Hide Forgot
Description of problem: Hi, While debugging my Fusil the fuzzer program, I hit a bug in the ltrace project on my Fedora 19. When ltrace is used with -e PATTERN option and a program without its absolution path (ex: pwd vs /usr/bin/pwd) and without the PATH environment variable (ex: "unset PATH"), it does crash. Example: $ env -i /usr/bin/ltrace -e getenv pwd Erreur de segmentation (core dumped) /home/haypo/prog/HG/fusil It works if -e option is not used, or if the full path to the tested program is used. It looks like the bug was fixed upstream in the commit aafb00b7d7751049b99cac3953b5021e4f474ac4: http://anonscm.debian.org/gitweb/?p=collab-maint/ltrace.git;a=commit;h=aafb00b7d7751049b99cac3953b5021e4f474ac4 It looks also like the release version 0.7.3 includes the fix, so upgrading ltrace from 0.7.90-git to 0.7.3 should fix this crash. Workarounds: - set the PATH environment variable - or: don't use -e PATTERN option - or: pass the full path to the program Version-Release number of selected component: ltrace-0.7.2-5.fc19 Additional info: reporter: libreport-2.1.9 backtrace_rating: 4 cmdline: /usr/bin/ltrace -e xxx pwd crash_function: strlen environ: executable: /usr/bin/ltrace kernel: 3.11.9-200.fc19.x86_64 runlevel: N 5 type: CCpp uid: 1000 Truncated backtrace: Thread no. 1 (10 frames) #0 strlen at ../sysdeps/x86_64/strlen.S:31 #1 __regexec at regexec.c:242 #2 re_match_or_error at filter.c:114 #3 filter_matches_library at filter.c:155 #4 read_module at ltrace-elf.c:975 #5 ltelf_read_main_binary at ltrace-elf.c:1023 #6 breakpoints_init at breakpoints.c:398 #7 process_init_main at proc.c:167 #8 process_init at proc.c:199 #9 open_program at proc.c:292
Created attachment 838682 [details] File: backtrace
Created attachment 838683 [details] File: cgroup
Created attachment 838684 [details] File: core_backtrace
Created attachment 838685 [details] File: dso_list
Created attachment 838686 [details] File: exploitable
Created attachment 838687 [details] File: limits
Created attachment 838688 [details] File: maps
Created attachment 838689 [details] File: open_fds
Created attachment 838690 [details] File: proc_pid_status
Created attachment 838691 [details] File: var_log_messages
Thanks. It seems for Rawhide we instead need http://anonscm.debian.org/gitweb/?p=collab-maint/ltrace.git;a=commitdiff_plain;h=0ba3c5ee and http://anonscm.debian.org/gitweb/?p=collab-maint/ltrace.git;a=commitdiff_plain;h=2bfea358 > It looks also like the release version 0.7.3 includes the fix, so upgrading > ltrace from 0.7.90-git to 0.7.3 should fix this crash. It's the other way around, 0.7.90 is much newer than 0.7.3 ;) I'll bring the patch you reference to F19 and F20, and the other two patches to Rawhide.
ltrace-0.7.2-8.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/ltrace-0.7.2-8.fc20
ltrace-0.7.2-6.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/ltrace-0.7.2-6.fc19
ltrace-0.7.2-8.fc20 works
Package ltrace-0.7.2-8.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing ltrace-0.7.2-8.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-0897/ltrace-0.7.2-8.fc20 then log in and leave karma (feedback).
ltrace-0.7.2-6.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
ltrace-0.7.2-8.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.