Your message dated Thu, 25 May 2017 21:04:14 +0000
with message-id <[email protected]>
and subject line Bug#863197: fixed in sysstat 11.4.3-2
has caused the Debian Bug report #863197,
regarding sysstat: sar program buffer overflow when option -s or -e are
specified
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
863197: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863197
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sysstat
Version: 11.4.3-1
Severity: normal
The program /usr/bin/sar shows a buffer overflow if I use option either -s or
-e to specify start or end time.
[whr@ZONGYI-TMACH]:[20]:[~]:$ sar -s 04:00
*** buffer overflow detected ***: sar terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7f5c74dd5bcb]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f5c74e5e037]
/lib/x86_64-linux-gnu/libc.so.6(+0xf7170)[0x7f5c74e5c170]
/lib/x86_64-linux-gnu/libc.so.6(__strcat_chk+0x60)[0x7f5c74e5b490]
sar(+0x526e)[0x55bcebb7a26e]
sar(+0x2900)[0x55bcebb77900]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7f5c74d852b1]
sar(+0x2f9a)[0x55bcebb77f9a]
======= Memory map: ========
55bcebb75000-55bcebb8e000 r-xp 00000000 08:15 9185205
/usr/bin/sar.sysstat
55bcebd8d000-55bcebd8e000 r--p 00018000 08:15 9185205
/usr/bin/sar.sysstat
55bcebd8e000-55bcebd90000 rw-p 00019000 08:15 9185205
/usr/bin/sar.sysstat
55bcebd90000-55bcebd95000 rw-p 00000000 00:00 0
55bced726000-55bced747000 rw-p 00000000 00:00 0 [heap]
7f5c74b4e000-7f5c74b64000 r-xp 00000000 08:15 11010162
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f5c74b64000-7f5c74d63000 ---p 00016000 08:15 11010162
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f5c74d63000-7f5c74d64000 r--p 00015000 08:15 11010162
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f5c74d64000-7f5c74d65000 rw-p 00016000 08:15 11010162
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f5c74d65000-7f5c74efa000 r-xp 00000000 08:15 11013770
/lib/x86_64-linux-gnu/libc-2.24.so
7f5c74efa000-7f5c750f9000 ---p 00195000 08:15 11013770
/lib/x86_64-linux-gnu/libc-2.24.so
7f5c750f9000-7f5c750fd000 r--p 00194000 08:15 11013770
/lib/x86_64-linux-gnu/libc-2.24.so
7f5c750fd000-7f5c750ff000 rw-p 00198000 08:15 11013770
/lib/x86_64-linux-gnu/libc-2.24.so
7f5c750ff000-7f5c75103000 rw-p 00000000 00:00 0
7f5c75103000-7f5c75126000 r-xp 00000000 08:15 11010160
/lib/x86_64-linux-gnu/ld-2.24.so
7f5c752f3000-7f5c752f5000 rw-p 00000000 00:00 0
7f5c75322000-7f5c75326000 rw-p 00000000 00:00 0
7f5c75326000-7f5c75327000 r--p 00023000 08:15 11010160
/lib/x86_64-linux-gnu/ld-2.24.so
7f5c75327000-7f5c75328000 rw-p 00024000 08:15 11010160
/lib/x86_64-linux-gnu/ld-2.24.so
7f5c75328000-7f5c75329000 rw-p 00000000 00:00 0
7ffc0dccb000-7ffc0dced000 rw-p 00000000 00:00 0 [stack]
7ffc0dde9000-7ffc0ddeb000 r--p 00000000 00:00 0 [vvar]
7ffc0ddeb000-7ffc0dded000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
[vsyscall]
Aborted (core dumped)
[whr@ZONGYI-TMACH]:[21]:[~]:$ sar -e 23:59
*** buffer overflow detected ***: sar terminated
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7f612e29bbcb]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f612e324037]
/lib/x86_64-linux-gnu/libc.so.6(+0xf7170)[0x7f612e322170]
/lib/x86_64-linux-gnu/libc.so.6(__strcat_chk+0x60)[0x7f612e321490]
sar(+0x526e)[0x55601059726e]
sar(+0x2900)[0x556010594900]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7f612e24b2b1]
sar(+0x2f9a)[0x556010594f9a]
======= Memory map: ========
556010592000-5560105ab000 r-xp 00000000 08:15 9185205
/usr/bin/sar.sysstat
5560107aa000-5560107ab000 r--p 00018000 08:15 9185205
/usr/bin/sar.sysstat
5560107ab000-5560107ad000 rw-p 00019000 08:15 9185205
/usr/bin/sar.sysstat
5560107ad000-5560107b2000 rw-p 00000000 00:00 0
5560113a1000-5560113c2000 rw-p 00000000 00:00 0 [heap]
7f612e014000-7f612e02a000 r-xp 00000000 08:15 11010162
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f612e02a000-7f612e229000 ---p 00016000 08:15 11010162
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f612e229000-7f612e22a000 r--p 00015000 08:15 11010162
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f612e22a000-7f612e22b000 rw-p 00016000 08:15 11010162
/lib/x86_64-linux-gnu/libgcc_s.so.1
7f612e22b000-7f612e3c0000 r-xp 00000000 08:15 11013770
/lib/x86_64-linux-gnu/libc-2.24.so
7f612e3c0000-7f612e5bf000 ---p 00195000 08:15 11013770
/lib/x86_64-linux-gnu/libc-2.24.so
7f612e5bf000-7f612e5c3000 r--p 00194000 08:15 11013770
/lib/x86_64-linux-gnu/libc-2.24.so
7f612e5c3000-7f612e5c5000 rw-p 00198000 08:15 11013770
/lib/x86_64-linux-gnu/libc-2.24.so
7f612e5c5000-7f612e5c9000 rw-p 00000000 00:00 0
7f612e5c9000-7f612e5ec000 r-xp 00000000 08:15 11010160
/lib/x86_64-linux-gnu/ld-2.24.so
7f612e7b9000-7f612e7bb000 rw-p 00000000 00:00 0
7f612e7e8000-7f612e7ec000 rw-p 00000000 00:00 0
7f612e7ec000-7f612e7ed000 r--p 00023000 08:15 11010160
/lib/x86_64-linux-gnu/ld-2.24.so
7f612e7ed000-7f612e7ee000 rw-p 00024000 08:15 11010160
/lib/x86_64-linux-gnu/ld-2.24.so
7f612e7ee000-7f612e7ef000 rw-p 00000000 00:00 0
7ffeef5ec000-7ffeef60e000 rw-p 00000000 00:00 0 [stack]
7ffeef67f000-7ffeef681000 r--p 00000000 00:00 0 [vvar]
7ffeef681000-7ffeef683000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
[vsyscall]
Aborted (core dumped)
-- System Information:
Debian Release: 9.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64
(x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages sysstat depends on:
ii debconf [debconf-2.0] 1.5.60
ii libc6 2.24-10
ii libsensors4 1:3.4.0-4
ii lsb-base 9.20161125
ii ucf 3.0036
ii xz-utils 5.2.2-1.2+b1
Versions of packages sysstat recommends:
ii cron [cron-daemon] 3.0pl1-128+b1
Versions of packages sysstat suggests:
pn isag <none>
-- debconf information:
sysstat/remove_files: true
sysstat/enable: false
--- End Message ---
--- Begin Message ---
Source: sysstat
Source-Version: 11.4.3-2
We believe that the bug you reported is fixed in the latest version of
sysstat, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Robert Luberda <[email protected]> (supplier of updated sysstat package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 25 May 2017 22:26:05 +0200
Source: sysstat
Binary: sysstat isag
Architecture: source all amd64
Version: 11.4.3-2
Distribution: unstable
Urgency: medium
Maintainer: Robert Luberda <[email protected]>
Changed-By: Robert Luberda <[email protected]>
Description:
isag - Interactive System Activity Grapher for sysstat
sysstat - system performance tools for Linux
Closes: 863197
Changes:
sysstat (11.4.3-2) unstable; urgency=medium
.
* Add 16-buffer-overflow.patch from Bernhard Übelacker to fix crash
of `sar -s 04:00' command (closes: #863197).
Checksums-Sha1:
add19d98164e870075fbe70c09f2a870060d7c67 1950 sysstat_11.4.3-2.dsc
cb65c07f18df3460ac684cb94657319c33e30291 35364 sysstat_11.4.3-2.debian.tar.xz
a80a3705cce54e3905e26dee73aa0cf2ccf1eccf 59072 isag_11.4.3-2_all.deb
a3bf3f6031351c171c1d80e8b7e11f1233c34997 560432
sysstat-dbgsym_11.4.3-2_amd64.deb
5c58a68a2ccde2bf6daf4785fc2578fcb8f3464c 5927 sysstat_11.4.3-2_amd64.buildinfo
6d7063555cf31d33a4ebaa4711f29f2843da8fec 360474 sysstat_11.4.3-2_amd64.deb
Checksums-Sha256:
e9aa2996074cc4727bfc6f6ce50a51cbfba1c89506e074440999be22607070c9 1950
sysstat_11.4.3-2.dsc
5ba9179f88bf742addfd8d7ddbba53f2fa32b1c9b195eb6b6e9b07abaf289b07 35364
sysstat_11.4.3-2.debian.tar.xz
bc854f39d1d8960c8c3ed7232484ad5d4199bea0bb7a0ff9b99949d05fb6bc52 59072
isag_11.4.3-2_all.deb
aad70ed3130e5ed7a78cdba2063d1dd12797cc7e9b4adff496108f04ab45d394 560432
sysstat-dbgsym_11.4.3-2_amd64.deb
fdb4ca108d4f8b66189a0c6bea1e9a8b4b0ff3e4c020f39cabbd0039eceb4d1d 5927
sysstat_11.4.3-2_amd64.buildinfo
e1cfbf96c1856f6f301f7336e7644a46f00d147389e9be742a59eead2f0c8d2f 360474
sysstat_11.4.3-2_amd64.deb
Files:
1fb3e89cd63e15aba62d4f39c23bd4c9 1950 admin optional sysstat_11.4.3-2.dsc
019e02c06bbaa3c7f4b8129c2a308381 35364 admin optional
sysstat_11.4.3-2.debian.tar.xz
b71fe2e559889a37fa193ef318a78fb8 59072 admin optional isag_11.4.3-2_all.deb
5028a2047d43a0ca9afccded2e97ec65 560432 debug extra
sysstat-dbgsym_11.4.3-2_amd64.deb
4da00f37cbc54cd6cf28048e638e8ad7 5927 admin optional
sysstat_11.4.3-2_amd64.buildinfo
bd0c6ceaed35aa542548e63395fdc495 360474 admin optional
sysstat_11.4.3-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEENeh2+rTTcy6TtNI3Yx3nVTvor9QFAlknP9kACgkQYx3nVTvo
r9SRaw//V1RgsUN51XEErkcL1frYLCCI9Kc1TfGWCyfccuhT6VMHfRzLQqZcJOty
pS5y7QehD7SVvFOJpdX+F3xXIN2GF2OeDGzyo1zVJuwL3heo16Hy1KxH7ln6UAx0
DyKXCEEnGfDwtECjegQ9sY0tBnI7uWqEl58MIifYdWvDJlNVpDQ8Da3+vSZQQMpz
WSWsFPt9PSceweYsIvl7s1HAfeWrI/WNwY+6ULeQeFPWHv4O8ew8keSvalrO6ljC
qDuSTQZe+adqJRlgI0VHkWgS4ytuRu5YK5/JPXEcFpQnL+DUEHchIxIhhvBsVcT4
GS+MoGjQ1GtaiqDjEUC0RuDsCWeaHoK0C8n+a9zMdD9rKSVk0MXX1XC7l8Tx2DKb
dQicRYaoH5NYY6bRbs8c2sIxhXvz5A19xGvHHmSaxiz6FQ8kZUAEPXz+bplOqj+7
zm9tORIcfanpRR4A4ZdJXzeepgESlj82vBrymqy+/0YZ8ynzzY6h+9eZ61Ef3+x6
3YdY2uCHPlCtjBfYpBWpVtyJ/b5UMb4sm1+fcCpiaXYthxJAzo2bHdSrjOKJ2kx4
sxI/mahEVUkRtfNVBc69WYn0dqRDN0RZ5XlOdPJaHPLNNKHwh1WkMSg5cHEPHmrH
+yLKYVorr+3XB119Ox3f1gb/V9/I0SfrjdRp1xa+v3QhJCoQVUs=
=i+Qk
-----END PGP SIGNATURE-----
--- End Message ---
