[XFree86] Posible format string bug on Xterm Up to last version

Agustin <agianni2002@xxxxxxxxxxxx> · 07 Nov 2003 03:23:52 -0300

Hello, im Agustin Gianni (gr00vy) from argentina. I would like to report
a bug on xterm (the last version 181 and the one on Slackware 9.0).
Since im not experienced on format bugs i couldnt make so much to try to
make a fix o give more info about the bug.

root@zencracking:/root# HOME=%n%n%n%n%n%n
root@zencracking:/root# xterm
Segmentation fault
root@zencracking:/root# gdb xterm
(gdb) r
Starting program: /root/xterm-181/xterm

Program received signal SIGSEGV, Segmentation fault.
0x4026e5bd in _int_malloc () from /lib/libc.so.6
(gdb) bt
#0  0x4026e5bd in _int_malloc () from /lib/libc.so.6
#1  0x4026d6b5 in malloc () from /lib/libc.so.6
#2  0x4025c003 in __fopen_internal () from /lib/libc.so.6
#3  0x4025c0ce in fopen@@GLIBC_2.1 () from /lib/libc.so.6
#4  0x4001e47a in XcursorFilenameSave () from
/usr/X11R6/lib/libXcursor.so.1
#5  0x4001e616 in XcursorLibraryLoadImages () from
/usr/X11R6/lib/libXcursor.so.1
#6  0x4001e824 in XcursorShapeLoadImages () from
/usr/X11R6/lib/libXcursor.so.1
#7  0x4001eb6e in XcursorTryShapeCursor () from
/usr/X11R6/lib/libXcursor.so.1
#8  0x4012d628 in _XTryShapeCursor () from /usr/X11R6/lib/libX11.so.6
#9  0x4012d9e9 in XCreateGlyphCursor () from /usr/X11R6/lib/libX11.so.6
#10 0x4012de59 in XCreateFontCursor () from /usr/X11R6/lib/libX11.so.6
#11 0x0805f3ce in make_colored_cursor (cursorindex=68, fg=0,
bg=16777215) at misc.c:216
#12 0x0805b578 in get_terminal () at main.c:2467
#13 0x0805b019 in main (argc=0, argv=0xbffff9e8) at main.c:2111
#14 0x4020dbb4 in __libc_start_main () from /lib/libc.so.6
(gdb) i r
eax            0x808e780        134801280
ecx            0x40327300       1077048064
edx            0x40327354       1077048148
ebx            0x40326234       1077043764
esp            0xbffff650       0xbffff650
ebp            0xbffff688       0xbffff688
esi            0x0      0
edi            0x0      0
eip            0x4026e5bd       0x4026e5bd
eflags         0x10206  66054
cs             0x23     35
ss             0x2b     43
ds             0x2b     43
es             0x2b     43
fs             0x0      0
gs             0x0      0
fctrl          0x37f    895
fstat          0x0      0
ftag           0xffff   65535
fiseg          0x0      0
fioff          0x0      0
foseg          0x0      0
fooff          0x0      0
fop            0x0      0
mxcsr          0x1f80   8064
orig_eax       0xffffffff       -1

Best Regards

Agustin Gianni
Argentina

PS: thanks to #linux and #cheese (specially df)

_______________________________________________
XFree86 mailing list
XFree86@xxxxxxxxxxx
http://XFree86.Org/mailman/listinfo/xfree86