Bug 1148661 - [abrt] bash: strlen(): bash killed by SIGSEGV
Summary: [abrt] bash: strlen(): bash killed by SIGSEGV
Keywords:
Status: CLOSED DUPLICATE of bug 1147414
Alias: None
Product: Fedora
Classification: Fedora
Component: bash
Version: 20
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Ondrej Oprala
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:c11055e6805e815490ea573557a...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-10-02 04:23 UTC by Eric Blake
Modified: 2016-02-01 02:10 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2014-10-02 04:28:55 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
File: backtrace (39.00 KB, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: cgroup (181 bytes, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: core_backtrace (3.15 KB, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: dso_list (580 bytes, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: environ (3.38 KB, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: exploitable (82 bytes, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: limits (1.29 KB, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: maps (2.60 KB, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: open_fds (138 bytes, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: proc_pid_status (952 bytes, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
File: var_log_messages (2.14 KB, text/plain)
2014-10-02 04:23 UTC, Eric Blake 		no flags Details
View All

Description Eric Blake 2014-10-02 04:23:34 UTC 
Description of problem:
Testing CVE-2014-6278, per http://lcamtuf.blogspot.de/2014/10/bash-bug-how-we-finally-cracked.html

Version-Release number of selected component:
bash-4.2.48-2.fc20

Additional info:
reporter:       libreport-2.2.3
backtrace_rating: 4
cmdline:        bash -c 'x () { y() { :; }; y() { :; } <<a; }'
crash_function: strlen
executable:     /usr/bin/bash
kernel:         3.16.2-200.fc20.x86_64
runlevel:       N 5
type:           CCpp
uid:            14986

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 strlen at ../sysdeps/x86_64/strlen.S:106
 #1 copy_redirect at copy_cmd.c:129
 #2 copy_redirects at copy_cmd.c:164
 #3 copy_command at copy_cmd.c:371
 #4 copy_function_def_contents at copy_cmd.c:335
 #5 bind_function_def at variables.c:2484
 #6 make_function_def at make_cmd.c:798
 #7 yyparse at ./parse.y:904
 #8 parse_command at eval.c:229
 #9 parse_and_execute at evalstring.c:252
Comment 1 Eric Blake 2014-10-02 04:23:36 UTC 
Created attachment 943258 [details]
File: backtrace
Comment 2 Eric Blake 2014-10-02 04:23:36 UTC 
Created attachment 943259 [details]
File: cgroup
Comment 3 Eric Blake 2014-10-02 04:23:37 UTC 
Created attachment 943260 [details]
File: core_backtrace
Comment 4 Eric Blake 2014-10-02 04:23:38 UTC 
Created attachment 943261 [details]
File: dso_list
Comment 5 Eric Blake 2014-10-02 04:23:39 UTC 
Created attachment 943262 [details]
File: environ
Comment 6 Eric Blake 2014-10-02 04:23:40 UTC 
Created attachment 943263 [details]
File: exploitable
Comment 7 Eric Blake 2014-10-02 04:23:41 UTC 
Created attachment 943264 [details]
File: limits
Comment 8 Eric Blake 2014-10-02 04:23:41 UTC 
Created attachment 943265 [details]
File: maps
Comment 9 Eric Blake 2014-10-02 04:23:42 UTC 
Created attachment 943266 [details]
File: open_fds
Comment 10 Eric Blake 2014-10-02 04:23:43 UTC 
Created attachment 943267 [details]
File: proc_pid_status
Comment 11 Eric Blake 2014-10-02 04:23:44 UTC 
Created attachment 943268 [details]
File: var_log_messages
Comment 12 Eric Blake 2014-10-02 04:28:55 UTC 

*** This bug has been marked as a duplicate of bug 1147414 ***
Note You need to log in before you can comment on or make changes to this bug.