543096 – dev-java/rxtx-2.2_pre2 crashes on long device names

Bug 543096 - dev-java/rxtx-2.2_pre2 crashes on long device names

Summary: dev-java/rxtx-2.2_pre2 crashes on long device names

Status:	UNCONFIRMED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Java (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Java team

URL:
Whiteboard:
Keywords:	PATCH

Depends on:
Blocks:

Reported:	2015-03-12 22:27 UTC by nebojsa
Modified:	2015-03-16 15:19 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
replaces unsafe sprintf with snprintf (rxtx-2.2_pre2-long-devname.patch,11.91 KB, patch) 2015-03-12 22:29 UTC, nebojsa	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description nebojsa 2015-03-12 22:27:42 UTC

When trying to open serial device file /dev/serial/by-id/usb-FTDI_FT232R_USB_UART_AM022ULJ-if00-port0 I receive 
*** buffer overflow detected ***: /usr/lib/jvm//oracle-jdk-bin-1.8/bin/java terminated
======= Backtrace: =========
/lib64/libc.so.6(+0x7544e)[0x7ffe53ad844e]
/lib64/libc.so.6(__fortify_fail+0x47)[0x7ffe53b5f747]
/lib64/libc.so.6(+0xfa630)[0x7ffe53b5d630]
/lib64/libc.so.6(+0xf9a89)[0x7ffe53b5ca89]
/lib64/libc.so.6(_IO_default_xsputn+0x80)[0x7ffe53adb820]
/lib64/libc.so.6(_IO_vfprintf+0x1e30)[0x7ffe53aabe50]
/lib64/libc.so.6(__vsprintf_chk+0x88)[0x7ffe53b5cb28]
/lib64/libc.so.6(__sprintf_chk+0x7d)[0x7ffe53b5ca5d]
/usr/lib64/rxtx-2/librxtxSerial-2.2pre1.so(Java_gnu_io_RXTXPort_open+0xd6)[0x7ffe033e3456]


Reproducible: Always

Steps to Reproduce:
1.Try to open longer device file name



rxtx does some internal logging using sprintf and a char buffer 80 bytes long. Longer file name does not fit in this buffer, and no length checking is done.

Comment 1 nebojsa 2015-03-12 22:29:23 UTC

Created attachment 398766 [details, diff]
replaces unsafe sprintf with snprintf