When trying to open serial device file /dev/serial/by-id/usb-FTDI_FT232R_USB_UART_AM022ULJ-if00-port0 I receive *** buffer overflow detected ***: /usr/lib/jvm//oracle-jdk-bin-1.8/bin/java terminated ======= Backtrace: ========= /lib64/libc.so.6(+0x7544e)[0x7ffe53ad844e] /lib64/libc.so.6(__fortify_fail+0x47)[0x7ffe53b5f747] /lib64/libc.so.6(+0xfa630)[0x7ffe53b5d630] /lib64/libc.so.6(+0xf9a89)[0x7ffe53b5ca89] /lib64/libc.so.6(_IO_default_xsputn+0x80)[0x7ffe53adb820] /lib64/libc.so.6(_IO_vfprintf+0x1e30)[0x7ffe53aabe50] /lib64/libc.so.6(__vsprintf_chk+0x88)[0x7ffe53b5cb28] /lib64/libc.so.6(__sprintf_chk+0x7d)[0x7ffe53b5ca5d] /usr/lib64/rxtx-2/librxtxSerial-2.2pre1.so(Java_gnu_io_RXTXPort_open+0xd6)[0x7ffe033e3456] Reproducible: Always Steps to Reproduce: 1.Try to open longer device file name rxtx does some internal logging using sprintf and a char buffer 80 bytes long. Longer file name does not fit in this buffer, and no length checking is done.
Created attachment 398766 [details, diff] replaces unsafe sprintf with snprintf