A file name with 128 characters or more will cause a: *** buffer overflow detected ***, and "Backtrace:" crash. Reproducible: Always Steps to Reproduce: 1. xv `perl -e 'print "A"x128'` Actual Results: *** buffer overflow detected ***: xv terminated ======= Backtrace: ========= /lib/libc.so.6(__fortify_fail+0x37)[0x7fa6ff026867] /lib/libc.so.6[0x7fa6ff024680] xv[0x40b42d] xv[0x40d1c1] xv[0x40f9c9] /lib/libc.so.6(__libc_start_main+0xe6)[0x7fa6fef5ea26] xv[0x407289] ======= Memory map: ======== 00400000-004e8000 r-xp 00000000 08:05 1735855 /usr/bin/xv 006e7000-006e8000 r--p 000e7000 08:05 1735855 /usr/bin/xv 006e8000-006f4000 rw-p 000e8000 08:05 1735855 /usr/bin/xv 006f4000-0097b000 rw-p 00000000 00:00 0 [heap] 7fa6fdcab000-7fa6fdcc1000 r-xp 00000000 08:05 689665 /lib64/libgcc_s.so.1 7fa6fdcc1000-7fa6fdec0000 ---p 00016000 08:05 689665 /lib64/libgcc_s.so.1 7fa6fdec0000-7fa6fdec1000 r--p 00015000 08:05 689665 /lib64/libgcc_s.so.1 7fa6fdec1000-7fa6fdec2000 rw-p 00016000 08:05 689665 /lib64/libgcc_s.so.1 7fa6fdec2000-7fa6fdec7000 r-xp 00000000 08:05 1802378 /usr/lib64/libXfixes.so.3.1.0 7fa6fdec7000-7fa6fe0c6000 ---p 00005000 08:05 1802378 /usr/lib64/libXfixes.so.3.1.0 7fa6fe0c6000-7fa6fe0c7000 r--p 00004000 08:05 1802378 /usr/lib64/libXfixes.so.3.1.0 7fa6fe0c7000-7fa6fe0c8000 rw-p 00005000 08:05 1802378 /usr/lib64/libXfixes.so.3.1.0 7fa6fe0c8000-7fa6fe0d1000 r-xp 00000000 08:05 1720509 /usr/lib64/libXrender.so.1.3.0 7fa6fe0d1000-7fa6fe2d0000 ---p 00009000 08:05 1720509 /usr/lib64/libXrender.so.1.3.0 7fa6fe2d0000-7fa6fe2d1000 r--p 00008000 08:05 1720509 /usr/lib64/libXrender.so.1.3.0 7fa6fe2d1000-7fa6fe2d2000 rw-p 00009000 08:05 1720509 /usr/lib64/libXrender.so.1.3.0 7fa6fe2d2000-7fa6fe2dc000 r-xp 00000000 08:05 1803285 /usr/lib64/libXcursor.so.1.0.2 7fa6fe2dc000-7fa6fe4db000 ---p 0000a000 08:05 1803285 /usr/lib64/libXcursor.so.1.0.2 7fa6fe4db000-7fa6fe4dc000 r--p 00009000 08:05 1803285 /usr/lib64/libXcursor.so.1.0.2 7fa6fe4dc000-7fa6fe4dd000 rw-p 0000a000 08:05 1803285 /usr/lib64/libXcursor.so.1.0.2 7fa6fe4dd000-7fa6fe513000 r-xp 00000000 08:05 998420 /usr/lib64/libjpeg.so.7 7fa6fe513000-7fa6fe712000 ---p 00036000 08:05 998420 /usr/lib64/libjpeg.so.7 7fa6fe712000-7fa6fe713000 r--p 00035000 08:05 998420 /usr/lib64/libjpeg.so.7 7fa6fe713000-7fa6fe714000 rw-p 00036000 08:05 998420 /usr/lib64/libjpeg.so.7 7fa6fe714000-7fa6fe716000 r-xp 00000000 08:05 2060743 /lib64/libdl-2.10.1.so 7fa6fe716000-7fa6fe916000 ---p 00002000 08:05 2060743 /lib64/libdl-2.10.1.so 7fa6fe916000-7fa6fe917000 r--p 00002000 08:05 2060743 /lib64/libdl-2.10.1.so 7fa6fe917000-7fa6fe918000 rw-p 00003000 08:05 2060743 /lib64/libdl-2.10.1.so 7fa6fe918000-7fa6fe91d000 r-xp 00000000 08:05 1390698 /usr/lib64/libXdmcp.so.6.0.0 7fa6fe91d000-7fa6feb1c000 ---p 00005000 08:05 1390698 /usr/lib64/libXdmcp.so.6.0.0 7fa6feb1c000-7fa6feb1d000 r--p 00004000 08:05 1390698 /usr/lib64/libXdmcp.so.6.0.0 7fa6feb1d000-7fa6feb1e000 rw-p 00005000 08:05 1390698 /usr/lib64/libXdmcp.so.6.0.0 7fa6feb1e000-7fa6feb20000 r-xp 00000000 08:05 376795 /usr/lib64/libXau.so.6.0.0 7fa6feb20000-7fa6fed20000 ---p 00002000 08:05 376795 /usr/lib64/libXau.so.6.0.0 7fa6fed20000-7fa6fed21000 r--p 00002000 08:05 376795 /usr/lib64/libXau.so.6.0.0 7fa6fed21000-7fa6fed22000 rw-p 00003000 08:05 376795 /usr/lib64/libXau.so.6.0.0 7fa6fed22000-7fa6fed3f000 r-xp 00000000 08:05 377714 /usr/lib64/libxcb.so.1.1.0 7fa6fed3f000-7fa6fef3e000 ---p 0001d000 08:05 377714 /usr/lib64/libxcb.so.1.1.0 7fa6fef3e000-7fa6fef3f000 r--p 0001c000 08:05 377714 /usr/lib64/libxcb.so.1.1.0 7fa6fef3f000-7fa6fef40000 rw-p 0001d000 08:05 377714 /usr/lib64/libxcb.so.1.1.0 7fa6fef40000-7fa6ff08f000 r-xp 00000000 08:05 2060483 /lib64/libc-2.10.1.so 7fa6ff08f000-7fa6ff28f000 ---p 0014f000 08:05 2060483 /lib64/libc-2.10.1.so 7fa6ff28f000-7fa6ff293000 r--p 0014f000 08:05 2060483 /lib64/libc-2.10.1.so 7fa6ff293000-7fa6ff294000 rw-p 00153000 08:05 2060483 /lib64/libc-2.10.1.so 7fa6ff294000-7fa6ff299000 rw-p 00000000 00:00 0 7fa6ff299000-7fa6ff2f9000 r-xp 00000000 08:05 786450 /usr/lib64/libtiff.so.3.9.2 7fa6ff2f9000-7fa6ff4f8000 ---p 00060000 08:05 786450 /usr/lib64/libtiff.so.3.9.2 7fa6ff4f8000-7fa6ff4fa000 r--p 0025f000 08:05 786450 /usr/lib64/libtiff.so.3.9.2 7fa6ff4fa000-7fa6ff4fb000 rw-p 00261000 08:05 786450 /usr/lib64/libtiff.so.3.9.2 7fa6ff4fb000-7fa6ff520000 r-xp 00000000 08:05 1162491 /usr/lib64/libpng12.so.0.40.0 7fa6ff520000-7fa6ff71f000 ---p 00025000 08:05 1162491 /usr/lib64/libpng12.so.0.40.0 7fa6ff71f000-7fa6ff720000 r--p 00024000 08:05 1162491 /usr/lib64/libpng12.so.0.40.0 7fa6ff720000-7fa6ff721000 rw-p 00025000 08:05 1162491 /usr/lib64/libpng12.so.0.40.0 7fa6ff721000-7fa6ff759000 r-xp 00000000 08:05 998428 /usr/lib64/libjpeg.so.8.0.0 7fa6ff759000-7fa6ff958000 ---p 00038000 08:05 998428 /usr/lib64/libjpeg.so.8.0.0 7fa6ff958000-7fa6ff959000 r--p 00037000 08:05 998428 /usr/lib64/libjpeg.so.8.0.0 7fa6ff959000-7fa6ff95a000 rw-p 00038000 08:05 998428 /usr/lib64/libjpeg.so.8.0.0 7fa6ff95a000-7fa6ff9dc000 r-xp 00000000 08:05 2060490 /lib64/libm-2.10.1.so 7fa6ff9dc000-7fa6ffbdb000 ---p 00082000 08:05 2060490 /lib64/libm-2.10.1.so 7fa6ffbdb000-7fa6ffbdc000 r--p 00081000 08:05 2060490 /lib64/libm-2.10.1.soAborted Expected Results: Program starts and says "No such file or directory"
Thanks for the report. This is a bit of a corner case, esp since xv is probably never used by root, but it would be good to see if upstream has fixed this in the patch sets. If you find more info before I do, feel free to post to this bug.
Resolving this as an upstream issue. xv does not get updated often, and it is a rather old program (but very useful). Bugs like this are tolerable at this point, and xv works fine in normal (non-corner-case) use.
