Public bug reported:
$ lsb_release -rd
Description: Ubuntu 16.04 LTS
Release: 16.04
$ tightvncpasswd
Using password file /home/pa/.vnc/passwd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
*** buffer overflow detected ***: tightvncpasswd terminated
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(+0x67257)[0xb7595257]
/lib/i386-linux-gnu/libc.so.6(__fortify_fail+0x68)[0xb76257c8]
/lib/i386-linux-gnu/libc.so.6(+0xf59b8)[0xb76239b8]
tightvncpasswd[0x8048cac]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf7)[0xb7546637]
tightvncpasswd[0x8048ec3]
======= Memory map: ========
08048000-0804b000 r-xp 00000000 08:01 11283419 /usr/bin/tightvncpasswd
0804b000-0804c000 r--p 00002000 08:01 11283419 /usr/bin/tightvncpasswd
0804c000-0804d000 rw-p 00003000 08:01 11283419 /usr/bin/tightvncpasswd
Of course when we store the password, we have a
buffer overflow - how else. :)
I installed the dbgsym package and run under valgrind:
Using password file /home/pa/.vnc/passwd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
==7157== Conditional jump or move depends on uninitialised value(s)
==7157== at 0x403037B: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==7157== by 0x8048C9D: main (vncpasswd.c:139)
==7157== Uninitialised value was created by a stack allocation
==7157== at 0x8048A21: main (vncpasswd.c:46)
** Affects: tightvnc (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1597115
Title:
tightvncpasswd crashes
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tightvnc/+bug/1597115/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
