Bug#716506: [Mayhem] Bug report on nco: ncbo crashes with exit status 139
Alexandre Rebert
alexandre at cmu.edu
Thu Jul 11 23:38:58 UTC 2013
Hi Charlie,
Dying with exit(EXIT_FAILURE) would be fine. In the attached testcase
however, ncbo segfaults because of a null dereference. Here is the
backtrace when the crash is happening:
#0 0xb7a37ad6 in ?? () from /lib/i386-linux-gnu/i686/cmov/libc.so.6
#1 0xb7f9ed20 in nco_fl_mk_lcl () from
/home/apr/tmp/crap/ncbo-report/crash/libs/libnco-4.0.9.so
#2 0x0804a547 in ?? ()
#3 0xb79cee46 in __libc_start_main () from
/lib/i386-linux-gnu/i686/cmov/libc.so.6
#4 0x0804c6cd in ?? ()
Best,
Alex
On Thu, Jul 11, 2013 at 7:10 PM, Charlie Zender <zender at uci.edu> wrote:
> Hi,
>
> I am the NCO (package name nco) author/maintainer.
> I am unsure how/if to respond to these Mayhem bug reports.
> NCO is a set of command line operators written in C99.
> When they receive incorrect input options, they die with
> exit(EXIT_FAILURE), as recommended (I believe) by the C-standard.
> Is there some other way they should die when given incorrect input?
>
> Thanks!
> cz
>
> Le 10/07/2013 12:34, Alexandre Rebert a écrit :
> > Package: nco
> > Version: 4.0.9-1+b1
> > Severity: normal
> > User: mayhem at forallsecure.com
> > Usertags: mayhem
> >
> > ncbo crashes with exit status 139. We confirmed the crash by
> > re-running it in a fresh debian unstable installation.
> >
> > The attachment [1] contains a testcase (under ./crash) crashing the
> > program. It ensures that you can easily reproduce the bug. Additionally,
> > under ./crash_info/, we include more information about the crash such as
> > a core dump, the dmesg generated by the crash, and its output.
> >
> > Regards,
> > The Mayhem Team (Alexandre Rebert, Thanassis Avgerinos, Sang Kil Cha,
> David Brumley, Manuel Egele)
> > Cylab, Carnegie Mellon University
> >
> > [1]
> http://www.forallsecure.com/bug-reports/427fd7430637448139f0fe0efa958d82e43894b7/full_report
> >
> >
> > -- System Information:
> > Debian Release: jessie/sid
> > APT prefers unstable
> > APT policy: (500, 'unstable')
> > Architecture: i386 (i686)
> >
> > Kernel: Linux 3.9-1-686-pae (SMP w/1 CPU core)
> > Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
> > Shell: /bin/sh linked to /bin/dash
> >
> > Versions of packages nco depends on:
> > ii dpkg 1.16.10
> > ii install-info 5.1.dfsg.1-3
> > ii libc6 2.17-6
> > ii libcurl3-gnutls 7.31.0-1
> > ii libgcc1 1:4.8.1-4
> > ii libgsl0ldbl 1.15+dfsg.2-2
> > ii libnetcdfc7 1:4.1.3-6+b1
> > ii libstdc++6 4.8.1-4
> > ii libudunits2-0 2.1.23-4
> >
> > nco recommends no packages.
> >
> > nco suggests no packages.
> >
> > -- no debconf information
> >
>
> --
> Charlie Zender, Earth System Sci. & Computer Sci.
> University of California, Irvine 949-891-2429 )'(
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-grass-devel/attachments/20130711/87a58da7/attachment-0002.html>
More information about the Pkg-grass-devel
mailing list