group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1641592] Re: nano 2.5.3-2 on Xenial crashes with long paths on lockfiles

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Brian Murray <brian@xxxxxxxxxx>
Date: Tue, 14 Feb 2017 23:03:16 -0000
Reply-to: Bug 1641592 <1641592@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Also affects: nano (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Changed in: nano (Ubuntu Xenial)
       Status: New => Triaged

** Changed in: nano (Ubuntu Xenial)
   Importance: Undecided => High

** Changed in: nano (Ubuntu)
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1641592

Title:
  nano 2.5.3-2 on Xenial crashes with long paths on lockfiles

Status in nano package in Ubuntu:
  Fix Released
Status in nano source package in Xenial:
  Triaged

Bug description:
  # lsb_release -rd
  Description:    Ubuntu 16.04.1 LTS
  Release:        16.04
  # apt-cache policy nano
  nano:
    Installed: 2.5.3-2
    Candidate: 2.5.3-2

  Reproducer:
  1. # nano -G 999999999999999999999999999999999999999999999999999999999999999999999999999
  2. <ctrl-z>
  3. # nano -G 999999999999999999999999999999999999999999999999999999999999999999999999999
  4. <answer y/n to the lockfile question>
  5. <nano should segfault>

  Quick dissection:
  Looking at function do_lockfile in files.c, it seems that promptstr is statically allocated to 128 characters. Now with a sufficiently long filename, the following sprintf() call will overflow the allocated promptstr buffer and corrupt memory.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nano/+bug/1641592/+subscriptions