You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The issue was detected in Ubuntu autopkgtests. The call to bamtools revert -in sam_spec_example.bam -out out.bam fails due to the buffer overflow detected[1] with the following stack trace:
(gdb) where
#0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
#1 0x000003fff789fd56 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78
#2 0x000003fff784ba90 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#3 0x000003fff782b4cc in __GI_abort () at abort.c:79
#4 0x000003fff78921f8 in __libc_message_impl (fmt=fmt@entry=0x3fff79a428e "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:132
#5 0x000003fff792a50c in __GI___fortify_fail (msg=msg@entry=0x3fff79a424a "buffer overflow detected") at fortify_fail.c:24
#6 0x000003fff7929d38 in __GI___chk_fail () at chk_fail.c:28
#7 0x000003fff792adae in __GI___memcpy_chk (dstpp=dstpp@entry=0x2aa000ab261, srcpp=srcpp@entry=0x3ffffff99b4, len=len@entry=4, dstlen=dstlen@entry=3) at memcpy_chk.c:27
#8 0x000003fff7e2b6ba in memcpy (__len=4, __src=0x3ffffff99b4, __dest=0x2aa000ab261) at /usr/include/s390x-linux-gnu/bits/string_fortified.h:29
#9 BamTools::SwapEndian_32p (data=0x2aa000ab261 "") at /usr/src/bamtools-2.5.2+dfsg-5/src/api/BamAux.h:229
#10 BamTools::Internal::BamWriterPrivate::WriteAlignment (this=0x2aa000890d0, al=...) at /usr/src/bamtools-2.5.2+dfsg-5/src/api/internal/bam/BamWriter_p.cpp:353
#11 0x000003fff7e1445c in BamTools::Internal::BamWriterPrivate::SaveAlignment (al=..., this=0x2aa000890d0) at /usr/src/bamtools-2.5.2+dfsg-5/src/api/internal/bam/BamWriter_p.cpp:263
#12 BamTools::BamWriter::SaveAlignment (this=<optimized out>, alignment=...) at /usr/src/bamtools-2.5.2+dfsg-5/src/api/BamWriter.cpp:131
#13 0x000002aa00035f08 in BamTools::RevertTool::RevertToolPrivate::Run() ()
#14 0x000002aa0003e3fe in BamTools::RevertTool::Run(int, char**) ()
#15 0x000002aa0001017a in main ()
(gdb) print i
$1 = 17
This is due to the write loop in src/api/internal/bam/BamWriter_p.cpp using single byte instead of sizeof(uint32_t) increment to swap bytes in the integer data.
The output file on s390x is corrupted by the write operation.
bamtools crash with the hardening flags enabled.
The issue was detected in Ubuntu autopkgtests. The call to
bamtools revert -in sam_spec_example.bam -out out.bamfails due to the buffer overflow detected[1] with the following stack trace:This is due to the write loop in src/api/internal/bam/BamWriter_p.cpp using single byte instead of sizeof(uint32_t) increment to swap bytes in the integer data.
The output file on s390x is corrupted by the write operation.
bamtools crash with the hardening flags enabled.
[1] https://objectstorage.prodstack5.canonical.com/swift/v1/AUTH_0f9aae918d5b4744bf7b827671c86842/autopkgtest-oracular/oracular/s390x/b/bamtools/20240701_175546_4de2a@/log.gz
The text was updated successfully, but these errors were encountered: