Your message dated Tue, 05 Jul 2016 10:05:42 +0000 with message-id <e1bknec-00023m...@franck.debian.org> and subject line Bug#817837: fixed in l2tpns 2.2.1-2 has caused the Debian Bug report #817837, regarding l2tpns: *** buffer overflow detected ***: l2tpns terminated to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 817837: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817837 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: l2tpns Version: 2.2.1-1+b1 Severity: grave Tags: patch Justification: renders package unusable Dear Maintainer, Running l2tpns causes an instance crash as follows: # l2tpns -v *** buffer overflow detected ***: l2tpns terminated (full trace removed as it doesn't help) The problem exists in the ring buffer logging code. Specially the vsprintf is called with a length of 4095 when the size of the buffer is MAX_LOG_LENGTH (defined as 512 in l2tpns.h). The result is that as soon as the program is executed it crashes as soon as a few log messages are printed. The following patch resolves the problem. I also have some more minor fixes, which resolve compiler warnings. I am happy to share these if you let me know where to send them! Dave -- Begin patch diff --git a/l2tpns.c b/l2tpns.c index 41e12de..2680908 100644 --- a/l2tpns.c +++ b/l2tpns.c @@ -268,7 +268,7 @@ void _log(int level, sessionidt s, tunnelidt t, const char *format, ...) ringbuffer->buffer[ringbuffer->tail].session = s; ringbuffer->buffer[ringbuffer->tail].tunnel = t; va_start(ap, format); - vsnprintf(ringbuffer->buffer[ringbuffer->tail].message, 4095, format, ap); + vsnprintf(ringbuffer->buffer[ringbuffer->tail].message, MAX_LOG_LENGTH-1, format, ap); va_end(ap); } #endif -- End patch -- System Information: Debian Release: 8.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages l2tpns depends on: ii libc6 2.19-18+deb8u3 ii libcli1.9 1.9.7-1 l2tpns recommends no packages. l2tpns suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: l2tpns Source-Version: 2.2.1-2 We believe that the bug you reported is fixed in the latest version of l2tpns, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 817...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jonathan McDowell <nood...@earth.li> (supplier of updated l2tpns package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 05 Jul 2016 10:48:12 +0100 Source: l2tpns Binary: l2tpns Architecture: source amd64 Version: 2.2.1-2 Distribution: sid Urgency: low Maintainer: Jonathan McDowell <nood...@earth.li> Changed-By: Jonathan McDowell <nood...@earth.li> Description: l2tpns - layer 2 tunnelling protocol network server (LNS) Closes: 817837 Changes: l2tpns (2.2.1-2) unstable; urgency=low . * Fix log buffer overrun, thanks to Dave Reeve (closes: #817837) * Add /lib/lsb/init-functions to init script. Checksums-Sha1: 70ae1ec20237354af7c3c3e20210a2274dc2ea57 1638 l2tpns_2.2.1-2.dsc 08f8701a9c23fece648393628795ab4a71bce789 4720 l2tpns_2.2.1-2.debian.tar.xz 292239a0f0f3624528888120bc497f15ae35952a 270714 l2tpns-dbgsym_2.2.1-2_amd64.deb 5b52dc7263b44ea7b5c6fcfc5b2b66f5e871c457 143192 l2tpns_2.2.1-2_amd64.deb Checksums-Sha256: 31bd2589b624992d45712ba3e413cc0b8e5d66c6e6a24b56f1a08d926e2616a1 1638 l2tpns_2.2.1-2.dsc 01bab4ec41c338186cbfb9ec7a529af776f95cbfb98e0ab688c206f9352d1c0b 4720 l2tpns_2.2.1-2.debian.tar.xz c10d3b2ac491cf7be7599a2b1b2845e96d967101cf54a3cef28d0602f5a1bbbc 270714 l2tpns-dbgsym_2.2.1-2_amd64.deb 4bd5a0d73f4cdb1c004c3665b1af03d82e227594438c3e89781d22c6fe4b8ad2 143192 l2tpns_2.2.1-2_amd64.deb Files: 10e97095e293141935c9ea834de72da5 1638 net optional l2tpns_2.2.1-2.dsc 70cb6fa1c54fb4a131ccc3425c190250 4720 net optional l2tpns_2.2.1-2.debian.tar.xz 6d941d97a4e18a1be73d257a9aea690f 270714 debug extra l2tpns-dbgsym_2.2.1-2_amd64.deb 4a933c3bbeffae1698abe7732d4e4095 143192 net optional l2tpns_2.2.1-2_amd64.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJXe4V9AAoJEP8WL8XPP7rRQHkP/3PRqoVHEGckXqiu/XYlewul NaFnBgQmq09efr14JMsI171hzQF03iq5QD86586ra/MRiDnGkkOjNrOP+Sgf/N7w uTegciiTHR+mJ1xN5Mj6iKu3C30ZUEqpnRb0nxP7HmilO+SOpm8vXawbxMR5SPmf +8cJDGahfW2xxbBMOQZY24F0OJgm9+Irif8f6xO4BUYVVrrCwfmgOIjFr5pGcgw7 PvZK716ITCENO//zZGra+CNxXNx33U4iarTbfLDDf1Mpug9O02f/51SnNp9LvUgO IbWZMVauZIO1/oXHPe7KOdTboC1q3GdId0grnhhlKh4XU9Im7X4N4+kybf6edhH5 zTbYlcw3bk8d6NIu6UKHFSi3xSeYFpdcfy8X28sEDclg1pen1GAlSGew4NBzJ6w/ qXevzeUxVTjAcApz02Y/Iuow7MBoLmXB7k7nP2uzWawyY+8e4JjiXdgoWbhGvXwY 1EFBX7dqoPGT9gPHY3h+vECqKtWH+TsU0imRwYpQK7YKth8FdZMklJUkaC3FSLKL EOAu4J2az2auTU8JEfc/Ne01q9Jf8eMsHe4erkMVVP38DsG171qHeM8MrqlAA/ep s/x6BjF+QHVc1H6o61Os9BHL/+RuhVNntFjHoygRjXlSk+rX6TCeu/Hv6h1quQWa NiGcRSIJ/OxMMR+CaD0u =rWMy -----END PGP SIGNATURE-----
--- End Message ---
