mirror of
https://gitlab.uni-freiburg.de/opensourcevdi/spice
synced 2025-12-26 22:48:19 +00:00
6b32af3e17
This is related to CVE-2016-0749
==529== ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60040009c098 at pc 0x7fffee0eda6d bp 0x7fffffffcd00 sp 0x7fffffffccf0
WRITE of size 4 at 0x60040009c098 thread T0
#0 0x7fffee0eda6c in smartcard_char_device_notify_reader_add /home/elmarco/pkg/spice/spice-0.12.4/server/smartcard.c:334
#1 0x7fffee0ef783 in smartcard_add_reader /home/elmarco/pkg/spice/spice-0.12.4/server/smartcard.c:642
#2 0x7fffee0f0568 in smartcard_channel_handle_message /home/elmarco/pkg/spice/spice-0.12.4/server/smartcard.c:757
#3 0x7fffee032f3f in red_peer_handle_incoming /home/elmarco/pkg/spice/spice-0.12.4/server/red_channel.c:304
#4 0x7fffee033216 in red_channel_client_receive /home/elmarco/pkg/spice/spice-0.12.4/server/red_channel.c:322
#5 0x7fffee03bf1f in red_channel_client_event /home/elmarco/pkg/spice/spice-0.12.4/server/red_channel.c:1561
#6 0x555555c3c53d in qemu_iohandler_poll /home/elmarco/src/qemu/iohandler.c:143
#7 0x555555c3b800 in main_loop_wait /home/elmarco/src/qemu/main-loop.c:504
#8 0x5555556f160c in main_loop /home/elmarco/src/qemu/vl.c:1818
#9 0x5555556f160c in main /home/elmarco/src/qemu/vl.c:4394
#10 0x7fffed80eb14 in __libc_start_main /usr/src/debug/glibc-2.17-c758a686/csu/libc-start.c:274
#11 0x5555556f9c20 in _start (/home/elmarco/src/qemu/x86_64-softmmu/qemu-system-x86_64+0x1a5c20)
0x60040009c098 is located 0 bytes to the right of 8-byte region [0x60040009c090,0x60040009c098)
allocated by thread T0 here:
#0 0x7ffff4e612be in __interceptor_realloc /usr/src/debug/gcc-4.8.5-20150702/obj-x86_64-redhat-linux/x86_64-redhat-linux/libsanitizer/asan/../../../../libsanitizer/asan/asan_malloc_linux.cc:92
#1 0x7fffee121308 in spice_realloc /home/elmarco/pkg/spice/spice-0.12.4/spice-common/common/mem.c:123
#2 0x7fffee004a48 in __spice_char_device_write_buffer_get /home/elmarco/pkg/spice/spice-0.12.4/server/char_device.c:516
#3 0x7fffee004e87 in spice_char_device_write_buffer_get /home/elmarco/pkg/spice/spice-0.12.4/server/char_device.c:557
#4 0x7fffee0ed8b9 in smartcard_char_device_notify_reader_add /home/elmarco/pkg/spice/spice-0.12.4/server/smartcard.c:325
#5 0x7fffee0ef783 in smartcard_add_reader /home/elmarco/pkg/spice/spice-0.12.4/server/smartcard.c:642
#6 0x7fffee0f0568 in smartcard_channel_handle_message /home/elmarco/pkg/spice/spice-0.12.4/server/smartcard.c:757
#7 0x7fffee032f3f in red_peer_handle_incoming /home/elmarco/pkg/spice/spice-0.12.4/server/red_channel.c:304
#8 0x7fffee033216 in red_channel_client_receive /home/elmarco/pkg/spice/spice-0.12.4/server/red_channel.c:322
#9 0x7fffee03bf1f in red_channel_client_event /home/elmarco/pkg/spice/spice-0.12.4/server/red_channel.c:1561
#10 0x555555c3c53d in qemu_iohandler_poll /home/elmarco/src/qemu/iohandler.c:143
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/elmarco/pkg/spice/spice-0.12.4/server/smartcard.c:334 smartcard_char_device_notify_reader_add
Signed-off-by: Marc-Andre Lureau <marcandre.lureau@redhat.com>
|
||
|---|---|---|
| build-aux | ||
| docs | ||
| m4 | ||
| server | ||
| spice-common@5359304713 | ||
| tests | ||
| tools | ||
| uncrustify_cfg | ||
| .gitignore | ||
| .gitmodules | ||
| .mailmap | ||
| .travis.yml | ||
| AUTHORS | ||
| autogen.sh | ||
| cfg.mk | ||
| ChangeLog | ||
| configure.ac | ||
| COPYING | ||
| GNUmakefile | ||
| maint.mk | ||
| Makefile.am | ||
| NEWS | ||
| README | ||
| spice-server.pc.in | ||
| TODO.multiclient | ||
SPICE: Simple Protocol for Independent Computing Environments
=============================================================
SPICE is a remote display system built for virtual environments which
allows you to view a computing 'desktop' environment not only on the
machine where it is running, but from anywhere on the Internet and
from a wide variety of machine architectures.
Installation
------------
The SPICE package uses GNU autotools, so the build install process
follows the standard process documented in the INSTALL file. As a
quick start you can do
./configure --prefix=/usr --sysconfdir=/etc \
--localstatedir=/var --libdir=/usr/lib
make
sudo make install
Or to install into a private user specific location
./configure --prefix=$HOME/spice
make
make install
The following mandatory dependancies are required in order to
build SPICE
Spice protocol >= 0.9.0
Pixman >= 0.17.7
OpenSSL
libjpeg
zlib
Cyrus-SASL
The following optional dependancies increase the available
functionality
GE Gui >= 0.6.0, < 0.7.0 (GUI app support)
OpenGL (GUI app support)
Alsa (Linux support)
XRandR >= 1.2 (X11 support)
Xinerama >= 1.0 (X11 support)
libcacard >= 0.1.2 (Smartcard support)
Communication
-------------
To communicate with the development team, or to post patches
there is a technical mailing list:
http://lists.freedesktop.org/mailman/listinfo/spice-devel
There is also a mailing list for new release announcements:
http://lists.freedesktop.org/archives/spice-announce/
To view known bugs, or report new bugs, in SPICE visit
https://bugs.freedesktop.org/describecomponents.cgi?product=Spice
Bugs found when using an OS distribution's binary packages should
be reported to the OS vendors' own bug tracker first.
The latest SPICE code can be found in GIT at:
http://cgit.freedesktop.org/spice/
Licensing
---------
SPICE is provided under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
Please see the COPYING file for the complete LGPLv2+ license
terms, or visit <http://www.gnu.org/licenses/>.
Experimental Features
---------------------
To enable multiple client connections, set:
SPICE_DEBUG_ALLOW_MC=1
-- End of readme