Bug 1319639 - tweak crashes with buffer overflow detected when using long file names
Summary: tweak crashes with buffer overflow detected when using long file names
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: tweak
Version: epel7
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Greg Bailey
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-03-21 08:56 UTC by Thomas Huth
Modified: 2016-04-08 21:31 UTC (History)
1 user (show)

Fixed In Version: tweak-3.02-1.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-04-08 21:31:10 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Thomas Huth 2016-03-21 08:56:12 UTC 
Description of problem:
tweak crashes when it is started with a very long file name as command line parameter.

Version-Release number of selected component (if applicable):
$ rpm -q tweak
tweak-3.01-2.el7.x86_64

How reproducible:
100 %

Steps to Reproduce:
Simply run tweak with a very long file name as parameter, e.g.:
$ tweak \
/tmp/a_very_very_very_very_very_very_very_very_very_very_very_long_filename.txt

Actual results:
*** buffer overflow detected ***: tweak terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail+0x37)[0x7f0974d93b37]
/lib64/libc.so.6(+0x10bcf0)[0x7f0974d91cf0]
/lib64/libc.so.6(+0x10b1f9)[0x7f0974d911f9]
/lib64/libc.so.6(_IO_default_xsputn+0xbc)[0x7f0974cfea1c]
/lib64/libc.so.6(_IO_vfprintf+0x151d)[0x7f0974ccea6d]
/lib64/libc.so.6(__vsprintf_chk+0x88)[0x7f0974d91288]
/lib64/libc.so.6(__sprintf_chk+0x7d)[0x7f0974d911dd]
tweak[0x4018cb]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7f0974ca7b15]
tweak[0x401961]
======= Memory map: ========
00400000-0040e000 r-xp 00000000 fd:01 134703683                          /usr/bin/tweak
0060d000-0060e000 r--p 0000d000 fd:01 134703683                          /usr/bin/tweak
0060e000-0060f000 rw-p 0000e000 fd:01 134703683                          /usr/bin/tweak
0060f000-00639000 rw-p 00000000 00:00 0 
01b8b000-01bac000 rw-p 00000000 00:00 0                                  [heap]
7f097486c000-7f0974881000 r-xp 00000000 fd:01 204716368                  /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7f0974881000-7f0974a80000 ---p 00015000 fd:01 204716368                  /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7f0974a80000-7f0974a81000 r--p 00014000 fd:01 204716368                  /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7f0974a81000-7f0974a82000 rw-p 00015000 fd:01 204716368                  /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7f0974a82000-7f0974a85000 r-xp 00000000 fd:01 202329376                  /usr/lib64/libdl-2.17.so
7f0974a85000-7f0974c84000 ---p 00003000 fd:01 202329376                  /usr/lib64/libdl-2.17.so
7f0974c84000-7f0974c85000 r--p 00002000 fd:01 202329376                  /usr/lib64/libdl-2.17.so
7f0974c85000-7f0974c86000 rw-p 00003000 fd:01 202329376                  /usr/lib64/libdl-2.17.so
7f0974c86000-7f0974e3c000 r-xp 00000000 fd:01 201327279                  /usr/lib64/libc-2.17.so
7f0974e3c000-7f097503c000 ---p 001b6000 fd:01 201327279                  /usr/lib64/libc-2.17.so
7f097503c000-7f0975040000 r--p 001b6000 fd:01 201327279                  /usr/lib64/libc-2.17.so
7f0975040000-7f0975042000 rw-p 001ba000 fd:01 201327279                  /usr/lib64/libc-2.17.so
7f0975042000-7f0975047000 rw-p 00000000 00:00 0 
7f0975047000-7f097506c000 r-xp 00000000 fd:01 201334206                  /usr/lib64/libtinfo.so.5.9
7f097506c000-7f097526c000 ---p 00025000 fd:01 201334206                  /usr/lib64/libtinfo.so.5.9
7f097526c000-7f0975270000 r--p 00025000 fd:01 201334206                  /usr/lib64/libtinfo.so.5.9
7f0975270000-7f0975271000 rw-p 00029000 fd:01 201334206                  /usr/lib64/libtinfo.so.5.9
7f0975271000-7f0975297000 r-xp 00000000 fd:01 201334196                  /usr/lib64/libncurses.so.5.9
7f0975297000-7f0975496000 ---p 00026000 fd:01 201334196                  /usr/lib64/libncurses.so.5.9
7f0975496000-7f0975497000 r--p 00025000 fd:01 201334196                  /usr/lib64/libncurses.so.5.9
7f0975497000-7f0975498000 rw-p 00026000 fd:01 201334196                  /usr/lib64/libncurses.so.5.9
7f0975498000-7f09754b9000 r-xp 00000000 fd:01 201327184                  /usr/lib64/ld-2.17.so
7f0975694000-7f0975698000 rw-p 00000000 00:00 0 
7f09756b7000-7f09756b9000 rw-p 00000000 00:00 0 
7f09756b9000-7f09756ba000 r--p 00021000 fd:01 201327184                  /usr/lib64/ld-2.17.so
7f09756ba000-7f09756bb000 rw-p 00022000 fd:01 201327184                  /usr/lib64/ld-2.17.so
7f09756bb000-7f09756bc000 rw-p 00000000 00:00 0 
7ffd7758d000-7ffd775ae000 rw-p 00000000 00:00 0                          [stack]
7ffd775cb000-7ffd775cd000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted (core dumped)

Expected results:
No crash

Additional info:
The problem seems to have been fixed upstream already. See this commit for example:
http://tartarus.org/~simon-git/gitweb/?p=tweak.git;a=commitdiff;h=18448721678b21
Comment 1 Fedora Update System 2016-03-23 14:20:26 UTC 
tweak-3.02-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-014cb6f479
Comment 2 Fedora Update System 2016-03-24 15:50:15 UTC 
tweak-3.02-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-014cb6f479
Comment 3 Fedora Update System 2016-04-08 21:31:08 UTC 
tweak-3.02-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.