subject:"Bug#345728\: libsafe 2.0.16 detects memory corruption in Ruby when running apt\-listbugs script"

Bug#345728: libsafe 2.0.16 detects memory corruption in Ruby when running apt-listbugs script

2006-01-02 Thread Rafal Maj


Package: /usr/sbin/apt-listbug
Version: 0.0.49
Severity: serious

apt-listbugs causes libsafe libc calls to detect access violation
Im not shure is it apt-listbug or ruby?
I suppose interpretor should never allow, even buggy program, to crash 
or make the itnerpreter corrupt own stack/memory which could mean that 
ruby have security hole (assuming it is not fault of libsafe that is 
reporting a false-positive) so I report it as Ruby bug



/usr/sbin/apt-listbugs list foo


Reading package fields... 0%

Reading package fields... Done


Reading package status... 0%

Reading package status... Done


Retrieving bug reports... 0% [0/1]Libsafe version 2.0.16
Detected an attempt to write across stack boundary.
Terminating /usr/bin/ruby1.8.
uid=0  euid=0  pid=3139
Call stack:
0xb7f6541c  /lib/libsafe.so.2.0.16
0xb7f658a2  /lib/libsafe.so.2.0.16
0xb7e98ac8  /usr/lib/libruby1.8.so.1.8.4
0xb7e9976e  /usr/lib/libruby1.8.so.1.8.4
0xb7ea90ad  /usr/lib/libruby1.8.so.1.8.4
0xb7eb7c5e  /usr/lib/libruby1.8.so.1.8.4
0xb7ebd811  /usr/lib/libruby1.8.so.1.8.4
0xb7e92ca7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9dbc7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b4a4  /usr/lib/libruby1.8.so.1.8.4
0xb7ea0fba  /usr/lib/libruby1.8.so.1.8.4
0xb7ea2421  /usr/lib/libruby1.8.so.1.8.4
0xb7e982b5  /usr/lib/libruby1.8.so.1.8.4
0xb7eba091  /usr/lib/libruby1.8.so.1.8.4
0xb7eba22e  /usr/lib/libruby1.8.so.1.8.4
0xb7e92ca7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9dbc7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b5b7  /usr/lib/libruby1.8.so.1.8.4
0xb7ea6438  /usr/lib/libruby1.8.so.1.8.4
0xb7e9bcf8  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e386  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b5b7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9d57e  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e386  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b4a4  /usr/lib/libruby1.8.so.1.8.4
0xb7e9a51e  /usr/lib/libruby1.8.so.1.8.4
0xb7ea0fba  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b969  /usr/lib/libruby1.8.so.1.8.4
0xb7e9d0ee  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e386  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b4a4  /usr/lib/libruby1.8.so.1.8.4
0xb7e9d57e  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e386  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b4a4  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b438  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b752  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e386  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b5b7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b3cb  /usr/lib/libruby1.8.so.1.8.4
0xb7e9d57e  /usr/lib/libruby1.8.so.1.8.4
0xb7ea0fba  /usr/lib/libruby1.8.so.1.8.4
0xb7ea2421  /usr/lib/libruby1.8.so.1.8.4
0xb7e80b9a  /usr/lib/libruby1.8.so.1.8.4
0xb7e92c9b  /usr/lib/libruby1.8.so.1.8.4
0xb7e9dbc7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b4a4  /usr/lib/libruby1.8.so.1.8.4
0xb7e9d57e  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e386  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b4a4  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b890  /usr/lib/libruby1.8.so.1.8.4
0xb7e9cba9  /usr/lib/libruby1.8.so.1.8.4
0xb7ea0fba  /usr/lib/libruby1.8.so.1.8.4
0xb7eaa8b4  /usr/lib/libruby1.8.so.1.8.4
0xb7e92cbd  /usr/lib/libruby1.8.so.1.8.4
0xb7e9dbc7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9f0ea  /usr/lib/libruby1.8.so.1.8.4
0xb7e9f131  /usr/lib/libruby1.8.so.1.8.4
0xb7e92ca7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9dbc7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b4a4  /usr/lib/libruby1.8.so.1.8.4
0xb7e9d57e  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b438  /usr/lib/libruby1.8.so.1.8.4
0xb7ea0fba  /usr/lib/libruby1.8.so.1.8.4
0xb7ea2421  /usr/lib/libruby1.8.so.1.8.4
0xb7eb3a1d  /usr/lib/libruby1.8.so.1.8.4
0xb7eb2cdd  /usr/lib/libruby1.8.so.1.8.4
0xb7efc9c5  /usr/lib/libruby1.8.so.1.8.4
0xb7eb2e14  /usr/lib/libruby1.8.so.1.8.4
0xb7e982b5  /usr/lib/libruby1.8.so.1.8.4
0xb7eb2e8b  /usr/lib/libruby1.8.so.1.8.4
0xb7eb3a4f  /usr/lib/libruby1.8.so.1.8.4
0xb7e92c9b  /usr/lib/libruby1.8.so.1.8.4
0xb7e9dbc7  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b4a4  /usr/lib/libruby1.8.so.1.8.4
0xb7e9d57e  /usr/lib/libruby1.8.so.1.8.4
0xb7e9a5c3  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e386  /usr/lib/libruby1.8.so.1.8.4
0xb7e9e70d  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b4a4  /usr/lib/libruby1.8.so.1.8.4
0xb7e9d57e  /usr/lib/libruby1.8.so.1.8.4
0xb7e9b752  /usr/lib/libruby1.8.so.1.8.4
0xb7e9cba9  /usr/lib/libruby1.8.so.1.8

Bug#345728: libsafe 2.0.16 detects memory corruption in Ruby when running apt-listbugs script

2006-01-02 Thread Steve Langasek

reassign 345728 libruby1.8
severity 345728 important
tags 345728 moreinfo
thanks

On Tue, Jan 03, 2006 at 07:33:29AM +0100, Rafal Maj wrote:
> apt-listbugs causes libsafe libc calls to detect access violation
> Im not shure is it apt-listbug or ruby?
> I suppose interpretor should never allow, even buggy program, to crash 
> or make the itnerpreter corrupt own stack/memory which could mean that 
> ruby have security hole (assuming it is not fault of libsafe that is 
> reporting a false-positive)

Please provide evidence of the actual bug in ruby which would be exploitable
during normal operation and warrant an RC severity.  There have been other
bug reports involving libsafe which it has been suggested are libsafe bugs,
*not* bugs in the application.

For a tool whose job it is to identify overflow bugs in applications, so far
the libsafe backtraces I've seen have been pretty damn useless for
debugging.

> so I report it as Ruby bug

You didn't; you reported it as a bug against "/usr/bin/apt-listbug", which
is invalid.  Reassigning to the libruby1.8 package, since that's apparently
where it belongs.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/

signature.asc
Description: Digital signature

Bug#345728: libsafe 2.0.16 detects memory corruption in Ruby when running apt-listbugs script

2006-01-02 Thread Rafal Maj


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Steve Langasek wrote:

| Please provide evidence of the actual bug in ruby which would be
exploitable
| during normal operation and warrant an RC severity.  There have been other
| bug reports involving libsafe which it has been suggested are libsafe
bugs,
| *not* bugs in the application.

Perhaps that is the case, I dont know howto provide such information so
maybe severity level should be lowered, or rather it should be moved to
safelib.


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDuidujs40vfLccrERAjNZAJwNNrMKYW/KQ/FdsD2vBZtrQsqc0QCZAQsI
OaRU+OTKoH+9rH0rRQvw2Zw=
=W2Hj
-END PGP SIGNATURE-


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#345728: libsafe 2.0.16 detects memory corruption in Ruby when running apt-listbugs script

Bug#345728: libsafe 2.0.16 detects memory corruption in Ruby when running apt-listbugs script

Bug#345728: libsafe 2.0.16 detects memory corruption in Ruby when running apt-listbugs script

3 matches

Site Navigation

Mail list logo

Footer information