This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 180011 - hciattach buffer overflow detected
hciattach buffer overflow detected
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: bluez-utils (Show other bugs)
4
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: David Woodhouse
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-02-04 11:35 EST by Zachary Whitley
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-09-10 05:31:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Zachary Whitley 2006-02-04 11:35:50 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8) Gecko/20051201 Fedora/1.5-1.1.fc4.nr Firefox/1.5

Description of problem:
[root@currituck ~]# hciattach -p /dev/bluetooth/rfcomm/0 bcsp 230400 00:05:4F:00:29:A5
*** buffer overflow detected ***: hciattach terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x1eec45]
/lib/libc.so.6(__strcpy_chk+0x0)[0x1ee298]
hciattach(main+0x31b)[0x5b503a]
/lib/libc.so.6(__libc_start_main+0xdf)[0x125d5f]
hciattach[0x5b3e51]
======= Memory map: ========
00111000-00234000 r-xp 00000000 09:01 11305127   /lib/libc-2.3.5.so
00234000-00236000 r-xp 00123000 09:01 11305127   /lib/libc-2.3.5.so
00236000-00238000 rwxp 00125000 09:01 11305127   /lib/libc-2.3.5.so
00238000-0023a000 rwxp 00238000 00:00 0
0056e000-0056f000 r-xp 0056e000 00:00 0          [vdso]
005b3000-005b7000 r-xp 00000000 09:01 26647578   /usr/sbin/hciattach
005b7000-005b8000 rwxp 00003000 09:01 26647578   /usr/sbin/hciattach
0063d000-00646000 r-xp 00000000 09:01 11306016   /lib/libgcc_s-4.0.2-20051126.so.1
00646000-00647000 rwxp 00009000 09:01 11306016   /lib/libgcc_s-4.0.2-20051126.so.1
00682000-0068e000 r-xp 00000000 09:01 26646991   /usr/lib/libbluetooth.so.1.0.15
0068e000-0068f000 rwxp 0000c000 09:01 26646991   /usr/lib/libbluetooth.so.1.0.15
007db000-007f5000 r-xp 00000000 09:01 11305124   /lib/ld-2.3.5.so
007f5000-007f6000 r-xp 00019000 09:01 11305124   /lib/ld-2.3.5.so
007f6000-007f7000 rwxp 0001a000 09:01 11305124   /lib/ld-2.3.5.so
09bbf000-09be0000 rw-p 09bbf000 00:00 0          [heap]
b7f2a000-b7f2b000 rw-p b7f2a000 00:00 0
b7f41000-b7f42000 rw-p b7f41000 00:00 0
bfc2d000-bfc42000 rw-p bfc2d000 00:00 0          [stack]
Aborted

bluez-hcidump-1.18-1
bluez-utils-2.15-7
bluez-libs-devel-2.15-1
bluez-libs-2.15-1
bluez-pin-0.24-2




Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.run hciattach command
2.buffer overflow detected
3.
  

Additional info:
Comment 1 David Woodhouse 2006-09-10 05:31:01 EDT
Cannot reproduce in current version

Note You need to log in before you can comment on or make changes to this bug.