Bug 507372 - firefox 3.5b4 crashed with buffer overflow detected
Summary: firefox 3.5b4 crashed with buffer overflow detected
Keywords:
Status: CLOSED DUPLICATE of bug 506952
Alias: None
Product: Fedora
Classification: Fedora
Component: firefox
Version: rawhide
Hardware: i386
OS: Linux
low
medium
Target Milestone: ---
Assignee: Gecko Maintainer
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-06-22 14:40 UTC by Igor Zubkov
Modified: 2009-06-22 14:49 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-06-22 14:49:01 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Igor Zubkov 2009-06-22 14:40:55 UTC 
Description of problem:
firefox 3.5b4 crashed with buffer overflow detected

Version-Release number of selected component (if applicable):
firefox-3.5-0.21.beta4.fc12.i586
xulrunner-1.9.1-0.22.beta4.fc12.i586

How reproducible:
Update to rawhide and run firefox.


Additional info:

$ firefox
*** buffer overflow detected ***: /usr/lib/firefox-3.5b4/firefox terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x48)[0xb00bd8]
/lib/libc.so.6[0xafed90]
/lib/libc.so.6(__strcpy_chk+0x44)[0xafe074]
/usr/lib/xulrunner-1.9.1/libmozjs.so[0x50789c]
/usr/lib/xulrunner-1.9.1/libmozjs.so[0x50798d]
/usr/lib/xulrunner-1.9.1/libmozjs.so[0x507b85]
/usr/lib/xulrunner-1.9.1/libmozjs.so[0x4b2908]
/usr/lib/xulrunner-1.9.1/libmozjs.so[0x4b2afa]
/usr/lib/xulrunner-1.9.1/libmozjs.so[0x4f41ec]
/usr/lib/xulrunner-1.9.1/libmozjs.so(JS_CompileUCScriptForPrincipals+0x5e)[0x497235]
/usr/lib/xulrunner-1.9.1/libmozjs.so(JS_CompileScriptForPrincipals+0x46)[0x49a2ac]
/usr/lib/xulrunner-1.9.1/libxul.so[0x5169dc4]
/usr/lib/xulrunner-1.9.1/libxul.so[0x516b01a]
/usr/lib/xulrunner-1.9.1/libxul.so[0x5a28b14]
/usr/lib/xulrunner-1.9.1/libxul.so[0x5a28edf]
/usr/lib/xulrunner-1.9.1/libxul.so[0x5a28fdf]
/usr/lib/xulrunner-1.9.1/libxul.so[0x5a29e3b]
/usr/lib/xulrunner-1.9.1/libxul.so(NS_InitXPCOM3_P+0x7f8)[0x59fffd2]
/usr/lib/xulrunner-1.9.1/libxul.so[0x50f9b8e]
/usr/lib/xulrunner-1.9.1/libxul.so(XRE_main+0x271f)[0x50fce6c]
/usr/lib/firefox-3.5b4/firefox[0x8049b05]
/lib/libc.so.6(__libc_start_main+0xe6)[0xa1fa66]
/usr/lib/firefox-3.5b4/firefox[0x8049541]
======= Memory map: ========
00101000-0012a000 r-xp 00000000 08:02 1541567    /usr/lib/libpangoft2-1.0.so.0.2400.2
0012a000-0012b000 rw-p 00028000 08:02 1541567    /usr/lib/libpangoft2-1.0.so.0.2400.2
0012b000-0012d000 rwxp 00000000 00:00 0 
0012d000-00177000 r-xp 00000000 08:02 1540566    /usr/lib/libpixman-1.so.0.15.12
00177000-00179000 rw-p 00049000 08:02 1540566    /usr/lib/libpixman-1.so.0.15.12
00179000-0017b000 r-xp 00000000 08:02 1621836    /lib/libkeyutils-1.2.so
0017b000-0017c000 rw-p 00001000 08:02 1621836    /lib/libkeyutils-1.2.so
0017c000-00185000 r-xp 00000000 08:02 1545968    /usr/lib/libXcursor.so.1.0.2
00185000-00186000 rw-p 00008000 08:02 1545968    /usr/lib/libXcursor.so.1.0.2
00186000-00188000 rwxp 00000000 00:00 0 
00188000-001a6000 r-xp 00000000 08:02 1542100    /usr/lib/libgdk_pixbuf-2.0.so.0.1702.0
001a6000-001a7000 rw-p 0001d000 08:02 1542100    /usr/lib/libgdk_pixbuf-2.0.so.0.1702.0
001a7000-001a9000 rwxp 00000000 00:00 0 
001a9000-001ad000 r-xp 00000000 08:02 2399198    /usr/lib/xulrunner-1.9.1/libxpcom.so
001ad000-001ae000 rw-p 00003000 08:02 2399198    /usr/lib/xulrunner-1.9.1/libxpcom.so
001ae000-001b6000 r-xp 00000000 08:02 1548714    /usr/lib/libltdl.so.7.2.0
001b6000-001b7000 rw-p 00007000 08:02 1548714    /usr/lib/libltdl.so.7.2.0
001b7000-001ba000 r-xp 00000000 08:02 1547170    /usr/lib/libavahi-glib.so.1.0.1
001ba000-001bb000 rw-p 00002000 08:02 1547170    /usr/lib/libavahi-glib.so.1.0.1
001bb000-001bd000 r-xp 00000000 08:02 1553614    /usr/lib/gconv/UTF-16.so
001bd000-001be000 r--p 00001000 08:02 1553614    /usr/lib/gconv/UTF-16.so
001be000-001bf000 rw-p 00002000 08:02 1553614    /usr/lib/gconv/UTF-16.so
001bf000-002a6000 r-xp 00000000 08:02 1616504    /lib/libglib-2.0.so.0.2102.0
002a6000-002a7000 rw-p 000e7000 08:02 1616504    /lib/libglib-2.0.so.0.2102.0
002a9000-00358000 r-xp 00000000 08:02 1616603    /lib/libgio-2.0.so.0.2102.0
00358000-0035a000 rw-p 000ae000 08:02 1616603    /lib/libgio-2.0.so.0.2102.0
0035c000-003da000 r-xp 00000000 08:02 1541145    /usr/lib/libcairo.so.2.10800.8
003da000-003dc000 rw-p 0007e000 08:02 1541145    /usr/lib/libcairo.so.2.10800.8
003de000-00483000 r-xp 00000000 08:02 1542142    /usr/lib/libgdk-x11-2.0.so.0.1702.0
00483000-00486000 rw-p 000a5000 08:02 1542142    /usr/lib/libgdk-x11-2.0.so.0.1702.0
00488000-00588000 r-xp 00000000 08:02 2399185    /usr/lib/xulrunner-1.9.1/libmozjs.so
00588000-0058e000 rw-p 00100000 08:02 2399185    /usr/lib/xulrunner-1.9.1/libmozjs.so
0058e000-00596000 r-xp 00000000 08:02 1617686    /lib/libpopt.so.0.0.0
00596000-00597000 rw-p 00007000 08:02 1617686    /lib/libpopt.so.0.0.0
00598000-00599000 r-xp 00000000 00:00 0          [vdso]
00599000-005aa000 r-xp 00000000 08:02 1567211    /usr/lib/gtk-2.0/2.10.0/engines/libnodoka.so
005aa000-005ab000 rw-p 00011000 08:02 1567211    /usr/lib/gtk-2.0/2.10.0/engine/usr/lib/firefox-3.5b4/run-mozilla.sh: line 131:  5201 Aborted                 "$prog" ${1+"$@"}
$
Comment 1 Yanko Kaneti 2009-06-22 14:49:01 UTC 

*** This bug has been marked as a duplicate of bug 506952 ***
Note You need to log in before you can comment on or make changes to this bug.