Bug 45149 - nedit crashes when print selected
nedit crashes when print selected
Product: Red Hat Powertools
Classification: Retired
Component: nedit (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
: 45630 47697 50884 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2001-06-20 11:29 EDT by pq
Modified: 2008-05-01 11:38 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-08-20 07:54:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
replacement for nedit-5.1.1-security.patch (1.25 KB, patch)
2001-08-07 17:05 EDT, Gene Czarcinski
no flags Details | Diff

  None (edit)
Description pq 2001-06-20 11:29:53 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-6.2.1 i686)

Description of problem:
RedHat issued a patch for nedit (RHSA-2001:61-02 updated 2001-05-08) to fix
potential problem with creation of temporary files.
In the source RPM, (and it also seems to be the same in source RPMS up to
rawhide version), the patch nedit-5.1.1-security.patch line 8 causes a
string to be passed to mkstemp().
This causes a core dump when, for example, you select "Print" from the File
You can fix this by replacing *tmpFileName by tmpFileName[] or somesuch.

Paul Quare

How reproducible:

Steps to Reproduce:
1.Select Print from File menu

Actual Results:  nedit core dumped with segment violation

Expected Results:  It should have printed the file.

Additional info:

(I've marked it below as a Security bug as it would seem that the 
problem it was meant to fix hasn't been fixed?)
Comment 1 Bernhard Rosenkraenzer 2001-06-25 06:11:25 EDT
*** Bug 45630 has been marked as a duplicate of this bug. ***
Comment 2 Bernhard Rosenkraenzer 2001-06-26 12:15:36 EDT
Not a security bug, the issue is fixed, it just introduced unwanted side 
effects. reducing priority.
Comment 3 Bernhard Rosenkraenzer 2001-07-09 06:19:44 EDT
*** Bug 47697 has been marked as a duplicate of this bug. ***
Comment 4 Bernhard Rosenkraenzer 2001-08-04 15:22:25 EDT
*** Bug 50884 has been marked as a duplicate of this bug. ***
Comment 5 Gene Czarcinski 2001-08-07 17:02:45 EDT
OK, this time I have a proposed fix (patch) for the problem.

The problem is that the security patch has an error in that it passes a constant
to mkstemp which seems to cause the segfault.  The fix is to simply change the
definition of tmpFileName from a point to an array on the stack which is
initialized to the value in the old security patch.

This patch was developed and tested under the Roswell public beta (7.1.93) but
should apply to previous versions.

The attached patch replaces the existing security patch.
Comment 6 Gene Czarcinski 2001-08-07 17:05:04 EDT
Created attachment 26715 [details]
replacement for nedit-5.1.1-security.patch
Comment 7 Bernhard Rosenkraenzer 2001-08-20 07:54:31 EDT
*** Bug 50884 has been marked as a duplicate of this bug. ***
Comment 8 Bernhard Rosenkraenzer 2001-08-20 08:00:07 EDT
fixed in 5.1.1-10

Note You need to log in before you can comment on or make changes to this bug.