RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1484284 - There is an illegal address access in tic.c of libncurses.
Summary: There is an illegal address access in tic.c of libncurses.
Keywords:
Status: CLOSED DUPLICATE of bug 1488917
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ncurses
Version: 7.5-Alt
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Miroslav Lichvar
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks: CVE-2017-13730
TreeView+ depends on / blocked
 
Reported: 2017-08-23 07:56 UTC by owl337
Modified: 2018-07-27 15:24 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-07-27 15:24:17 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
Triggered by " ./tic POC9 " (419 bytes, application/x-rar)
2017-08-23 07:56 UTC, owl337
no flags Details

Description owl337 2017-08-23 07:56:16 UTC
Created attachment 1316977 [details]
Triggered by "  ./tic POC9 "

Description of problem:

There is an illegal address access in tic.c of libncurses.

Version-Release number of selected component (if applicable):

<= latest version

How reproducible:

./tic POC9

Steps to Reproduce:

The GDB debugging information is as follows:
(gdb) set args POC9
(gdb) r 
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/icy/secreal/ncurses-6.0-20170819/install/bin/tic id:000152,sig:11,src:002053,op:havoc,rep:32

Breakpoint 2, main (argc=<optimized out>, argv=<optimized out>) at ../progs/tic.c:958
958	    _nc_read_entry_source(tmp_fp, (char *) NULL,
(gdb) c 
Continuing.
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 34, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 34, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 37, terminal 'a': Legacy termcap allows only a trailing tc= clause
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 37, terminal 'a': unknown capability '49'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 39, terminal 'a': Illegal character - '\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 39, terminal 'a': unknown capability 'r'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 41, terminal 'a': unknown capability 'a'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 73, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 73, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 74, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 86, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 86, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 1, col 87, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 2, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 2, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 2, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 4, col 42, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 4, col 42, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 31, terminal 'a': Illegal character - '^F'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 31, terminal 'a': unknown capability 'u'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 32, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^K'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 44, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 44, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 45, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 109, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 109, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 110, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 122, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 122, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 123, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 145, terminal 'a': Illegal character - '\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 5, col 145, terminal 'a': wrong type used for string capability 'useuj'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 7, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 8, col 42, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 8, col 42, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 31, terminal 'a': Illegal character - '^F'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 31, terminal 'a': unknown capability 'u'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 32, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^K'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 44, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 44, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 45, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 109, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 109, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 110, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 122, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 122, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 123, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 145, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 145, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 9, col 146, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 11, col 13, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 11, col 13, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 11, col 14, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 12, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 12, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 12, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 15, terminal 'a': Illegal character '~?' in \ sequence
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 18, terminal 'a': Illegal character - '^F'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 18, terminal 'a': unknown capability 'u'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 19, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^K'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 31, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 31, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 32, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 70, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 70, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 71, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 83, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 83, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 14, col 84, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 15, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 15, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 15, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 17, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 18, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 18, col 17, terminal 'a': wrong type used for string capability 'kus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 18, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 38, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 38, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 39, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 47, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 47, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 19, col 48, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 20, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 20, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 20, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 14, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 14, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 15, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 27, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 27, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 22, col 28, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 24, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 24, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 24, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 48, terminal 'a': Illegal character - '~I'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 25, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 26, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 26, col 17, terminal 'a': wrong type used for string capability 'kas'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 26, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 24, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 24, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 25, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 33, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 33, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 27, col 34, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 28, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 28, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 28, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 29, col 28, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 29, col 28, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 29, col 29, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 30, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 30, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 30, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 32, col 13, terminal 'a': Missing separator
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 33, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 34, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 37, col 13, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 37, col 13, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 37, col 14, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 38, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 38, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 38, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 22, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 22, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 23, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 74, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 74, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 39, col 75, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 40, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 40, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 40, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 42, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 43, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 43, col 17, terminal 'a': wrong type used for string capability 'kus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 43, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 38, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 38, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 39, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 47, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 47, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 45, col 48, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 25, terminal 'a': Illegal character - '{'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 25, terminal 'a': wrong type used for string capability 'us'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 28, terminal 'a': unknown capability 'a'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 34, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 34, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 46, col 35, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 50, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 50, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 50, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 51, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 52, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 52, col 17, terminal 'a': wrong type used for string capability 'kas'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 52, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 38, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 38, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 39, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 47, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 47, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 54, col 48, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 55, col 52, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 55, col 52, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 55, col 53, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 56, col 19, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 56, col 19, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 56, col 20, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 24, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 24, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 25, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 37, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 37, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 58, col 38, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 48, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 48, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 49, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 61, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 61, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 60, col 62, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 61, col 17, terminal 'a': Illegal character - 'M- '
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 61, col 17, terminal 'a': wrong type used for string capability 'kus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 61, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 63, col 17, terminal 'a': Missing separator
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 1, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^A'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 17, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 17, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 18, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 44, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 44, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 45, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 57, terminal 'a': Illegal character - '^?'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 57, terminal 'a': wrong type used for string capability 'useus'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 64, col 58, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^\'
"id:000152,sig:11,src:002053,op:havoc,rep:32", line 65, col 30, terminal 'a': Illegal character (expected alphanumeric or @%&*!#) - '^J'

Breakpoint 1, 0x000000000040303d in main (argc=<optimized out>, argv=<optimized out>) at ../progs/tic.c:958
958	    _nc_read_entry_source(tmp_fp, (char *) NULL,
(gdb) s

Program received signal SIGSEGV, Segmentation fault.
0x000000000040303d in main (argc=<optimized out>, argv=<optimized out>) at ../progs/tic.c:958
958	    _nc_read_entry_source(tmp_fp, (char *) NULL,
(gdb) 

Trigged in:
main (argc=<optimized out>, argv=<optimized out>) at ../progs/tic.c:958
958	    _nc_read_entry_source(tmp_fp, (char *) NULL,


Actual results:

crash

Expected results:

crash

Additional info:

Credits:

This vulnerability is detected by team OWL337, with our custom fuzzer collAFL. Please contact ganshuitao   and chaoz.cn if you need more info about the team, the tool or the vulnerability.

Comment 2 Thomas E. Dickey 2017-08-25 22:29:36 UTC
tic.c is not in a library

Comment 3 Thomas E. Dickey 2017-08-26 00:36:33 UTC
I made a fix for this report which will be in the next set of updates.


Note You need to log in before you can comment on or make changes to this bug.