[sr #107775] GnuTLS 3.0.0 causes segfault

Jan Steffens INVALID.NOREPLY at gnu.org
Mon Aug 15 05:26:27 CEST 2011


                 Summary: GnuTLS 3.0.0 causes segfault
                 Project: GnuTLS
            Submitted by: heftig
            Submitted on: Mon 15 Aug 2011 03:26:26 AM GMT
                Category: None
                Priority: 5 - Normal
                Severity: 3 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
        Operating System: GNU/Linux



telepathy-gabble segfaults when used with GnuTLS 3.0.0.

#0  0x00007ffff56dc7f0 in ?? () from /lib/libc.so.6
#1  0x00007ffff56d6735 in memmove () from /lib/libc.so.6
#2  0x00007ffff5a17999 in g_memdup () from /usr/lib/libglib-2.0.so.0
#3  0x00000000004e3899 in wocky_tls_session_push_func (user_data=0x7e01a0,
buffer=0x8921b0, count=4294967269) at wocky-tls.c:1192
#4  0x00007ffff6e800c5 in _gnutls_writev_emu (session=0x88f9d0, fd=0x7e01a0,
giovec=0x7fffffffd710, giovec_cnt=3) at gnutls_buffers.c:322
#5  0x00007ffff6e8016e in _gnutls_writev (session=0x88f9d0,
giovec=0x7fffffffd710, giovec_cnt=3) at gnutls_buffers.c:349
#6  0x00007ffff6e808de in _gnutls_io_write_flush (session=0x88f9d0) at
#7  0x00007ffff6e80e02 in _gnutls_handshake_io_write_flush (session=0x88f9d0)
at gnutls_buffers.c:679
#8  0x00007ffff6e85947 in _gnutls_send_handshake (session=0x88f9d0,
bufel=0xb40440, type=GNUTLS_HANDSHAKE_FINISHED) at gnutls_handshake.c:1133
#9  0x00007ffff6e84916 in _gnutls_send_finished (session=0x88f9d0, again=0) at
#10 0x00007ffff6e8925b in _gnutls_send_handshake_final (session=0x88f9d0,
init=1) at gnutls_handshake.c:2600
#11 0x00007ffff6e89f02 in _gnutls_handshake_common (session=0x88f9d0) at
#12 0x00007ffff6e885e4 in gnutls_handshake (session=0x88f9d0) at
#13 0x00000000004e1a3e in wocky_tls_session_try_operation (session=0x7e01a0,
operation=WOCKY_TLS_OP_READ) at wocky-tls.c:386 
#14 0x00000000004e35a9 in wocky_tls_session_read_ready (object=0x818c90,
result=0x85c920, user_data=0x7e01a0) at wocky-tls.c:1111
#15 0x00007ffff6578929 in ?? () from /usr/lib/libgio-2.0.so.0
#16 0x00007ffff659010c in ?? () from /usr/lib/libgio-2.0.so.0
#17 0x00007ffff59fa29d in g_main_context_dispatch () from
#18 0x00007ffff59faa78 in ?? () from /usr/lib/libglib-2.0.so.0
#19 0x00007ffff59fb0ba in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#20 0x00007ffff6bbe04f in tp_run_connection_manager () from
#21 0x0000000000431e81 in gabble_main (argc=1, argv=0x7fffffffdea8) at
#22 0x0000000000431b09 in main (argc=1, argv=0x7fffffffdea8) at main.c:28

Look at that count=4294967269 buffer length (#3), that can't be right. Of
the three giovecs used, the first two have 4294967269 length, the
third one has a more sane 53.


Reply to this item at:


  Message sent via/by Savannah

More information about the Gnutls-devel mailing list