search

photomattmills / proxmark3

Automatically exported from code.google.com/p/proxmark3
0 stars 0 forks source link

Buffer overflow when plotting data #16

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. lf read
2. data plot (without issuing 'data samples')
This is the way to reproduce it for sure. When I first say 'data samples' I
am able to plot the data, but the program will crash later on a random
basis - mouse click in the window, another data-command, etc. etc.

What is the expected output? What do you see instead?
I would expect to see the plot window. What I see is an output similar to this:
proxmark3> *** buffer overflow detected ***: ./proxmark3 terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0x6693ed8]
/lib/tls/i686/cmov/libc.so.6[0x6692f10]
/lib/tls/i686/cmov/libc.so.6[0x6692648]
/lib/tls/i686/cmov/libc.so.6(_IO_default_xsputn+0x9e)[0x661c59e]
/lib/tls/i686/cmov/libc.so.6(_IO_vfprintf+0xe1c)[0x65f095c]
/lib/tls/i686/cmov/libc.so.6(__vsprintf_chk+0xad)[0x66926fd]
/lib/tls/i686/cmov/libc.so.6(__sprintf_chk+0x2d)[0x669263d]
./proxmark3[0x8057b5c]
/usr/lib/libQtGui.so.4(_ZN7QWidget5eventEP6QEvent+0x524)[0x99cdd4]
/usr/lib/libQtGui.so.4(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent
+0xb4)[0x947f54]
/usr/lib/libQtGui.so.4(_ZN12QApplication6notifyEP7QObjectP6QEvent+0xda)[0x94f5ca
]
/usr/lib/libQtCore.so.4(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+
0x7b)[0x6df6cb]
/usr/lib/libQtGui.so.4(_ZN14QWidgetPrivate10drawWidgetEP12QPaintDeviceRK7QRegion
RK6QPointiP8QPainterP19QWidgetBackingStore+0x525)[0x9a4e25]
/usr/lib/libQtGui.so.4[0xb332f8]
/usr/lib/libQtGui.so.4[0xb3377a]
/usr/lib/libQtGui.so.4(_ZN14QWidgetPrivate16syncBackingStoreERK7QRegion+0x65)[0x
996055]
/usr/lib/libQtGui.so.4[0x9ae090]
/usr/lib/libQtGui.so.4(_ZN12QApplication15x11ProcessEventEP7_XEvent+0x1462)[0x9b
c6f2]
/usr/lib/libQtGui.so.4[0x9e9502]
/lib/libglib-2.0.so.0(g_main_context_dispatch+0x1f8)[0x4a5e88]
/lib/libglib-2.0.so.0[0x4a9730]
/lib/libglib-2.0.so.0(g_main_context_iteration+0x73)[0x4a9863]
/usr/lib/libQtCore.so.4(_ZN20QEventDispatcherGlib13processEventsE6QFlagsIN10QEve
ntLoop17ProcessEventsFlagEE+0x5c)[0x70a02c]
/usr/lib/libQtGui.so.4[0x9e8be5]
/usr/lib/libQtCore.so.4(_ZN10QEventLoop13processEventsE6QFlagsINS_17ProcessEvent
sFlagEE+0x49)[0x6ddc79]
/usr/lib/libQtCore.so.4(_ZN10QEventLoop4execE6QFlagsINS_17ProcessEventsFlagEE+0x
fa)[0x6de0ca]
/usr/lib/libQtCore.so.4(_ZN16QCoreApplication4execEv+0xaf)[0x6e053f]
/usr/lib/libQtGui.so.4(_ZN12QApplication4execEv+0x27)[0x947dd7]
./proxmark3[0x8055dd7]
./proxmark3[0x804b49f]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0x65c9b56]
./proxmark3[0x804b391]
======= Memory map: ========
00110000-00134000 r-xp 00000000 08:05 24971     
/lib/tls/i686/cmov/libm-2.10.1.so
00134000-00135000 r--p 00023000 08:05 24971     
/lib/tls/i686/cmov/libm-2.10.1.so
00135000-00136000 rw-p 00024000 08:05 24971     
/lib/tls/i686/cmov/libm-2.10.1.so
00136000-00152000 r-xp 00000000 08:05 16701      /lib/libgcc_s.so.1
00152000-00153000 r--p 0001b000 08:05 16701      /lib/libgcc_s.so.1
00153000-00154000 rw-p 0001c000 08:05 16701      /lib/libgcc_s.so.1
00154000-00188000 r-xp 00000000 08:05 16416      /lib/libncurses.so.5.7
00188000-00189000 ---p 00034000 08:05 16416      /lib/libncurses.so.5.7
00189000-0018b000 r--p 00034000 08:05 16416      /lib/libncurses.so.5.7
0018b000-0018c000 rw-p 00036000 08:05 16416      /lib/libncurses.so.5.7
0018c000-001a4000 r-xp 00000000 08:05 25160      /usr/lib/libaudio.so.2.4
001a4000-001a5000 r--p 00017000 08:05 25160      /usr/lib/libaudio.so.2.4
001a5000-001a6000 rw-p 00018000 08:05 25160      /usr/lib/libaudio.so.2.4
001a6000-001c9000 r-xp 00000000 08:05 1155141    /usr/lib/libpng12.so.0.37.0
001c9000-001ca000 r--p 00022000 08:05 1155141    /usr/lib/libpng12.so.0.37.0
001ca000-001cb000 rw-p 00023000 08:05 1155141    /usr/lib/libpng12.so.0.37.0
001cb000-001cf000 r-xp 00000000 08:05 27719     
/usr/lib/libgthread-2.0.so.0.2200.3
001cf000-001d0000 r--p 00003000 08:05 27719     
/usr/lib/libgthread-2.0.so.0.2200.3
001d0000-001d1000 rw-p 00004000 08:05 27719     
/usr/lib/libgthread-2.0.so.0.2200.3
001d3000-001ee000 r-xp 00000000 08:05 16561      /lib/ld-2.10.1.so
001ee000-001ef000 r--p 0001a000 08:05 16561      /lib/ld-2.10.1.so
001ef000-001f0000 rw-p 0001b000 08:05 16561      /lib/ld-2.10.1.so
001f0000-0026a000 r-xp 00000000 08:05 27730      /usr/lib/libfreetype.so.6.3.20
0026a000-0026e000 r--p 00079000 08:05 27730      /usr/lib/libfreetype.so.6.3.20
0026e000-0026f000 rw-p 0007d000 08:05 27730      /usr/lib/libfreetype.so.6.3.20
0026f000-00276000 r-xp 00000000 08:05 24593      /usr/lib/libSM.so.6.0.0
00276000-00277000 r--p 00006000 08:05 24593      /usr/lib/libSM.so.6.0.0
00277000-00278000 rw-p 00007000 08:05 24593      /usr/lib/libSM.so.6.0.0
00278000-0027f000 r-xp 00000000 08:05 25323     
/lib/tls/i686/cmov/librt-2.10.1.so
0027f000-00280000 r--p 00006000 08:05 25323     
/lib/tls/i686/cmov/librt-2.10.1.so
00280000-00281000 rw-p 00007000 08:05 25323     
/lib/tls/i686/cmov/librt-2.10.1.so
00281000-00283000 r-xp 00000000 08:05 24970     
/lib/tls/i686/cmov/libdl-2.10.1.so
00283000-00284000 r--p 00001000 08:05 24970     
/lib/tls/i686/cmov/libdl-2.10.1.so
00284000-00285000 rw-p 00002000 08:05 24970     
/lib/tls/i686/cmov/libdl-2.10.1.so
00287000-002b8000 r-xp 00000000 08:05 18872      /lib/libreadline.so.5.2
002b8000-002b9000 ---p 00031000 08:05 18872      /lib/libreadline.so.5.2
002b9000-002ba000 r--p 00031000 08:05 18872      /lib/libreadline.so.5.2
002ba000-002bd000 rw-p 00032000 08:05 18872      /lib/libreadline.so.5.2
002bd000-002be000 rw-p 00000000 00:00 0 
002be000-002c0000 r-xp 00000000 08:05 27737      /usr/lib/libXau.so.6.0.0
002c0000-002c1000 r--p 00001000 08:05 27737      /usr/lib/libXau.so.6.0.0
002c1000-002c2000 rw-p 00002000 08:05 27737      /usr/lib/libXau.so.6.0.0
002c2000-002c5000 r-xp 00000000 08:05 16612      /lib/libuuid.so.1.3.0
002c5000-002c6000 r--p 00002000 08:05 16612      /lib/libuuid.so.1.3.0
002c6000-002c7000 rw-p 00003000 08:05 16612      /lib/libuuid.so.1.3.0
002c7000-002c9000 r-xp 00000000 08:05 28422      /usr/lib/gconv/UTF-16.so
002c9000-002ca000 r--p 00001000 08:05 28422      /usr/lib/gconv/UTF-16.so
002ca000-002cb000 rw-p 00002000 08:05 28422      /usr/lib/gconv/UTF-16.so
002cb000-003b1000 r-xp 00000000 08:05 26981      /usr/lib/libstdc++.so.6.0.13
003b1000-003b5000 r--p 000e6000 08:05 26981      /usr/lib/libstdc++.so.6.0.13
003b5000-003b6000 rw-p 000ea000 08:05 26981      /usr/lib/libstdc++.so.6.0.13
003b6000-003bd000 rw-p 00000000 00:00 0 
003bd000-003f9000 r-xp 00000000 08:05 27554     
/usr/lib/libgobject-2.0.so.0.2200.3
003f9000-003fa000 r--p 0003b000 08:05 27554     
/usr/lib/libgobject-2.0.so.0.2200.3
003fa000-003fb000 rw-p 0003c000 08:05 27554     
/usr/lib/libgobject-2.0.so.0.2200.3
003fb000-00412000 r-xp 00000000 08:05 28258      /usr/lib/libICE.so.6.3.0
00412000-00413000 r--p 00016000 08:05 28258      /usr/lib/libICE.so.6.3.0
00413000-00414000 rw-p 00017000 08:05 28258      /usr/lib/libICE.so.6.3.0
00414000-00416000 rw-p 00000000 00:00 0 
00416000-0042a000 r-xp 00000000 08:05 16714      /lib/libz.so.1.2.3.3
0042a000-0042b000 r--p 00013000 08:05 16714      /lib/libz.so.1.2.3.3
0042b000-0042c000 rw-p 00014000 08:05 16714      /lib/libz.so.1.2.3.3
0042c000-00457000 r-xp 00000000 08:05 26937     
/usr/lib/libfontconfig.so.1.3.0
00457000-00458000 r--p 0002a000 08:05 26937     
/usr/lib/libfontconfig.so.1.3.0
00458000-00459000 rw-p 0002b000 08:05 26937     
/usr/lib/libfontconfig.so.1.3.0
00459000-0045d000 r-xp 00000000 08:05 29919     
/usr/lib/libXdmcp.so.6.0.0Aborted

What version of the product are you using? On what operating system?
Proxmark-SW: Latest version from svn.
OS: Ubuntu 9.10 - Linux 2.6.31-20-generic, libqt4-dev

Please provide any additional information below.
The issue still occurs on a random basis. Sometimes I am able to plot data,
sometimes the program crashes. Sometimes everything works fine until I
click into the window, sometimes the program crashes when I issue some
data-command like autocorr, etc. But I haven't yet figured out any rule
when it works and when it doesn't.

Maybe I did something wrong?! I have first posted the issue in the
community but was encouraged to register an issue here.

Thanks and regards,
Tom

Original issue reported on code.google.com by tom.cy...@googlemail.com on 15 Apr 2010 at 8:06

GoogleCodeExporter commented 8 years ago 
Problem was fixed with Release r438! 

Thanks to Adam and Hagen!

Cya,
Tom

Original comment by tom.cy...@googlemail.com on 21 Apr 2010 at 9:24

GoogleCodeExporter commented 8 years ago

Original comment by ksjob...@gmail.com on 23 Jun 2010 at 7:07