Bug#819337: nethack: crashes during startup in config file parser
James Cowgill
jcowgill at debian.org
Sat Mar 26 23:57:11 UTC 2016
Control: tags -1 pending
On Sat, 2016-03-26 at 23:49 +0000, James Cowgill wrote:
> On Sat, 2016-03-26 at 23:34 +0000, James Cowgill wrote:
> > y at d:~$ uname -a
> > Linux d 4.4.0-1-amd64 #1 SMP Debian 4.4.6-1 (2016-03-17) x86_64
> > GNU/Linux
> > y at d:~$ nethack
> > *** buffer overflow detected ***: /usr/lib/games/nethack/nethack-
> > console
> > terminated
> > ======= Backtrace: =========
> > /lib/x86_64-linux-gnu/libc.so.6(+0x71ff5)[0x7f22847c6ff5]
> > /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f228484e347]
> > /lib/x86_64-linux-gnu/libc.so.6(+0xf7510)[0x7f228484c510]
> > /usr/lib/games/nethack/nethack-console[0x470e16]
> This address corresponds to the call to strcpy in src/files.c line
> 2110. It appears copying the input config line has has overflowed the
> 'buf' variable located on the stack.
And I've just seen that upstream has already fixed this in
commit 288ac4b07c82 (avoid crash for long lines in nethackrc). It's
fixed in the Debian git repository and it'll be uploaded at some point.
Thanks,
James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-games-devel/attachments/20160326/993d5e8e/attachment.sig>
More information about the Pkg-games-devel
mailing list