Bug 523678 - OpenDX: dxui aborts with buffer overflow when opening a file
Summary: OpenDX: dxui aborts with buffer overflow when opening a file
Alias: None
Product: Fedora
Classification: Fedora
Component: dx
Version: 11
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Dominik 'Rathann' Mierzejewski
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2009-09-16 12:42 UTC by Tristan Moody
Modified: 2009-11-27 22:02 UTC (History)
5 users (show)

Fixed In Version: 4.4.4-10.fc11
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2009-11-27 22:02:23 UTC
Type: ---

Attachments (Terms of Use)

Description Tristan Moody 2009-09-16 12:42:07 UTC
Description of problem: 
Every time a program file is opened in the Visual Program Editor, the program aborts with a buffer overflow.

Version-Release number of selected component (if applicable):

How reproducible:
Every time, for me at least.

Steps to Reproduce:
1. Open Visual Program Editor
2. File/Open...
3. Select an appropriate file and click OK
Actual results:
Program aborts.

Expected results:
DX Program opens.

Additional info:
gdb backtrace:

#0  0x40000424 in __kernel_vsyscall ()
#1  0x006c97c1 in *__GI_raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#2  0x006cb092 in *__GI_abort () at abort.c:88
#3  0x00707dad in __libc_message (do_abort=2, 
    fmt=0x7dadab "*** %s ***: %s terminated\n")
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:170
#4  0x00795d88 in *__GI___fortify_fail (
    msg=0x7dad55 "buffer overflow detected") at fortify_fail.c:32
#5  0x00793f40 in *__GI___chk_fail () at chk_fail.c:29
#6  0x00793224 in __strcpy_chk (dest=0x82d0b20 " ", 
    src=0x82ceb22 " time: Tue Sep 15 16:38:40 2009", destlen=6)
    at strcpy_chk.c:61
#7  0x08163fce in strcpy (__src=<value optimized out>, 
    __dest=<value optimized out>) at /usr/include/bits/string3.h:106
#8  yylex (__src=<value optimized out>, __dest=<value optimized out>)
    at netlex.c:1720
#9  0x081650cb in yyparse () at y.tab.c:1625
#10 0x08118575 in Network::parse (this=0x92e4fb8, input=0x93afb60)
    at Network.C:1626
#11 0x0811df5c in Network::readNetwork (this=0x92e4fb8, 
    netFile=0x93ab6d0 "/home/tristan/2d.net", cfgFile=0x0, 
    ignoreUndefinedModules=0 '\0') at Network.C:1348
#12 0x080b0bdc in DXApplication::openFile (this=0x92b9de0, 
    netfile=0x93ab6d0 "/home/tristan/2d.net", cfgfile=0x0, 
    resetTheServer=1 '\1') at DXApplication.C:3493
#13 0x081232cf in OpenNetworkDialog::okFileWork (this=0x93a5ef0, 
    string=0x93ab6d0 "/home/tristan/2d.net") at OpenNetworkDialog.C:82
#14 0x0819a6d2 in FileDialog::okCallback (this=0x93a5ef0, d=0x93a5ef0)
    at FileDialog.C:250
#15 0x08190706 in Dialog_OkCB (clientData=0x93a5ef0) at Dialog.C:32
#16 0x05ec224c in XtCallCallbackList (widget=0x93a6570, callbacks=0x93ac650, 
    call_data=0xbfa66e84) at Callback.c:617
#17 0x0017fc08 in _XmFsbButton (w=0x93aa390, client=0x0, call=0xbfa66f34)
    at FileSB.c:2790
#18 0x05ec224c in XtCallCallbackList (widget=0x93aa390, callbacks=0x93abb48, 
    call_data=0xbfa66f34) at Callback.c:617
#19 0x001af0b6 in Activate (w=0x93aa390, event=<value optimized out>, 
    params=0x0, num_params=0xbfa66f9c) at PushBG.c:1409
#20 0x001af897 in input_dispatch (gadget=0x93aa390, event=0xbfa6749c, 
    event_mask=64) at PushBG.c:1825
#21 0x00186bf2 in _XmDispatchGadgetInput (w=0x93aa390, event=0xbfa6749c, 
    mask=64) at GadgetUtil.c:284
#22 0x001a096e in _XmGadgetActivate (w=0x93a6570, event=0xbfa6749c, 
    params=0x0, num_params=0x9320a40) at Manager.c:1064
#23 0x05efa82b in HandleActions (w=<value optimized out>, 
    event=<value optimized out>, stateTree=0x9320c18, accelWidget=0x0, 
    procs=0x93aff0c, actions=0x9320a38) at TMstate.c:636
#24 0x05efb051 in HandleComplexState (curEventPtr=<value optimized out>, 
    tmRecPtr=<value optimized out>, w=<value optimized out>) at TMstate.c:1063
#25 _XtTranslateEvent (curEventPtr=<value optimized out>, 
    tmRecPtr=<value optimized out>, w=<value optimized out>) at TMstate.c:1095
#26 0x05ed0c12 in XtDispatchEventToWidget (widget=0x93a6570, event=0xbfa6749c)
    at Event.c:898
#27 0x05ed146b in _XtDefaultDispatcher (event=0xbfa6749c) at Event.c:1359
#28 0x05ed02bd in XtDispatchEvent (event=0xbfa6749c) at Event.c:1415
#29 0x080b1e9a in DXApplication::handleEvents (this=0x92b9de0)
    at DXApplication.C:2989
#30 0x080936e7 in main (argc=3, argv=0xbfa675f4) at Main.C:110

Comment 1 Tristan Moody 2009-09-22 19:33:23 UTC
Copying from bug 487616:

I downloaded the src rpm, built it locally and installed the locally build rpm,
and the buffer overflow issue is gone.  I have no idea what is going on at this

Comment 2 Sébastien Le Roux 2009-10-26 18:52:36 UTC
Same thing for me, 
I upgraded my system few days ago to Fedora 11, in a first time I had this
buffer overflow issue, then I dowloaded the src rpm, build it and now the error
is gone.
During the configuration of the dx program I used no options at all.


Comment 3 Fedora Update System 2009-11-08 15:45:27 UTC
dx-4.4.4-10.fc11 has been submitted as an update for Fedora 11.

Comment 4 Fedora Update System 2009-11-10 17:50:08 UTC
dx-4.4.4-10.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update dx'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2009-11224

Comment 5 Dominik 'Rathann' Mierzejewski 2009-11-14 23:20:12 UTC
Tristan, could you test this new build and report back? Does the crash happen with all files or just with that particular one? If it's just that one then please attach it.

Comment 6 Tristan Moody 2009-11-16 06:43:33 UTC
The new build appears to be working just fine for me now.  Previously, it didn't matter what file I would open--it would crash with any .net file I could throw at it.  The new build works great, thanks!

Comment 7 Fedora Update System 2009-11-27 22:02:13 UTC
dx-4.4.4-10.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.