bug-ncurses
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A heap-buffer-overflow in convert_strings

From: Thomas Dickey
Subject: Re: A heap-buffer-overflow in convert_strings
Date: Sat, 22 Aug 2020 16:45:01 -0400
User-agent: NeoMutt/20170113 (1.7.2) 
On Thu, Aug 20, 2020 at 11:10:42AM +0800, 乐泰 wrote:
> Reporter: Tai
> 
> 
> Version: ncurses-6.2
> Command: toe
> 
> Environment: Ubuntu 16.04 x86-64
...
> ==10095==ERROR: AddressSanitizer: heap-buffer-overflow on address 
> 0x616000036add at pc 0x00000040278c bp 0x7ffdd40b20d0 sp 0x7ffdd40b20c0

as noted, not a buffer "overflow"
 
> READ of size 1 at 0x616000036add thread T0
> 
>     #0 0x40278b in convert_strings ../../ncurses/tinfo/read_entry.c:164
>     #1 0x41523c in _nc_read_termtype ../../ncurses/tinfo/read_entry.c:371
>     #2 0x41523c in _nc_read_file_entry ../../ncurses/tinfo/read_entry.c:567
>     #3 0x407914 in typelist ../../progs/toe.c:438
>     #4 0x404359 in main ../../progs/toe.c:735
>     #5 0x7fc3756b782f in __libc_start_main 
> (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
>     #6 0x4056b8 in _start 
> (/home/ubuntu/yuetai/test_programs/ncurses-6.2/asan-ins/bin/bin/toe+0x4056b8)
 
I'm not able to reproduce this using Debian 9, using either ncurses 6.2
or the current (20200808) snapshot.

If it's an Ubuntu-specific problem, Ubuntu has its own bug-reporting system.

-- 
Thomas E. Dickey <dickey@invisible-island.net>
https://invisible-island.net
ftp://ftp.invisible-island.net

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]