search

kukugt / mupen64plus

Automatically exported from code.google.com/p/mupen64plus
0 stars 0 forks source link

buffer overflow in zelda oot #178

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago 
 - Linux distribution: Ubuntu 8.10
 - Machine type: 32-bit
 - Mupen64Plus version: Version 1.4-trunk-r1227
 - Plugins used: doesn't matter
 - THE LEGEND OF ZELDA ec7011b7 7616d72b/5BD1FE107BF8106B2AB6650ABECD54D6

after selecting the game file to play a buffer overflow occurs; output is
as follows.

*** buffer overflow detected ***: mupen64plus terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7566558]
/lib/tls/i686/cmov/libc.so.6[0xb7564680]
/usr/local/share/mupen64plus/plugins/mupen64_hle_rsp_azimer.so(jpg_uncompress+0x
62)[0xb5fd8792]
======= Memory map: ========
08048000-08110000 r-xp 00000000 08:42 220373     /usr/local/bin/mupen64plus
08110000-08111000 r-xp 000c7000 08:42 220373     /usr/local/bin/mupen64plus
08111000-08115000 rwxp 000c8000 08:42 220373     /usr/local/bin/mupen64plus
08115000-09b2c000 rwxp 08115000 00:00 0 
0b141000-107c5000 rwxp 0b141000 00:00 0          [heap]
aed5f000-b0000000 rwxp aed5f000 00:00 0 
b0000000-b0021000 rwxp b0000000 00:00 0 
b0021000-b0100000 ---p b0021000 00:00 0 
b011d000-b04b9000 rwxp b011d000 00:00 0 
b04b9000-b04ba000 ---p b04b9000 00:00 0 
b04ba000-b0cba000 rwxp b04ba000 00:00 0 
b0cba000-b0cbb000 ---p b0cba000 00:00 0 
b0cbb000-b14bb000 rwxp b0cbb000 00:00 0 
b14bb000-b14bc000 ---p b14bb000 00:00 0 
b14bc000-b1cbc000 rwxp b14bc000 00:00 0 
b1cbc000-b1ebd000 rwxs 00000000 00:14 2530506    /dev/shm/pulse-shm-800142177
b1ebd000-b1f3d000 rwxs 1a292000 00:0e 17158      /dev/nvidia0
b1f3d000-b1f3e000 rwxs 00000000 00:09 44662834   /SYSV00000000 (deleted)
b1f3e000-b1f3f000 rwxs 00000000 00:09 44695604   /SYSV00000000 (deleted)
b1f3f000-b1f7f000 rwxs eff7d000 00:0e 17158      /dev/nvidia0
b1f7f000-b207f000 rwxs f8314000 00:0e 17158      /dev/nvidia0
b207f000-b217f000 rwxs f8213000 00:0e 17158      /dev/nvidia0
b217f000-b2219000 rwxp b217f000 00:00 0 
b2219000-b2947000 rwxs e0000000 00:0e 17158      /dev/nvidia0
b2947000-b2981000 rwxp b2947000 00:00 0 
b2983000-b2994000 r-xp 00000000 08:42 294036    
/usr/local/share/mupen64plus/fonts/font.ttf
b2994000-b29c4000 rwxp 00000000 00:0e 1306       /dev/zero
b29c4000-b29fa000 rwxp b29c4000 00:00 0 
b29fa000-b2a1c000 rwxs 00000000 00:09 38404096   /SYSV00000000 (deleted)
b2a1c000-b2a5b000 r-xp 00000000 08:42 236642    
/usr/lib/locale/en_US.utf8/LC_CTYPE
b2a5b000-b2a5c000 r-xp 00000000 08:42 236643    
/usr/lib/locale/en_US.utf8/LC_NUMERIC
b2a5c000-b2a5d000 r-xp 00000000 08:42 236644    
/usr/lib/locale/en_US.utf8/LC_TIME
b2a5d000-b2b3e000 r-xp 00000000 08:42 236645    
/usr/lib/locale/en_US.utf8/LC_COLLATE
b2b3e000-b4b3f000 rwxp b2b3e000 00:00 0 
b4b3f000-b4c08000 r-xp 00000000 08:42 296042    
/usr/local/share/mupen64plus/plugins/glide64.so
b4c08000-b4c09000 ---p 000c9000 08:42 296042    
/usr/local/share/mupen64plus/plugins/glide64.so
b4c09000-b4c10000 r-xp 000c9000 08:42 296042    
/usr/local/share/mupen64plus/plugins/glide64.so
b4c10000-b4c14000 rwxp 000d0000 08:42 296042    
/usr/local/share/mupen64plus/plugins/glide64.so
b4c14000-b5f8e000 rwxp b4c14000 00:00 0 
b5f8e000-b5fc2000 r-xp 00000000 08:42 296041    
/usr/local/share/mupen64plus/plugins/glN64.so
b5fc2000-b5fc3000 r-xp 00034000 08:42 296041    
/usr/local/share/mupen64plus/plugins/glN64.so
b5fc3000-b5fc4000 rwxp 00035000 08:42 296041    
/usr/local/share/mupen64plus/plugins/glN64.so
b5fc4000-b5fd6000 rwxp b5fc4000 00:00 0 
b5fd6000-b5fe9000 r-xp 00000000 08:42 296044    
/usr/local/share/mupen64plus/plugins/mupen64_hle_rsp_azimer.so
b5fe9000-b5fea000 r-xp 00012000 08:42 296044    
/usr/local/share/mupen64plus/plugins/mupen64_hle_rsp_azimer.so
b5fea000-b5feb000 rwxp 00013000 08:42 296044    
/usr/local/share/mupen64plus/plugins/mupen64_hle_rsp_azimer.so
b5feb000-b5ffc000 rwxp b5feb000 00:00 0 
b5ffc000-b6157000 r-xp 00000000 08:42 296046    
/usr/local/share/mupen64plus/plugins/ricevideo.so
b6157000-b6159000 r-xp 0015a000 08:42 296046    
/usr/local/share/mupen64plus/plugins/ricevideo.so
b6159000-b616b000 rwxp 0015c000 08:42 296046    
/usr/local/share/mupen64plus/plugins/ricevideo.so
b616b000-b61c6000 rwxp b616b000 00:00 0 
b61c6000-b632e000 r-xp 00000000 08:42 147371    
/usr/lib/libsamplerate.so.0.1.3
b632e000-b632f000 r-xp 00167000 08:42 147371    
/usr/lib/libsamplerate.so.0.1.3
b632f000-b6330000 rwxp 00168000 08:42 147371    
/usr/lib/libsamplerate.so.0.1.3
b6337000-b633b000 rwxs 1ac35000 00:0e 17158      /dev/nvidia0
b633b000-b633c000 rwxs effbd000 00:0e 17158      /dev/nvidia0
b633c000-b633d000 rwxs 1ac34000 00:0e 17158      /dev/nvidia0
b633d000-b633e000 rwxs 2106b000 00:0e 17158      /dev/nvidia0
b633e000-b633f000 rwxs f6c03000 00:0e 17158      /dev/nvidia0
b633f000-b6340000 rwxs 00000000 00:09 45023295   /SYSV00000000 (deleted)
b6340000-b6341000 rwxs f6001000 00:0e 17158      /dev/nvidia0
b6341000-b6342000 r-xp 00000000 08:42 236646    
/usr/lib/locale/en_US.utf8/LC_MONETARY
b6342000-b6343000 r-xp 00000000 08:42 236648    
/usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES
b6343000-b6344000 r-xp 00000000 08:42 236649    
/usr/lib/locale/en_US.utf8/LC_PAPER
b6344000-b6345000 r-xp 00000000 08:42 236650    
/usr/lib/locale/en_US.utf8/LC_NAME
b6345000-b6346000 r-xp 00000000 08:42 236651    
/usr/lib/locale/en_US.utf8/LC_ADDRESS
b6346000-b6347000 r-xp 00000000 08:42 236652    
/usr/lib/locale/en_US.utf8/LC_TELEPHONE
b6347000-b6348000 r-xp 00000000 08:42 296040    
/usr/local/share/mupen64plus/plugins/dummyvideo.so
b6348000-b6349000 r-xp 00001000 08:42 296040    
/usr/local/share/mupen64plus/plugins/dummyvideo.so
b6349000-b634a000 rwxp 00002000 08:42 296040    
/usr/local/share/mupen64plus/plugins/dummyvideo.so
b634a000-b634b000 rwxp b634a000 00:00 0 
b634b000-b6354000 r-xp 00000000 08:42 296043    
/usr/local/share/mupen64plus/plugins/jttl_audio.so
b6354000-b6355000 r-xp 00008000 08:42 296043    
/usr/local/share/mupen64plus/plugins/jttl_audio.so
b6355000-b6356000 rwxp 00009000 08:42 296043    
/usr/local/share/mupen64plus/plugins/jttl_audio.so
b6356000-b6357000 rwxp b6356000 00:00 0 
b6357000-b63d0000 r-xp 00000000 08:42 296038    
/usr/local/share/mupen64plus/plugins/blight_input.so
b63d0000-b63d1000 r-xp 00078000 08:42 296038    
/usr/local/share/mupen64plus/plugins/blight_input.so
b63d1000-b63d2000 rwxp 00079000 08:42 296038    
/usr/local/share/mupen64plus/plugins/blight_input.so
b63d2000-b63d7000 rwxp b63d2000 00:00 0 
b63d7000-b63db000 r-xp 00000000 08:42 216023     /usr/lib/libXdmcp.so.6.0.0
b63db000-b63dc000 rwxp 00003000 08:42 216023     /usr/lib/libXdmcp.so.6.0.0
b63dc000-b63dd000 rwxp b63dc000 00:00 0 
b63dd000-b63de000 r-xp 00000000 08:42 216553     /usr/lib/libxcb-xlib.so.0.0.0
b63de000-b63df000 r-xp 00000000 08:42 216553     /usr/lib/libxcb-xlib.so.0.0.0
b63df000-b63e0000 rwxp 00001000 08:42 216553     /usr/lib/libxcb-xlib.so.0.0.0
b63e0000-b63e2000 r-xp 00000000 08:42 216020     /usr/lib/libXau.so.6.0.0
b63e2000-b63e3000 rwxp 00001000 08:42 216020     /usr/lib/libXau.so.6.0.0
b63e3000-b63e6000 r-xp 00000000 08:42 506164     /lib/libcap.so.1.10
b63e6000-b63e7000 rwxp 00002000 08:42 506164     /lib/libcap.so.1.10
b63e7000-b63fc000 r-xp 00000000 08:42 215824     /usr/lib/libICE.so.6.3.0
b63fc000-b63fd000 rwxp 00014000 08:42 215824     /usr/lib/libICE.so.6.3.0
b63fd000-b63ff000 rwxp b63fd000 00:00 0 
b63ff000-b6406000 r-xp 00000000 08:42 214258     /usr/lib/libSM.so.6.0.0
b6406000-b6407000 r-xp 00006000 08:42 214258     /usr/lib/libSM.so.6.0.0
b6407000-b6408000 rwxp 00007000 08:42 214258     /usr/lib/libSM.so.6.0.0
b6408000-b6409000 rwxp b6408000 00:00 0 
b6409000-b6431000 r-xp 00000000 08:42 505934     /lib/libpcre.so.3.12.1
b6431000-b6432000 r-xp 00027000 08:42 505934     /lib/libpcre.so.3.12.1
b6432000-b6433000 rwxp 00028000 08:42 505934     /lib/libpcre.so.3.12.1
b6433000-b6457000 r-xp 00000000 08:42 215249     /usr/lib/libexpat.so.1.5.2
b6457000-b6459000 r-xp 00023000 08:42 215249     /usr/lib/libexpat.so.1.5.2
b6459000-b645a000 rwxp 00025000 08:42 215249     /usr/lib/libexpat.so.1.5.2
b645a000-b6471000 r-xp 00000000 08:42 216026     /usr/lib/libxcb.so.1.0.0
b6471000-b6472000 r-xp 00016000 08:42 216026     /usr/lib/libxcb.so.1.0.0
b6472000-b6473000 rwxp 00017000 08:42 216026     /usr/lib/libxcb.so.1.0.0
b6473000-b6479000 r-xp 00000000 08:42 213248    
/usr/lib/libxcb-render.so.0.0.0
b6479000-b647a000 r-xp 00005000 08:42 213248    
/usr/lib/libxcb-render.so.0.0.0
b647a000-b647b000 rwxp 00006000 08:42 213248    
/usr/lib/libxcb-render.so.0.0.0
b647b000-b647e000 r-xp 00000000 08:42 213250    
/usr/lib/libxcb-render-util.so.0.0.0
b647e000-b647f000 r-xp 00002000 08:42 213250    
/usr/lib/libxcb-render-util.so.0.0.0
b647f000-b6480000 rwxp 00003000 08:42 213250    
/usr/lib/libxcb-render-util.so.0.0.0
b6480000-b6481000 rwxp b6480000 00:00 0 
b6481000-b64c0000 r-xp 00000000 08:42 21Aborted

Please provide any additional information below.

Original issue reported on code.google.com by trackwh...@gmail.com on 15 Dec 2008 at 12:31