Bug#529074: crash when compiled with -D_FORTIFY_SOURCE=2

Kees Cook kees at debian.org
Sun May 17 16:07:29 UTC 2009

Package: nvram-wakeup
Version: 0.99b-1
Severity: normal
Tags: patch
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu karmic ubuntu-patch


When compiled with hardening-wrapper[1] enabled (or compiled with
Ubuntu's compiler), nvram-wakeup will always crash due to a 1-byte buffer
overflow in the xxd() function.  The attached patch solves the problem.

Upstream bug report: https://sourceforge.net/tracker/?func=detail&aid=2782757&group_id=35022&atid=412755
Ubuntu bug: https://bugs.launchpad.net/bugs/370261



[1] http://wiki.debian.org/Hardening

Kees Cook                                            @debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-overflow.patch
Type: text/x-diff
Size: 1063 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-vdr-dvb-devel/attachments/20090517/72ac2628/attachment.patch>

More information about the pkg-vdr-dvb-devel mailing list