[tex-live] TL2016: Stack smashed in upmendex fprint_uchar() function

TANAKA Takuji ttk at t-lab.opal.ne.jp
Wed Jun 15 16:45:02 CEST 2016


Hi Werner,

Thank you for your report.
I (the author of upmendex) will fix the issue later.

Takuji

On 2016/06/15 17:13, Dr. Werner Fink wrote:
> On Wed, Jun 15, 2016 at 03:08:16PM +0900, Norbert Preining wrote:
>> Hi Werner,
>>
>>> during test I've seen a catched stack smash done by glibc fortify.
>>> It seems that in texk/upmendex/fwrite.c the function fprint_uchar()
>>> will be overflowed by the UChar inital array in indwrite()
>>
>> Hmm, that looks interesting. I have seen several test failures
>> due to segfaults on Debian packages, too, and I will give this
>> patch a try. Thanks!
>
> Even if the patch avoids the crash here I've no idea if the solution
> is fully correct, that is that fprint_uchar() does really its job for
> all 18 UChar members as the final char array is a bit small I guess.
>
> But IMHO this is a job for upstream of upmendex ;)
>
> Werner
>



More information about the tex-live mailing list