[vtkusers] VTK 4.2.1: some tests still fail on SuSE Linux 8.1

Henner Eisen eis at gl-group.com
Thu Mar 13 06:52:11 EST 2003 

Hi,

[ my first posting had a bogus From/Reply address, but this should
   be fixed now.]

When I try to run the test from the shell as suggested I get a segfault.
I tried to debug with with gdb. I first got a deepley nested (27 levels)
call trace.

I tried gdb with some more minimized examples and found that there
is a buffer overun broblem in the Ensight* IO routines:

The routines seem to use a character arrays line[] and subLine[]
of fixed size as IO buffer. The same buffer is also used to compute
strings -- such as the path name of a file to open -- by means of
strcpy() and strcat() whithout checking the size of the target
buffer.

In the EnSight binary routines, sizeof(line) is only 80. If the path
to the VTKData is non-trivial, the resulting file name size easily
exceeds 79 characters. The same problem appears in other Ensight IO
routines (maybe also in some non-EnSight routines, I did not check),
but the non-binary routines use an IO buffer size of at least 256.
Thus triggerring the bug requires a much longer file path for the
non-binary IO routines.

At least, after changing the dimensions in vtkEnSight6BinaryReader.cxx
and vtkEnSightGoldBinaryReader.cxx from 80 to 256, the problem disappears.
(Note that this is not a clean fix. Also, be aware that such
buffer overuns could still be exploited to execute arbitrary
malicious code by means of loading a specially constructed
malicious data file).

Henner

-- 

____________________________________________________________________________
|                                        url :     http://www.gl-group.com /
| Dipl.-Math. Henner Eisen     __     Address:                            /
| eis at gl-group.com          G /  \ L   Germanischer Lloyd                /
| phone: +49-40-36149-985   -+----+-   Vorsetzen 32       P.O.Box 111606/
| fax  : +49-40-36149-7320    \__/     20459 Hamburg      20416 Hamburg/
|                                      Germany                        /
|____________________________________________________________________/
 
 
 
 
****************************************************
 
 
Beachten Sie:  Wir moechten Sie informieren, dass die E-Mail-Adresse des Germanischen Lloyd sowie unsere Web-Adresse mit Wirkung vom 1. Maerz 2003 auf den Namen gl-group.com umgestellt wurde.
 
 
Dies bedeutet, dass die bisherige Adresse Kurzzeichen at germanlloyd.org durch die neue Adresse Kurzzeichen at gl-group.com ersetzt wird. Die Homepage des GL ist kuenftig ueber die Adresse 'http://www.gl-group.com' aufrufbar. Die bisher verwendeten Adressen bleiben fur eine Uebergangsfrist erreichbar.
 
 
**************************************************** 
 
Please notice: We would like to inform you that the e-mail address of Germanischer Lloyd as well as our internet address had been changed to  gl-group.com with effect from 1st March 2003.
 
 
This means that the previous address shortmark at germanlloyd.org will be replaced by shortmark at gl-group.com. From now on the GL homepage can be accessed at the address 'http://www.gl-group.com'. The old addresses remain valid for a transitional period.
 

 
 
****************************************************
 
 
 
 
This e-mail contains confidential information for the exclusive attention of the intended addressee. Any access of third parties to this e-mail is unauthorised. Any use of this e-mail by unintended recipients such as copying, distribution, disclosure etc. is prohibited and may be unlawful. When addressed to our clients the content of this e-mail is subject to the General Terms and Conditions of GL's Group of Companies applicable at the date of this e-mail.  
 
GL's Group of Companies does not warrant and/or guarantee that this message at the moment of receipt is authentic, correct and its communication free of errors, interruption etc.

More information about the vtkusers mailing list