oscam-patched-old icon indicating copy to clipboard operation
oscam-patched-old copied to clipboard

Published 20 hours ago verified publisher icon oscam-emu

Crash due to stack smashing

Open Manniw88 opened this issue 6 years ago • 2 comments

There's obviously something pretty wrong in this patch that can cause stack smashing and a crash to occur:

Program terminated with signal SIGABRT, Aborted.
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51      ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
[Current thread is 1 (Thread 0x7f33c821b700 (LWP 33815))]
(gdb) bt
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007f33ca7cd801 in __GI_abort () at abort.c:79
#2  0x00007f33ca816897 in __libc_message (action=action@entry=do_abort,
    fmt=fmt@entry=0x7f33ca943988 "*** %s ***: %s terminated\n")
    at ../sysdeps/posix/libc_fatal.c:181
#3  0x00007f33ca8c1cd1 in __GI___fortify_fail_abort (
    need_backtrace=need_backtrace@entry=false,
    msg=msg@entry=0x7f33ca943966 "stack smashing detected") at fortify_fail.c:33
#4  0x00007f33ca8c1c92 in __stack_chk_fail () at stack_chk_fail.c:29
#5  0x00005627b9bdadd6 in ProcessECM (rdr=<optimized out>,
    ecmDataLen=<optimized out>, caid=<optimized out>, provider=<optimized out>,
    ecm=<optimized out>, dw=<optimized out>, srvid=<optimized out>,
    ecmpid=<optimized out>, cw_ex=<optimized out>) at module-emulator-osemu.c:1036
#6  0x00005627b9bd73e1 in emu_do_ecm (rdr=<optimized out>, er=<optimized out>,
    ea=<optimized out>) at module-emulator.c:184
#7  0x00005627b9c2e888 in cardreader_do_ecm (reader=reader@entry=0x5627ba12b4a0,
    er=er@entry=0x7f32e8008e70, ea=ea@entry=0x7f33c821abd0) at reader-common.c:447
#8  0x00005627b9c2e9ae in cardreader_process_ecm (
    reader=reader@entry=0x5627ba12b4a0, cl=0x5627ba2ea300, er=0x7f32e8008e70)
    at reader-common.c:490
#9  0x00005627b9c78047 in reader_get_ecm (reader=reader@entry=0x5627ba12b4a0,
    er=<optimized out>) at oscam-reader.c:1118
#10 0x00005627b9c7c3e4 in work_thread (ptr=<optimized out>) at oscam-work.c:275
#11 0x00007f33cab856db in start_thread (arg=0x7f33c821b700)
    at pthread_create.c:463
#12 0x00007f33ca8ae88f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
(gdb)

Manniw88 avatar Jan 19 '19 00:01 Manniw88

Is this reproducible every time? Is this with the latest git commit?

What channel (encryption) did you watch at the moment of crashing?

oscam-emu avatar Jan 19 '19 14:01 oscam-emu

This is not only limited to the latest commit but happened before aswell.

I do not know what channel causes this, however this should never happen. I do not know what exactly causes this but someone should look into it, even sending fake requests should not make it crash.

Manniw88 avatar Jan 20 '19 23:01 Manniw88