[sword-devel] installmgr (and xiphos) crashes (svn 2831)
Jaak Ristioja
jaak at ristioja.ee
Wed Jun 26 06:17:16 MST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ok, the crash is caused by a NULL pointer dereference, because
pBufRes = (char *)findSizeStart(pBuf);
might return NULL after which
pBuf = pBufRes;
and
pBuf++;
pBuf = strstr(pBuf, "<a href=\"");
are executed. The latter strstr expression tries to dereference
(++((char*)NULL)) and crashes.
Blessings,
Jaak
On 26.06.2013 16:12, Jaak Ristioja wrote:
> This might not be directly related, but looking at curlhttpt.cpp,
> the line:
>
> sprintf(possibleName, "%.*s", possibleNameLength, pBuf);
>
> Is a potential buffer overflow, because the possibleName buffer is
> 400 bytes, but possibleNameLength is not checked to be < 400. So
> the server might cause a buffer overflow. Imho this is a security
> issue.
>
> Looking at the quality of this code, I'm not suprised.
>
> Blessings, Jaak
>
> On 26.06.2013 15:51, Mark Trompell wrote:
>> I'm trying to access a http repository
>> (http://marktrompell.de/sword/) installmgr -r works fine, -rl
>> too but installmgr segfaults on -ri Same for Xiphos, I can
>> refresh and see what modules are there, but it crashes when I try
>> to install. Probably the repository isn't properly setup, but
>> nevertheless sword shouldn't crash. Attaching 2 backtraces, one
>> from installmgr and the otherone from xiphos.
>
>> Blessings Mark -- Mark Trompell
>
>> Foresight Linux Xfce Edition Cause your desktop should be
>> freaking cool (and Xfce)
>
>
>
>> _______________________________________________ sword-devel
>> mailing list: sword-devel at crosswire.org
>> http://www.crosswire.org/mailman/listinfo/sword-devel
>> Instructions to unsubscribe/change your settings at above page
>
>
>
> _______________________________________________ sword-devel mailing
> list: sword-devel at crosswire.org
> http://www.crosswire.org/mailman/listinfo/sword-devel Instructions
> to unsubscribe/change your settings at above page
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
iQgcBAEBAgAGBQJRyunYAAoJEEqsYmEt1rCOriVAAKJkZ/zD9RrQwW6vuM2TKnhF
4K7bLWTD/hK28IKfIj62WA9ing2ub+ThJ+grzUZKfCGAEN+1z+Hb/R+BAdnMZY3i
8OcdVn5CUCjH1tE3rYurbD3db7GBsvo0YzuAJMcJDDTO8sbZchvm8jIYtMVoTJwy
IQ59BcPDhLihTZBkb1Q/VycsatIWRZbn460azJHSR4E25JPdR5Xq2LTuetGm4mlz
ZlEyIFxPCAU+1Ie9sfUJCb+yl0Jz9Sw2JJGCv7v8sQxobkIba0hqstcVGSiRre41
W+MbmqyY+/nl+yq1XVZvxIHxBae419VnJqJwAdqoMwz5jTRgo0MFH0xsTpUGm4Mc
cFXXM2JfUE2JAXQz/7oHxHrFNKVZPqqk8Yw3t3w3sPry7tO0ilfHV+YpfvHY5cCV
ODoKrOt45Mma2WX7xGVh+2fh/OhLImzSym7uN7lHub/PriwOs8SFiN5EEF1lMyxf
+qwnZpEVRhbJMO+fFl7eWbqWgX/cCNipLNK/DITHLXREv6tfJhq5HShxGsw22b6+
GP9zkRhVSwOZN6SYFZ4gGmbjeozwsy8NWIZ8SoEqQwwr/F/E2Vp6lSc1VKV4O+0a
9FkR6D82B2LRG7rOGSjoaSxdFvZYYMSG5Y/MY4XoVZcmnIyfVUkgskkizqveZz1j
IFbrvLUVuc+LU75lyEGFAZRaRmvodOSF6yYoMi2SG+3Iv7p2UDoccEOnBWfElcvR
yfct9+W0RZn8WwSCfPdN0pyYa0O8OOayISWyYZfqOfpI1E5T3qC/AIdSmVYPh/Yj
5TWpspzQrbMaT+oSSSfW0eeT2/ICd1sA+pDJBDQauWV7PDNYdYzzxFk57m16H/Ve
bLPCJl7eZsKBeOUeR9gv5P3Rufwt/JwYTB8kFh9aNzsMyd3TpbLKopGDfbdk0fjO
sJOFGEE3wsNh95DwDYAOM25Oc1eLxyAGHC7sPnbKV7ZKsHF8wWylszZqBMZKzWiO
xUMX8f4h5bSXzcUXaTbkLKQRQBbwIE22JJVkEmHEVoOAcG00z3+ueGKMO2Q1PQJ9
05dNuWqNAtl3tUGMeAva03ineziU7ivVgppV54N9E2zLL3Z2Mncy0BQW+Kd0kFn8
Td5Gl9gVfcSpqPVqBBkxTFwmgd8GOdl+xkkSIZ142cRS277t7DYvdVctLdkVX4vL
2fFmXZnRTElv46xRNxElkRo24WKRJ+Na7WGX1bHslPnB3CyC79GWc0jQp6Xm4+u6
zd1uOurK4gBNHz3Hikz7QA7lyhVz8ikqIowFjUSpjr3GC92EW85EB34oNoiG+rfw
fzggT2Axiu8FUe5sKq/oo/ylXmEwyNTIuqWDumyJwSaJF0WD0RxlKskawT4Z69OD
z6NbbigmEH+vuA42N95K8iQ9kMhA7+7NEld0VXfrhQFXniOdiO9fb+5RySs2XDXV
nEo7QYRYd0tBvCzB00z9+PQSNQe3eQIBUbbjyC6BrX/WH6+U9SceySEQFNuZzbYZ
vXayzQIuugf68QEReVrjTKUbT7ogj1AS5XuYoRm/11fxKJXL14lrZzG/mkyHTXfM
yheG91HXOP0H1FYuohpWyPlSCi7mViP69juZNNr7eq3HTBkTfs2T6IMWlCRPsfOm
72SQloGoVfrdL3QMSPTlydpgWKszU9rZkXtQp1Lqb2uTRhbK8KKsqqb3a5cnGJYw
AwCvHMr0S/8T5xMKyx2yX+HhQcbuD222HCEcdBmDJlL2UDfPdv0eAFuucsgVEuKt
4eyS5Z7VPd+lJ+z+6Jkn8mdAqz9EsCRATUadepE1nJmytvhxZTuycOg2Ltb3j8r+
bdHKu6SFVQtGC0fNULJrZ7bcohAiUQGP44XxB4PlPXGHxvHOvHnTDjeqERn2x3kg
TrIbrl6/GUAnnXPYWHzdYGr5JwNg1jV7CWTn0dvgs8ROzxZro9USL9QnAVT6K44S
iR4ZipzJSPDzSuCkYWwlXlSY1Y/itNdalU6/9HwKRPLsqV3v6RxZhRVp20tQDZrp
O0GxKp7adh4Rf1zyN1ganL9DZRvhsXMZLZdkFuXpTNfoUojLcdrHyth6faYcRBUb
S6Ris7Sqn3nJRe8AzSc04Hp7/8LcCvI99eaTudMyN56dFRW+SFo+kpFXg1KKVY/k
TH33o5Nz2Fg35mrLlITkVETUQrF6LJFOiJTHFsZZ6REPTYwWmNNSRuPYn5N90rrn
w3vyQPLY02eFsNaPHJaPE9i0PI6RX1lzyqGrrU/O5LuXgKfheJwvXQOA5jEidO9a
OoDtm8YCbKH0ks+2KrK6RTQcaSPoYkRIIAdiE/RnHIG7ROAPWS8SQGg6Dkgz0xVU
kOAYqyfZgnU1YLiMM8e0+e94OA34DrCbBmXONeIN44QC0ckjcFkFFxUEjBJtv/dj
H/1TCOt+2dwO/KCn6br/XWO6zeOAhAX2oa0LmGIr6rBbgenwyr/g8aR2XyQePAQQ
Bp2MminwEB5WzEV+7qy0PPlt6Pp+PWIJvcJZXYl0AUfyHp5AlemGlwXj87t4mYLA
piQ2RhVnI8qRPvdtRUK6g1T1YEou+uzbpvSQWQKGERlCkhDgP4x9CQ3F9n1iAx9I
Id5m5hRsZbWrrnQzBPazhcL8wTwQpNj/IqDF940SSc7/tObFEhvtam1aG7s/Jt+X
yhAx3wp55R8SIwJ6NDWdw+/qTFaOPgjdkkNovHzMK/vju7Jxf9KjpgfYvJQpC4fE
P83LXlhpOMH26c4a3Q9X
=w1+S
-----END PGP SIGNATURE-----
More information about the sword-devel
mailing list