X2Go Bug report logs - #900
Gedit, gnome-terminal and others crash in rootless mode

Package: libnx-x11; Maintainer for libnx-x11 is X2Go Developers <x2go-dev@lists.x2go.org>; Source for libnx-x11 is src:nx-libs.

Reported by: Camilo Alejandro Arboleda <camilo@ieee.org>

Date: Thu, 2 Jul 2015 06:25:02 UTC

Severity: normal

Tags: patch

Merged with 878, 956

Forwarded to https://github.com/ArcticaProject/nx-libs/issues/82

Full log


Message #13 received at 900@bugs.x2go.org (full text, mbox, reply):

Received: (at 900) by bugs.x2go.org; 23 Feb 2016 14:29:22 +0000
From mike.gabriel@das-netzwerkteam.de  Tue Feb 23 15:29:20 2016
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00,URIBL_BLOCKED
	autolearn=ham version=3.3.2
Received: from localhost (localhost [127.0.0.1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id B5B4C5DA97
	for <900@bugs.x2go.org>; Tue, 23 Feb 2016 15:29:20 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de
Received: from ymir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id f8pyvzTeR+C6 for <900@bugs.x2go.org>;
	Tue, 23 Feb 2016 15:29:14 +0100 (CET)
Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 9225E5DA2B
	for <900@bugs.x2go.org>; Tue, 23 Feb 2016 15:29:14 +0100 (CET)
Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98])
	by freya.das-netzwerkteam.de (Postfix) with ESMTPS id 63D2329B2;
	Tue, 23 Feb 2016 15:29:14 +0100 (CET)
Received: from localhost (localhost [127.0.0.1])
	by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 20AC53BA3C;
	Tue, 23 Feb 2016 15:29:14 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de
Received: from grimnir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 71XEmwWy0FIs; Tue, 23 Feb 2016 15:29:08 +0100 (CET)
Received: from das-netzwerkteam.de (localhost [127.0.0.1])
	by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id 3D76D3B970;
	Tue, 23 Feb 2016 15:29:08 +0100 (CET)
Received: from 134.245.98.147 ([134.245.98.147]) by mail.das-netzwerkteam.de
 (Horde Framework) with HTTP; Tue, 23 Feb 2016 14:29:08 +0000
Date: Tue, 23 Feb 2016 14:29:08 +0000
Message-ID: <20160223142908.Horde.zumaHPkyA_nZdO6_tIj-38r@mail.das-netzwerkteam.de>
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: Camilo Alejandro Arboleda <camilo@ieee.org>, 900@bugs.x2go.org
Subject: Re: [X2Go-Dev] Bug#900: Gedit, gnome-terminal and others crash in
 rootless mode
In-Reply-To: <5594D862.70701@ieee.org>
User-Agent: Horde Application Framework 5
Accept-Language: de,en
Organization: DAS-NETZWERKTEAM
X-Originating-IP: 134.245.98.147
X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Firefox/38.0 Iceweasel/38.5.0
Content-Type: multipart/signed; boundary="=_sdeBNlVPATvLdyTOwpprBOq";
 protocol="application/pgp-signature"; micalg=pgp-sha256
MIME-Version: 1.0
[Message part 1 (text/plain, inline)]
Control: tags -1 patch
Control: forwarded -1 https://github.com/ArcticaProject/nx-libs/issues/82

Hi Camilo,

On  Do 02 Jul 2015 08:21:22 CEST, Camilo Alejandro Arboleda wrote:

Your bug report has just been moved [1] to the new upstream location  
of nx-libs on Github.

> Looking at the highlighted values, it seems that gedit is sending a
> malformed ChangeProperty request, and rootless is failing to process it.

Is it really a malformed request or a problem with broken BIG-REQUESTS  
support [2] in libXcomp3 (aka nxcomp)?

> Specifically the segment between lines 735-780, tries to set a property
> that is bigger than the maximum size required, but because it's a
> malformed request it ends up writing in memory outside the boundaries of
> the output buffer.
>
> Alternatives:
>
>  1. Ensure that nxagentExportProperty never writes beyond the boundaries
>     of the output buffer.
>  2. Resize the output buffer to match the required size
>     (ProcChangeProperty seems to do something similar).
>  3. Ignore big requests (see attached patch).

Is option 3. really the optimal approach? It feels like option 2.  
would be the way to go here...

Please continue, if possible for you, this discussion on Github.

Mike

[1] https://github.com/ArcticaProject/nx-libs/issues/82
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766299
-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/mailxchange/kronolith/fb.php?u=m.gabriel%40das-netzwerkteam.de
[Message part 2 (application/pgp-signature, inline)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Mon Aug 8 00:38:54 2022; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.