Package: stenc
Version: 1.0.7-2~bpo8+1
Severity: normal
Tags: upstream patch
Dear Maintainer,
Today, I backported this package to jessie. Notice, this package require
automake1.11 in order to be build on jessie.
I have got two drives into a library and stenc works as expected except
this use after free bug which occur when the tape drive is positioned at
the end of data.
To reproduice the bug:
# mt -f /dev/nst0 eod
# stenc -f /dev/nst0 --detail
Status for /dev/nst0
--------------------------------------------------
Device Mfg: HP
Product ID: Ultrium 5-SCSI
Product Revision: Z63U
Drive Encryption: on
Drive Output: Decrypting
Unencrypted data not outputted
Drive Input: Encrypting
Protecting from raw read
Key Instance Counter: 3
Encryption Algorithm: 1
Drive Key Desc.(uKAD): Key n#2 for AAA013
Volume Encryption: Unable to determine
*** Error in `stenc': double free or corruption (fasttop): 0x000055ad30f77010
***
An upstream patch exists, see:
https://sourceforge.net/p/stenc/code/ci/7c8e38048766f0c91fe2f11863a0c0450c34c79b/
-- System Information:
Debian Release: 8.9
APT prefers oldstable
APT policy: (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.64-storiq64-opteron (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages stenc depends on:
ii libc6 2.19-18+deb8u10
ii libgcc1 1:4.9.2-10
ii libstdc++6 4.9.2-10
stenc recommends no packages.
stenc suggests no packages.
-- no debconf information
Index: stenc-1.0.7/src/scsiencrypt.cpp
===================================================================
--- stenc-1.0.7.orig/src/scsiencrypt.cpp
+++ stenc-1.0.7/src/scsiencrypt.cpp
@@ -174,6 +174,7 @@ SSP_NBES* SSPGetNBES(string tapeDevice,b
if(status->nbes.encryptionStatus!=0x01)break;
if(moves>=MAX_TAPE_READ_BLOCKS)break;
delete status;
+ status=NULL;
if(!moveTape(tapeDevice,1,true))break;
moves++;
status=SSPGetNBES(tapeDevice,false);
