[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
This bug was fixed in the package xmms2 - 0.8+dfsg-22ubuntu0.1 --- xmms2 (0.8+dfsg-22ubuntu0.1) jammy; urgency=medium * Fix coredump with long pathnames. (LP: #2018449) -- Sudip Mukherjee Sun, 10 Mar 2024 21:57:26 + ** Changed in: xmms2 (Ubuntu Jammy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
This bug was fixed in the package xmms2 - 0.8+dfsg-23ubuntu0.1 --- xmms2 (0.8+dfsg-23ubuntu0.1) mantic; urgency=medium * Fix coredump with long pathnames. (LP: #2018449) -- Sudip Mukherjee Sun, 10 Mar 2024 21:47:54 + ** Changed in: xmms2 (Ubuntu Mantic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
I can confirm that the xmms2 package in mantic-proposed has fixed the bug for me. Test done: 1. Install xmms2 from mantic-proposed 2. create a playlist 3. Add few mp3 to the playlist according to the testplan 4. Switch the test playlist with the command "xmms2 playlist switch" 5. Execute "xmms2 list" to confirm that the mp3 were successfully added to the list Test result: the errors with xmms2 has been fixed. Package tested: $ apt-cache policy xmms2 xmms2: Installed: 0.8+dfsg-23ubuntu0.1 Candidate: 0.8+dfsg-23ubuntu0.1 Version table: *** 0.8+dfsg-23ubuntu0.1 100 100 http://us.archive.ubuntu.com/ubuntu mantic-proposed/universe amd64 Packages 100 /var/lib/dpkg/status 0.8+dfsg-23build1 500 500 http://us.archive.ubuntu.com/ubuntu mantic/universe amd64 Packages ** Tags removed: verification-needed verification-needed-jammy verification-needed-mantic ** Tags added: verification-done verification-done-jammy verification-done-mantic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
I can confirm that the xmms2 package in jammy-proposed has fixed the bug for me. Test done: 1. Install xmms2 from jammy-proposed 2. create a playlist 3. Add few mp3 to the playlist according to the testplan 4. Switch the test playlist with the command "xmms2 playlist switch" 5. Execute "xmms2 list" to confirm that the mp3 were successfully added to the list Test result: the errors with xmms2 has been fixed. Package tested: $ apt-cache policy xmms2 xmms2: Installed: 0.8+dfsg-22ubuntu0.1 Candidate: 0.8+dfsg-22ubuntu0.1 Version table: *** 0.8+dfsg-22ubuntu0.1 500 500 http://gb.archive.ubuntu.com/ubuntu jammy-proposed/universe amd64 Packages 100 /var/lib/dpkg/status 0.8+dfsg-22build3 500 500 http://gb.archive.ubuntu.com/ubuntu jammy/universe amd64 Packages -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
This bug was fixed in the package xmms2 - 0.8+dfsg-24ubuntu1 --- xmms2 (0.8+dfsg-24ubuntu1) noble; urgency=medium * Fix coredump with long pathnames. (LP: #2018449) -- Sudip Mukherjee Mon, 25 Mar 2024 15:13:58 + ** Changed in: xmms2 (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
Hello Grizzly(Francis, or anyone else affected, Accepted xmms2 into mantic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/xmms2/0.8+dfsg-23ubuntu0.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- mantic to verification-done-mantic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-mantic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: xmms2 (Ubuntu) Status: Confirmed => Fix Committed ** Changed in: xmms2 (Ubuntu Mantic) Status: Confirmed => Fix Committed ** Tags added: verification-needed verification-needed-mantic ** Changed in: xmms2 (Ubuntu Jammy) Status: Confirmed => Fix Committed ** Tags added: verification-needed-jammy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
The patches look fine and certainly fix the issue described. One thing that does concern me slightly is that this only patches one instance of XMMS_PATH_MAX and there's several more scattered throughout the code that look like they could potentially be hit by long pathnames. Wouldn't it be preferable to simply #define XMMS_PATH_MAX PATH_MAX in xmmsc_util.h Anyway, I'll sponsor this as is but I've added a note to the upstream PR. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
debdiff for Mantic ** Patch added: "xmms2_mantic.debdiff" https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+attachment/5754682/+files/xmms2_mantic.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
debdiff for Jammy ** Patch added: "xmms2_jammy.debdiff" https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+attachment/5754683/+files/xmms2_jammy.debdiff ** Changed in: xmms2 (Ubuntu) Assignee: Sudip Mukherjee (sudipmuk) => (unassigned) ** Changed in: xmms2 (Ubuntu Jammy) Assignee: Sudip Mukherjee (sudipmuk) => (unassigned) ** Changed in: xmms2 (Ubuntu Mantic) Assignee: Sudip Mukherjee (sudipmuk) => (unassigned) ** Changed in: xmms2 (Ubuntu) Status: In Progress => Confirmed ** Changed in: xmms2 (Ubuntu Jammy) Status: In Progress => Confirmed ** Changed in: xmms2 (Ubuntu Mantic) Status: In Progress => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2018449] Re: [SRU] `xmms2 add --playlist ... ` causes a core dump
debdiff for Noble attached. This is an orphan package in Debian. I will do the QA upload after the Debian transitions are complete. ** Summary changed: - `xmms2 add --playlist ... ` causes a core dump + [SRU] `xmms2 add --playlist ... ` causes a core dump ** Description changed: - 1) The release of Ubuntu you are using, via? + [ Impact ] + + xmms2 client cli will crash with a buffer overflow if the real path of the files is longer than 255 bytes. + The user will see: + + *** buffer overflow detected ***: terminated + Aborted (core dumped) + + [ Test Plan ] + + * copy few mp3 files to a folder, I will use a folder named "testmp3" + * Use the following command to create a playlist + xmms2 playlist create testlist + * Try adding the mp3 files to the list: + xmms2 add --playlist testlist testmp3/* + + If the package is not fixed it will crash, with the fixed package it + will not crash and add it to the playlist. + + [ Where problems could occur ] + + * This patch has been accepted upstream and is only modifying the size + of the local buffer where the path is stored. There is minimum chance of + regression just for this patch. + + [ Other Info ] + + * There might be other parts of the code which are still using the old + buffer size and might cause some other problem. + + [ Original Bug Description ] + + + 1) The release of Ubuntu you are using, via? $ lsb_release -rd No LSB modules are available. Description: Ubuntu 23.04 Release: 23.04 - 2) The version of the package you are using, via? - $ apt-cache policy xmms2 + 2) The version of the package you are using, via? + $ apt-cache policy xmms2 xmms2: - Installed: 0.8+dfsg-22ubuntu6 - Candidate: 0.8+dfsg-22ubuntu6 - Version table: - *** 0.8+dfsg-22ubuntu6 500 - 500 http://au.archive.ubuntu.com/ubuntu lunar/universe amd64 Packages - 100 /var/lib/dpkg/status - + Installed: 0.8+dfsg-22ubuntu6 + Candidate: 0.8+dfsg-22ubuntu6 + Version table: + *** 0.8+dfsg-22ubuntu6 500 + 500 http://au.archive.ubuntu.com/ubuntu lunar/universe amd64 Packages + 100 /var/lib/dpkg/status 3). I ran $ xmms2 add --playlist These+Same+Skies "/home/grizzlysmit/Music/Hillsong Live/These+Same+Skies/"* I expected it to populate the playlist `These+Same+Skies` that I had already created withthe files in thee directory `/home/grizzlysmit/Music/Hillsong Live/These+Same+Skies/` it always worked before. 4) it core dumped like so $ xmms2 add --playlist These+Same+Skies "/home/grizzlysmit/Music/Hillsong Live/These+Same+Skies/"* *** buffer overflow detected ***: terminated Aborted (core dumped) ProblemType: Bug DistroRelease: Ubuntu 23.04 Package: xmms2 0.8+dfsg-22ubuntu6 ProcVersionSignature: Ubuntu 6.2.0-20.20-generic 6.2.6 Uname: Linux 6.2.0-20-generic x86_64 ApportVersion: 2.26.1-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Thu May 4 16:11:01 2023 InstallationDate: Installed on 2023-04-21 (12 days ago) InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Release amd64 (20221020) SourcePackage: xmms2 UpgradeStatus: No upgrade log present (probably fresh install) ** Patch added: "xmms2_noble.debdiff" https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+attachment/5754681/+files/xmms2_noble.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2018449 Title: [SRU] `xmms2 add --playlist ... ` causes a core dump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xmms2/+bug/2018449/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
