From owner-freebsd-bugs Sat Nov 9 11: 0:18 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AF38237B404 for ; Sat, 9 Nov 2002 11:00:07 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8969943E75 for ; Sat, 9 Nov 2002 11:00:06 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id gA9J06x3075531 for ; Sat, 9 Nov 2002 11:00:06 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id gA9J06pC075530; Sat, 9 Nov 2002 11:00:06 -0800 (PST) Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8C88337B401 for ; Sat, 9 Nov 2002 10:59:33 -0800 (PST) Received: from smtp2.libero.it (smtp2.libero.it [193.70.192.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id B0C8643E42 for ; Sat, 9 Nov 2002 10:59:27 -0800 (PST) (envelope-from saturnero@saturnero.net) Received: from mocciosa.saturnero.sat (151.37.50.170) by smtp2.libero.it (6.5.028) id 3DCC003100077F06; Sat, 9 Nov 2002 19:59:24 +0100 Received: from pigra.saturnero.sat (pigra.saturnero.sat [10.0.1.1]) by mocciosa.saturnero.sat (Postfix) with ESMTP id 9704C3BD2E; Sat, 9 Nov 2002 19:59:36 +0100 (CET) Received: by pigra.saturnero.sat (Postfix, from userid 1000) id 272508FD07; Sat, 9 Nov 2002 19:59:20 +0100 (CET) Message-Id: <20021109185920.272508FD07@pigra.saturnero.sat> Date: Sat, 9 Nov 2002 19:59:20 +0100 (CET) From: SaturNero Reply-To: SaturNero To: FreeBSD-gnats-submit@FreeBSD.org Cc: dave X-Send-Pr-Version: 3.113 Subject: gnu/45168: Buffer overflow in /usr/bin/dialog Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 45168 >Category: gnu >Synopsis: Buffer overflow in /usr/bin/dialog >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Nov 09 11:00:05 PST 2002 >Closed-Date: >Last-Modified: >Originator: SaturNero >Release: FreeBSD 4.7-STABLE i386 >Organization: www.freesbie.org >Environment: System: FreeBSD pigra.saturnero.sat 4.7-STABLE FreeBSD 4.7-STABLE #3: Thu Oct 10 16:32:50 CEST 2002 saturnero@pigra.saturnero.sat:/usr/obj/usr/src/sys/PIGRA i386 >Description: /usr/bin/dialog exits with Segmentation fault (after the Ok) when handling long checklists with many "on" field. Bug found by dave@freesbie.org and saturnero@freesbie.org >How-To-Repeat: The attached file packages.sh is a sample shell script that faults after the Ok >Fix: --- packages.sh begins here --- /usr/bin/dialog --title "FreeSBIE LiveCD - Packages" --clear \ --checklist "These are the packages installed on your system \n\ Choose the FreeSBIE packages" -1 -1 10 \ "Hermes-1.3.2" "" on \ "Mesa-3.4.2_2" "" on \ "ORBit-0.5.17" "" on \ "ORBit2-2.4.3" "" off \ "XFree86-4.2.0_1,1" "" on \ "XFree86-FontServer-4.2.0" "" on \ "XFree86-Server-4.2.1_3" "" on \ "XFree86-clients-4.2.1_1" "" on \ "XFree86-documents-4.2.0" "" on \ "XFree86-font100dpi-4.2.0" "" on \ "XFree86-font75dpi-4.2.0" "" on \ "XFree86-fontCyrillic-4.2.0_4" "" on \ "XFree86-fontDefaultBitmaps-4.2.0" "" on \ "XFree86-fontEncodings-4.2.0" "" on \ "XFree86-fontScalable-4.2.0" "" on \ "XFree86-libraries-4.2.1_1" "" on \ "Xaw3d-1.5" "" on \ "Xft-2.0_1" "" on \ "aalib-1.4.r5_1" "" on \ "acroread-5.06_1" "" off \ "alevt-1.6.0" "" off \ "aspell-0.50.2" "" off \ "aterm-0.4.2" "" on \ "atk-1.0.3" "" off \ "autoconf213-2.13.000227_4" "" off \ "automake-1.5,1" "" off \ "automake14-1.4.5_8" "" off \ "bbrun-1.4" "" off \ "bison-1.75" "" off \ "blackbox-0.65.0" "" off \ "bonobo-1.0.21_1" "" off \ "bonobo-activation-1.0.4" "" off \ "boxtools-0.65.0" "" off \ "cclient-2001a,1" "" on \ "cd2mp3-0.81,1" "" on \ "cdrtools-1.11.a39" "" on \ "cfs-1.4.1" "" off \ "curl-7.9.8" "" on \ "cvsup-without-gui-16.1f" "" off \ "dagrab-0.3.5" "" on \ "db3-3.3.11,1" "" off \ "djbfft-0.76" "" on \ "docbook-1.2" "" off \ "docbook-241" "" off \ "docbook-3.0" "" off \ "docbook-3.1" "" off \ "docbook-4.0" "" off \ "docbook-4.1" "" off \ "docbook-xml-4.2" "" on \ "docbook-xsl-1.55.0" "" on \ "downloader-2.03" "" on \ "esound-0.2.29" "" on \ "eterm-0.9.1_1" "" off \ "ethereal-0.9.7" "" on \ "expat-1.95.5" "" on \ "expect-5.38.0_1" "" on \ "ezm3-1.0" "" off \ "ffmpeg-0.4.5_3" "" off \ "fluxbox-0.1.12_1" "" off \ "fluxconf-0.6" "" off \ "fontconfig-2.0_2" "" on \ "fortuneit-1.51" "" on \ "fping-2.4b2" "" off \ "freetype-1.3.1_2" "" off \ "freetype2-2.1.2" "" on \ "gail-0.17" "" off \ "gal-0.19.3" "" off \ "gconf-1.0.9_1" "" off \ "gdbm-1.8.0" "" off \ "gdk-pixbuf-0.21.0" "" on \ "gentoo-0.11.34" "" on \ "gettext-0.11.5_1" "" on \ "gftp-2.0.13" "" on \ "ghostscript-gnu-7.05_3" "" off \ "gimp-1.2.3_2,1" "" on \ "gle-3.0.3" "" off \ "glib-1.2.10_7" "" on \ "glib-2.0.6" "" off \ "glibwww-0.2_1" "" off \ "gmake-3.79.1_3" "" off \ "gnomba-0.6.2" "" off \ "gnomecanvas-0.21.0" "" off \ "gnomedb-0.2.96_1" "" off \ "gnomehier-1.0_3" "" on \ "gnomelibs-1.4.2_1" "" on \ "gnomemimedata-2.0.1_1" "" off \ "gnomeprint-0.37" "" off \ "gnomevfs-1.0.5_4" "" off \ "gnupg-1.2.1" "" on \ "gpart-0.1h" "" off \ "gpgme-0.3.9" "" on \ "gqview-1.1.1" "" off \ "grub-0.92" "" off \ "gtk-1.2.10_8" "" on \ "gtk-2.0.6" "" off \ "gtk-engines2-1.9.0" "" off \ "gtk-gnutella-0.91" "" on \ "gtkglarea-1.2.2_1" "" off \ "gtkhtml-1.0.4_1" "" off \ "gtktalog-0.99.19" "" on \ "guile-1.4.1_2" "" off \ "imake-4.2.0_1" "" on \ "imlib-1.9.14_1" "" on \ "imlib2-1.0.6_1" "" off \ "intltool-0.22" "" on \ "irssi-0.8.5" "" on \ "iso8879-1986" "" off \ "it-openoffice-1.0.1_2" "" off \ "jade-1.2.1_1" "" off \ "jpeg-6b_1" "" on \ "lame-3.92" "" on \ "lame-devel-gtk-3.89b" "" off \ "lcms-1.08" "" on \ "lftp-2.6.2" "" on \ "libIDL-0.8.0" "" off \ "liba52-0.7.4" "" on \ "libao-esound-0.8.3_1" "" on \ "libart_lgpl2-2.3.10" "" off \ "libast-0.5" "" off \ "libaudiofile-0.2.3" "" on \ "libbonobo-2.0.1" "" off \ "libcapplet-1.4.0.5" "" off \ "libdivxdecore-0.4.7" "" off \ "libdivxencore-devel-0.4.0.50" "" off \ "libdvdcss-1.2.2" "" on \ "libdvdnav-0.1.3" "" on \ "libdvdread-0.9.3" "" on \ "libflash-0.4.10" "" on \ "libgda-0.2.96_1" "" off \ "libghttp-1.0.9" "" off \ "libglade-0.17_2" "" off \ "libglade2-2.0.1" "" off \ "libgnomecanvas-2.0.4" "" off \ "libgnugetopt-1.2" "" on \ "libgtop2-2.0.0_2" "" off \ "libiconv-1.8_1" "" on \ "libmikmod-3.1.10" "" on \ "libmng-1.0.3" "" on \ "libogg-1.0_1,3" "" on \ "libpanel-1.4.2" "" off \ "librep-0.16.1_1" "" off \ "librsvg2-2.0.1" "" off \ "libtool-1.3.4_4" "" off \ "libungif-4.1.0b1" "" on \ "libunicode-0.4_3" "" off \ "libvorbis-1.0_1,3" "" on \ "libwnck-0.17" "" off \ "libwww-5.4.0" "" on \ "libxine-0.9.13" "" on \ "libxml-1.8.17_1" "" on \ "libxml2-2.4.26" "" on \ "libxslt-1.0.22" "" on \ "libzvt-2.0.1" "" off \ "linc-0.5.3" "" off \ "links-2.0_1,1" "" on \ "linux_base-7.1_1" "" off \ "linuxdoc-1.1" "" off \ "livecd-1.2.2" "" off \ "lmmon-0.65" "" off \ "lrzsz-0.12.20" "" on \ "lsof-4.65" "" on \ "lyx-1.2.1_1" "" on \ "m4-1.4_1" "" on \ "mad-esound-0.14.2b_2" "" off \ "man2html-3.0.1" "" off \ "minicom-2.00.0" "" on \ "mkcatalog-1.1" "" on \ "mkisofs-1.15.a39" "" on \ "mozilla-1.2b_1,1" "" off \ "mpg123-esound-0.59r_8" "" on \ "mplayer-fonts-0.50" "" on \ "mplayer-gtk-0.90.0.8_2" "" on \ "mplayer-skins-1.0.3" "" on \ "mutt-1.4" "" off \ "nasm-0.98.33,1" "" off \ "nofgpg-0.4" "" off \ "oaf-0.6.10_1" "" off \ "open-motif-2.2.2_1" "" on \ "p5-Event-0.86" "" off \ "p5-File-Spec-0.82" "" on \ "p5-GdkPixbuf-0.7008" "" off \ "p5-Gtk-0.7008" "" off \ "p5-Storable-2.05" "" off \ "p5-Test-Simple-0.47" "" off \ "p5-XML-Parser-2.31_1" "" off \ "p5-XML-Writer-0.4_1" "" off \ "pango-1.0.5" "" off \ "pcre-3.9" "" off \ "perl-5.8.0_3" "" off \ "pgpgpg-0.13" "" off \ "phoenix-0.4_6" "" on \ "pkgconfig-0.13.0" "" on \ "png-1.2.4" "" on \ "popt-1.6.4" "" off \ "portupgrade-20020921.1" "" off \ "proftpd-1.2.6" "" off \ "pstree-2.17" "" off \ "py-gnome-1.4.4" "" off \ "py-gtk-0.6.10" "" off \ "py22-expat-2.2.2_2" "" off \ "py22-numeric-21.0" "" off \ "python-2.2.2" "" on \ "ruby-1.6.7.2002.09.12" "" off \ "ruby-bdb1-0.1.7" "" off \ "ruby-shim-ruby18-1.7.3.2002.09.20" "" off \ "samba-2.2.6" "" on \ "scintilla-1.44" "" on \ "scite-1.44" "" on \ "scrollkeeper-0.3.11_4,1" "" on \ "sdl-1.2.4_1" "" on \ "sdocbook-xml-4.1.2.5" "" on \ "sgmlformat-1.7_2" "" off \ "sox-12.17.3_1" "" off \ "sudo-1.6.6" "" off \ "svgalib-1.4.2_1" "" on \ "sylpheed-claws-0.8.5" "" on \ "t1lib-1.3.1" "" on \ "tcl-8.3.4_4" "" on \ "teTeX-1.0.7_1" "" on \ "tiff-3.5.7" "" on \ "tk-8.3.4_3" "" on \ "transcode-0.6.2" "" off \ "ttmkfdir-0.0_1" "" off \ "ucd-snmp-4.2.5_2" "" on \ "unrar-3.10b1" "" on \ "unzip-5.50" "" on \ "vim-6.1.231" "" on \ "vorbis-tools-1.0_1,3" "" on \ "wget-1.8.2_1" "" on \ "win32-codecs-011002.0.0.60" "" on \ "windowmaker-0.80.1" "" on \ "wmicons-1.0" "" on \ "wmix-2.20" "" on \ "wmlmmon-0.60" "" on \ "wmmemload-0.1.4" "" off \ "wmmount-1.0b2" "" off \ "wmnet-1.2" "" on \ "wmtime-1.0b2" "" on \ "wrapper-1.0_2" "" on \ "xawtv-3.78" "" off \ "xbill-2.0" "" on \ "xcdroast-0.98.a.10" "" on \ "xchat-1.8.10" "" on \ "xforms-1.0_2,1" "" on \ "xfstt-1.1_1" "" off \ "xine-0.9.13" "" on \ "xine_d4d_plugin-0.3.2" "" on \ "xine_d5d_plugin-0.2.7_1" "" on \ "xine_dvdnav_plugin-0.9.13" "" on \ "xli-1.17.0_1" "" on \ "xmix-2.1" "" off \ "xmixer-0.9.4" "" off \ "xmms-esound-1.2.7_2" "" on \ "xpdf-1.01" "" on \ "xsmbrowser-3.3.0" "" on \ "xv-3.10a_3" "" on \ "zip-2.3_1" "" on \ 2> /tmp/checklist.tmp.$$ --- packages.sh ends here --- >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message