Re: gtetrinet 0.7.0

From: Ian Zink <zforce networkusa net>
To: gtetrinet-list gnome org
Subject: Re: gtetrinet 0.7.0
Date: 21 Mar 2003 00:38:38 -0600
Thanks! Great bug report. 

After viewing the CVS version, it looks like bocata has made a lot of
changes to this section of code after the 0.7 release. Would you mind
trying to the CVS version and see if it crashes?

I'm not actually very familiar with UTF stuff so if CVS doesn't fix it,
one of the core developers (bocata?) will have to figure out what is
going on.

If I had to make a wild guess, the characters that server is sending
combined with the token strings the UTF conversion thing are using is
allowing glocale_to_utf to overflow the buffer. It looks like those
tokens have changed in the current version. Even if the CVS version is
fixed, we should be careful crafted malicious string couldn't exploit
that overflow.

Thanks,

Ian

On Thu, 2003-03-20 at 17:55, eng wrote:
> hmm okay thanks. heres what i got:
> 
> (gdb) run
> Starting program: /home/eng/gtetrinet-0.7.0/src/gtetrinet
> [New Thread 8192 (LWP 11018)]
> [New Thread 16385 (LWP 11019)]
> [New Thread 8194 (LWP 11020)]
> [New Thread 16387 (LWP 11021)]
> 
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 8192 (LWP 11018)]
> 0x4079cfbb in g_utf8_validate () from /usr/lib/libglib-2.0.so.0
> 
> nothing happened when i pressed control-c but i typed bt anyway and got 
> this:
> 
> (gdb) bt
> #0  0x4079cfbb in g_utf8_validate () from /usr/lib/libglib-2.0.so.0
> #1  0x4076b1c2 in strdup_len () from /usr/lib/libglib-2.0.so.0
> #2  0x4076b2c0 in g_locale_to_utf8 () from /usr/lib/libglib-2.0.so.0
> #3  0x08056c86 in partyline_add_channel (
>     line=0x81c9150 "(26) [0/1]   #7tris         1P - Make 7 tetrises!")
>     at partyline.c:412
> #4  0x08057e7f in tetrinet_inmessage (msgtype=136089936, data=0x81b0ee8 "0")
>     at tetrinet.c:414
> #5  0x0804d526 in client_inmessage (
>     str=0x8162290 "pline 0 \004(26\004) [\0270/1\004]   
> \005#7tris         \0041P - Make 7 tetrises!") at client.c:202
> #6  0x0804dbd0 in io_channel_cb (source=0x81bd9b0, condition=G_IO_IN)
>     at client.c:412
> #7  0x4079f42f in g_io_unix_dispatch () from /usr/lib/libglib-2.0.so.0
> #8  0x4077df65 in g_main_dispatch () from /usr/lib/libglib-2.0.so.0
> #9  0x4077ef98 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
> #10 0x4077f2ad in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0
> #11 0x4077fa1f in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
> #12 0x4028239f in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
> #13 0x08054ab3 in main (argc=135094816, argv=0x81543c8) at gtetrinet.c:306
> #14 0x420158d4 in __libc_start_main () from /lib/i686/libc.so.6
> 
> Ian Zink wrote:
> 
> >strace <program> - traces system calls. This shows any system calls the
> >program is making i.e. write, read, wait, ioctl.
> >
> >ltrace <program> - traces library calls. This way you can see the last
> >GTK call that was made, and what library calls led to the crash.
> >
> >As an example, you could do
> >
> >ltrace gtetrinet > ltrace_output
> >
> >By far the most useful information is if you could run gtetrinet in a
> >debugger. I think by default it is compiled with debug flags (gcc -g).
> >So if you do
> >
> >gdb gtetrinet
> >gdb> run
> >
> >When it hangs press control-c and it  will break. Then just type "bt"
> >for "backtrace" and send us the output. This will tell us exactly where
> >the program is hanging.
> >
> >Thanks,
> >Ian
> >
> >On Thu, 2003-03-20 at 00:03, eng wrote:
> >  
> >
> >>im running rh8. yep, i compiled it myself and there were no errors. umm 
> >>sorry, i'm not familiar with strace or ltrace. i'm still kinda new to 
> >>this.. :x
> >>
> >>Ian Zink wrote:
> >>
> >>    
> >>
> >>>What distribution are you running? Did you compile it yourself? Would
> >>>you mind running it under a debugger to tell us where it is crashing.
> >>>Could you give us an ltrace or strace?
> >>>
> >>>Thanks,
> >>>
> >>>Ian
> >>>
> >>>On Wed, 2003-03-19 at 18:27, eng wrote:
> >>> 
> >>>
> >>>      
> >>>
> >>>>wupsee. Jordi, sorry i didn't see this email addy before. :o
> >>>>
> >>>>anyway, i jus thought i'd let you guys know that gtetrinet freezes 
> >>>>sometimes after a game. it was fine yesterday after i installed it. but 
> >>>>today it just won't stop hanging. :x
> >>>>
> >>>>_______________________________________________
> >>>>gtetrinet-list mailing list
> >>>>gtetrinet-list gnome org
> >>>>http://mail.gnome.org/mailman/listinfo/gtetrinet-list
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>_______________________________________________
> >>gtetrinet-list mailing list
> >>gtetrinet-list gnome org
> >>http://mail.gnome.org/mailman/listinfo/gtetrinet-list
> >>    
> >>
> 
> 
> _______________________________________________
> gtetrinet-list mailing list
> gtetrinet-list gnome org
> http://mail.gnome.org/mailman/listinfo/gtetrinet-list
-- 
/***
 * Ian Zink				www.z4ce.com
 * Engineer Maryville Technologies	www.maryville.com 
 * Student Washington University  	www.wustl.edu 
 *
 * How could I ever save the world on cup-o-soup 
 * and student loans?
 *					- FiF 
 ***/
References:
- gtetrinet 0.7.0
  - From: eng
- Re: gtetrinet 0.7.0
  - From: eng
- Re: gtetrinet 0.7.0
  - From: eng
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]