 00000000 00:00 0 
0080b000-0080d000 rw-p 0000b000 08:0c 412449                             /usr/sbin/dosfslabel
00fca000-00feb000 rw-p 00000000 00:00 0                                  [heap]
30f0000000-30f0020000 r-xp 00000000 08:0c 394156                         /usr/lib64/ld-2.15.so
30f021f000-30f0220000 r--p 0001f000 08:0c 394156                         /usr/lib64/ld-2.15.so
30f0220000-30f0221000 rw-p 00020000 08:0c 394156                         /usr/lib64/ld-2.15.so
30f0221000-30f0222000 rw-p 00000000 00:00 0 
30f0400000-30f05ac000 r-xp 00000000 08:0c 394310                         /usr/lib64/libc-2.15.so
30f05ac000-30f07ac000 ---p 001ac000 08:0c 394310                         /usr/lib64/libc-2.15.so
30f07ac000-30f07b0000 r--p 001ac000 08:0c 394310                         /usr/lib64/libc-2.15.so
30f07b0000-30f07b2000 rw-p 001b0000 08:0c 394310                         /usr/lib64/libc-2.15.so
30f07b2000-30f07b7000 rw-p 00000000 00:00 0 
30f3c00000-30f3c15000 r-xp 00000000 08:0c 398310                         /usr/lib64/libgcc_s-4.7.2-20120921.so.1
30f3c15000-30f3e14000 ---p 00015000 08:0c 398310                         /usr/lib64/libgcc_s-4.7.2-20120921.so.1
30f3e14000-30f3e15000 rw-p 00014000 08:0c 398310                         /usr/lib64/libgcc_s-4.7.2-20120921.so.1
7f4258572000-7f4258575000 rw-p 00000000 00:00 0 
7f425858f000-7f4258591000 rw-p 00000000 00:00 0 
7fff746dd000-7fff746fe000 rw-p 00000000 00:00 0                          [stack]
7fff747fe000-7fff74800000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
/usr/bin/livecd-iso-to-disk: line 546: 16397 Aborted                 (core dumped) /sbin/dosfslabel $dev LIVE
Cleaning up to exit...
# 

Version-Release number of selected component:
dosfstools-3.0.16-2.fc17

Additional info:
backtrace_rating: 4
cmdline:        /sbin/dosfslabel
crash_function: _IO_str_chk_overflow
executable:     /usr/sbin/dosfslabel
kernel:         3.8.3-103.fc17.x86_64
uid:            0
ureports_counter: 1
var_log_messages: Apr  3 14:02:07 f17-64 abrt[16398]: Saved core dump of pid 16397 (/usr/sbin/dosfslabel) to /var/spool/abrt/ccpp-2013-04-03-14:02:07-16397 (401408 bytes)

Truncated backtrace:
Thread no. 1 (9 frames)
 #5 _IO_str_chk_overflow at vsprintf_chk.c:35
 #6 _IO_default_xsputn at genops.c:485
 #7 _IO_vfprintf_internal at vfprintf.c:1291
 #8 ___vsprintf_chk at vsprintf_chk.c:87
 #9 ___sprintf_chk at sprintf_chk.c:33
 #10 sprintf at /usr/include/bits/stdio2.h:34
 #11 alloc_rootdir_entry at src/check.c:179
 #12 write_volume_label at src/boot.c:544
 #13 write_label at src/boot.c:576
Comment 1 John Reiser 2013-04-03 21:05:39 UTC 
Created attachment 731353 [details]
File: backtrace
Comment 2 John Reiser 2013-04-03 21:05:41 UTC 
Created attachment 731354 [details]
File: cgroup
Comment 3 John Reiser 2013-04-03 21:05:42 UTC 
Created attachment 731355 [details]
File: core_backtrace
Comment 4 John Reiser 2013-04-03 21:05:44 UTC 
Created attachment 731356 [details]
File: dso_list
Comment 5 John Reiser 2013-04-03 21:05:45 UTC 
Created attachment 731357 [details]
File: environ
Comment 6 John Reiser 2013-04-03 21:05:46 UTC 
Created attachment 731358 [details]
File: limits
Comment 7 John Reiser 2013-04-03 21:05:48 UTC 
Created attachment 731359 [details]
File: maps
Comment 8 John Reiser 2013-04-03 21:05:49 UTC 
Created attachment 731360 [details]
File: open_fds
Comment 9 John Reiser 2013-04-03 21:05:51 UTC 
Created attachment 731361 [details]
File: proc_pid_status
Comment 10 John Reiser 2013-04-03 21:05:52 UTC 
Created attachment 731362 [details]
File: smolt_data
Comment 11 John Reiser 2013-04-04 02:21:39 UTC 
The same problem occurs when running Fedora-19-Alpha-TC3 using livecd-tools-19.1-1,fc19.i686 and dosfstools-3.0.16-2.fc19.i686.  Change Version to 19.
Comment 12 Jaroslav Škarvada 2013-05-02 12:55:50 UTC 
Lowered version to backport the fix to all affected releases.
Comment 13 Jaroslav Škarvada 2013-05-02 12:56:04 UTC 
*** Bug 949861 has been marked as a duplicate of this bug. ***
Comment 14 Jaroslav Škarvada 2013-05-02 13:23:03 UTC 
Created attachment 742707 [details]
Proposed fix

Some crazy code got somehow upstream :) Proposed fix is attached.
Comment 15 Fedora Update System 2013-05-02 13:44:07 UTC 
dosfstools-3.0.16-3.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/dosfstools-3.0.16-3.fc19
Comment 16 Fedora Update System 2013-05-02 13:51:44 UTC 
dosfstools-3.0.16-3.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/dosfstools-3.0.16-3.fc18
Comment 17 Fedora Update System 2013-05-02 13:56:01 UTC 
dosfstools-3.0.16-3.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/dosfstools-3.0.16-3.fc17
Comment 18 Jaroslav Škarvada 2013-05-02 14:56:43 UTC 
Patch was accepted upstream.
Comment 19 Fedora Update System 2013-05-02 16:28:06 UTC 
Package dosfstools-3.0.16-3.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing dosfstools-3.0.16-3.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-7251/dosfstools-3.0.16-3.fc19
then log in and leave karma (feedback).
Comment 20 Fedora Update System 2013-05-06 04:28:02 UTC 
dosfstools-3.0.16-3.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 21 Jaroslav Škarvada 2013-05-07 08:32:32 UTC 
*** Bug 955713 has been marked as a duplicate of this bug. ***
Comment 22 Fedora Update System 2013-05-19 02:32:09 UTC 
dosfstools-3.0.16-3.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.