573445 – concordance crashes on hardware access because of fortification

Bug 573445 - concordance crashes on hardware access because of fortification

Summary: concordance crashes on hardware access because of fortification

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	concordance
Sub Component:
Version:	12
Hardware:	i386
OS:	Linux
Priority:	low
Severity:	high
Target Milestone:	---
Assignee:	Douglas E. Warner
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-03-14 21:12 UTC by Stefan.Nickl
Modified:	2010-12-03 17:21 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-12-03 17:21:57 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Stefan.Nickl 2010-03-14 21:12:40 UTC

Description of problem:

$ concordance -t Connectivity.EZHex 
Concordance 0.21
Copyright 2007 Kevin Timmerman and Phil Dibowitz
This software is distributed under the GPLv3.

Requesting Identity: 100%                 done
*** buffer overflow detected ***: concordance terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x4d)[0x5eb1ed]
/lib/libc.so.6[0x5e930a]
/lib/libc.so.6[0x5e8a38]
/lib/libc.so.6(_IO_default_xsputn+0xb6)[0x563bd6]
/lib/libc.so.6(_IO_vfprintf+0x3ec9)[0x53a0d9]
/lib/libc.so.6(__vsprintf_chk+0xa7)[0x5e8ae7]
/lib/libc.so.6(__sprintf_chk+0x2d)[0x5e8a2d]
/usr/lib/libconcord.so.1(_Z4PostPhjPKcR11TRemoteInfobbPSsS4_+0x426)[0x10c406]
/usr/lib/libconcord.so.1(post_connect_test_success+0x62)[0x109bf2]
concordance[0x804bed4]
/lib/libc.so.6(__libc_start_main+0xe6)[0x50dbb6]
concordance[0x80497e1]
======= Memory map: ========
00101000-00111000 r-xp 00000000 fd:01 5931566    /usr/lib/libconcord.so.1.0.0
00111000-00112000 rw-p 00010000 fd:01 5931566    /usr/lib/libconcord.so.1.0.0
001cc000-002a9000 r-xp 00000000 fd:01 5926497    /usr/lib/libstdc++.so.6.0.13
002a9000-002ad000 r--p 000dc000 fd:01 5926497    /usr/lib/libstdc++.so.6.0.13
002ad000-002af000 rw-p 000e0000 fd:01 5926497    /usr/lib/libstdc++.so.6.0.13
002af000-002b5000 rw-p 00000000 00:00 0 
004d5000-004f3000 r-xp 00000000 fd:01 3830154    /lib/ld-2.11.1.so
004f3000-004f4000 r--p 0001d000 fd:01 3830154    /lib/ld-2.11.1.so
004f4000-004f5000 rw-p 0001e000 fd:01 3830154    /lib/ld-2.11.1.so
004f7000-00666000 r-xp 00000000 fd:01 3830306    /lib/libc-2.11.1.so
00666000-00668000 r--p 0016e000 fd:01 3830306    /lib/libc-2.11.1.so
00668000-00669000 rw-p 00170000 fd:01 3830306    /lib/libc-2.11.1.so
00669000-0066c000 rw-p 00000000 00:00 0 
0066e000-00696000 r-xp 00000000 fd:01 3830439    /lib/libm-2.11.1.so
00696000-00697000 r--p 00027000 fd:01 3830439    /lib/libm-2.11.1.so
00697000-00698000 rw-p 00028000 fd:01 3830439    /lib/libm-2.11.1.so
00c42000-00c43000 r-xp 00000000 00:00 0          [vdso]
00dce000-00deb000 r-xp 00000000 fd:01 3830143    /lib/libgcc_s-4.4.3-20100127.so.1
00deb000-00dec000 rw-p 0001c000 fd:01 3830143    /lib/libgcc_s-4.4.3-20100127.so.1
03a2d000-03a34000 r-xp 00000000 fd:01 5947702    /usr/lib/libusb-0.1.so.4.4.4
03a34000-03a36000 rw-p 00006000 fd:01 5947702    /usr/lib/libusb-0.1.so.4.4.4
08048000-0804f000 r-xp 00000000 fd:01 5930131    /usr/bin/concordance
0804f000-08050000 rw-p 00006000 fd:01 5930131    /usr/bin/concordance
0861b000-0863c000 rw-p 00000000 00:00 0          [heap]
b7756000-b7758000 rw-p 00000000 00:00 0 
b7772000-b7774000 rw-p 00000000 00:00 0 
bf8a6000-bf8bb000 rw-p 00000000 00:00 0          [stack]
Contacting website:  Aborted

Version-Release number of selected component (if applicable):
concordance-0.21-2.fc12

How reproducible:
Any access to the remote seems to crash concordance / congruity

Steps to Reproduce:
1.
2.
3.
  
Actual results:
segfault

Expected results:
access harmony remote

Additional info:

Comment 1 Bug Zapper 2010-11-03 19:45:38 UTC

This message is a reminder that Fedora 12 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 12.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '12'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 12's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 12 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Comment 2 Bug Zapper 2010-12-03 17:21:57 UTC

Fedora 12 changed to end-of-life (EOL) status on 2010-12-02. Fedora 12 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.