[jugglemaster] aajm crash found by mayhem
Helmut Grohne
helmut at subdivi.de
Sat Jul 6 12:05:47 EDT 2013
As it was already posted to a public mailinglist I can share the link:
http://www.forallsecure.com/bug-reports/e4969ef9717548310e44a97ea017b2c03e124bdd/
Since there is no bug report yet, I write my findings here and will
forward them to the bug later.
The crashing invocation can be reduced to "aajm -s -". The -s option is
to specify a pattern and - is an invalid pattern. In fact any invalid
pattern will do. It is passed to jmlib which then calls the error
handler provided by aajm. The error handler in turn prints the error
using aalib. Unfortunately aalib is not yet initialized at the time
arguments are parsed. Boom.
What is the best recourse to fix this?
a) Start without a callback, check errors explicitly and then replace
the callback.
b) Have a state variable of whether aalib is initialized and let the
callback decide.
Thoughts welcome.
If this is going to result in a new jugglemaster release, please also
have a look at whether you can pick some patches from Debian:
http://patch-tracker.debian.org/package/jugglemaster/0.4-6
Helmut
More information about the jugglemaster
mailing list