Buffer Overflow Detected error when doing who (slash)

[ProSkeptic]

I am using 32 bit Ubuntu 11.10 with source 2106 and equally new DB.

This issue is specific ONLY to Underfoot (well, it's all I have, other than TItanium, and the issue doesn't occur when I use Titanium) when I do a / (the slash, to get a list of players in the zone) I get this :

Code:

*** buffer overflow detected ***: ./zone terminated
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(__fortify_fail+0x45)[0x2d7c75]
/lib/i386-linux-gnu/libc.so.6(+0xe7a77)[0x2d6a77]
/lib/i386-linux-gnu/libc.so.6(+0xe6dad)[0x2d5dad]
./zone(_ZN10EntityList7ZoneWhoEP6ClientP14Who_All_Struct+0x234)[0x80ea218]
./zone(_ZN6Client23Handle_OP_WhoAllRequestEPK19EQApplicationPacket+0xe3)[0x820c925]
./zone(_ZN6Client12HandlePacketEPK19EQApplicationPacket+0x2e6)[0x821a138]
./zone(_ZN6Client7ProcessEv+0x1d79)[0x8121aaf]
./zone(_ZN10EntityList10MobProcessEv+0x5f)[0x80ed283]
./zone(main+0x1117)[0x812d1c1]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0x208113]
./zone[0x80c0ee1]
======= Memory map: ========
00110000-00127000 r-xp 00000000 08:01 291355     /lib/i386-linux-gnu/libpthread-2.13.so
00127000-00128000 r--p 00016000 08:01 291355     /lib/i386-linux-gnu/libpthread-2.13.so
00128000-00129000 rw-p 00017000 08:01 291355     /lib/i386-linux-gnu/libpthread-2.13.so
00129000-0012b000 rw-p 00000000 00:00 0 
0012b000-00147000 r-xp 00000000 08:01 261566     /lib/i386-linux-gnu/libgcc_s.so.1
00147000-00148000 r--p 0001b000 08:01 261566     /lib/i386-linux-gnu/libgcc_s.so.1
00148000-00149000 rw-p 0001c000 08:01 261566     /lib/i386-linux-gnu/libgcc_s.so.1
00149000-0015c000 r-xp 00000000 08:01 261628     /lib/i386-linux-gnu/libz.so.1.2.3.4
0015c000-0015d000 r--p 00012000 08:01 261628     /lib/i386-linux-gnu/libz.so.1.2.3.4
0015d000-0015e000 rw-p 00013000 08:01 261628     /lib/i386-linux-gnu/libz.so.1.2.3.4
0015e000-00169000 r-xp 00000000 08:01 291350     /lib/i386-linux-gnu/libnss_files-2.13.so
00169000-0016a000 r--p 0000a000 08:01 291350     /lib/i386-linux-gnu/libnss_files-2.13.so
0016a000-0016b000 rw-p 0000b000 08:01 291350     /lib/i386-linux-gnu/libnss_files-2.13.so
0016b000-0018c000 r-xp 00000000 08:01 399731     /usr/lib/perl5/auto/DBI/DBI.so
0018c000-0018d000 r--p 00020000 08:01 399731     /usr/lib/perl5/auto/DBI/DBI.so
0018d000-0018e000 rw-p 00021000 08:01 399731     /usr/lib/perl5/auto/DBI/DBI.so
001c5000-001ce000 r-xp 00000000 08:01 522399     /usr/lib/perl/5.12.4/auto/List/Util/Util.so
001ce000-001cf000 r--p 00008000 08:01 522399     /usr/lib/perl/5.12.4/auto/List/Util/Util.so
001cf000-001d0000 rw-p 00009000 08:01 522399     /usr/lib/perl/5.12.4/auto/List/Util/Util.so
001ee000-001ef000 r-xp 00000000 00:00 0          [vdso]
001ef000-00367000 r-xp 00000000 08:01 291335     /lib/i386-linux-gnu/libc-2.13.so
00367000-00369000 r--p 00178000 08:01 291335     /lib/i386-linux-gnu/libc-2.13.so
00369000-0036a000 rw-p 0017a000 08:01 291335     /lib/i386-linux-gnu/libc-2.13.so
0036a000-0036d000 rw-p 00000000 00:00 0 
00462000-00601000 r-xp 00000000 08:01 399525     /usr/lib/libmysqlclient.so.16.0.0
00601000-00604000 r--p 0019e000 08:01 399525     /usr/lib/libmysqlclient.so.16.0.0
00604000-00649000 rw-p 001a1000 08:01 399525     /usr/lib/libmysqlclient.so.16.0.0
00649000-0064a000 rw-p 00000000 00:00 0 
00774000-00852000 r-xp 00000000 08:01 397301     /usr/lib/i386-linux-gnu/libstdc++.so.6.0.16
00852000-00853000 ---p 000de000 08:01 397301     /usr/lib/i386-linux-gnu/libstdc++.so.6.0.16
00853000-00857000 r--p 000de000 08:01 397301     /usr/lib/i386-linux-gnu/libstdc++.so.6.0.16
00857000-00858000 rw-p 000e2000 08:01 397301     /usr/lib/i386-linux-gnu/libstdc++.so.6.0.16
00858000-0085f000 rw-p 00000000 00:00 0 
0089a000-0089d000 r-xp 00000000 08:01 522386     /usr/lib/perl/5.12.4/auto/Filter/Util/Call/Call.so
0089d000-0089e000 r--p 00002000 08:01 522386     /usr/lib/perl/5.12.4/auto/Filter/Util/Call/Call.so
0089e000-0089f000 rw-p 00003000 08:01 522386     /usr/lib/perl/5.12.4/auto/Filter/Util/Call/Call.so
0092b000-00933000 r-xp 00000000 08:01 291337     /lib/i386-linux-gnu/libcrypt-2.13.so
00933000-00934000 r--p 00007000 08:01 291337     /lib/i386-linux-gnu/libcrypt-2.13.so
00934000-00935000 rw-p 00008000 08:01 291337     /lib/i386-linux-gnu/libcrypt-2.13.so
00935000-0095c000 rw-p 00000000 00:00 0 
00990000-009b8000 r-xp 00000000 08:01 291344     /lib/i386-linux-gnu/libm-2.13.so
009b8000-009b9000 r--p 00028000 08:01 291344     /lib/i386-linux-gnu/libm-2.13.so
009b9000-009ba000 rw-p 00029000 08:01 291344     /lib/i386-linux-gnu/libm-2.13.so
009dc000-009df000 r-xp 00000000 08:01 291343     /lib/i386-linux-gnu/libdl-2.13.so
009df000-009e0000 r--p 00002000 08:01 291343     /lib/i386-linux-gnu/libdl-2.13.so
009e0000-009e1000 rw-p 00003000 08:01 291343     /lib/i386-linux-gnu/libdl-2.13.so
00c4e000-00c58000 r-xp 00000000 08:01 162333     /home/eqemu/source/EQEmuServer/EMuShareMem/libEMuShareMem.so
00c58000-00c59000 r--p 00009000 08:01 162333     /home/eqemu/source/EQEmuServer/EMuShareMem/libEMuShareMem.so
00c59000-00c5a000 rw-p 0000a000 08:01 162333     /home/eqemu/source/EQEmuServer/EMuShareMem/libEMuShareMem.so
00d0a000-00d28000 r-xp 00000000 08:01 269341     /lib/i386-linux-gnu/ld-2.13.so
00d28000-00d29000 r--p 0001d000 08:01 269341     /lib/i386-linux-gnu/ld-2.13.so
00d29000-00d2a000 rw-p 0001e000 08:01 269341     /lib/i386-linux-gnu/ld-2.13.so
00d93000-00f06000 r-xp 00000000 08:01 395143     /usr/lib/libperl.so.5.12.4
00f06000-00f08000 r--p 00173000 08:01 395143     /usr/lib/libperl.so.5.12.4
00f08000-00f0b000 rw-p 00175000 08:01 395143     /usr/lib/libperl.so.5.12.4
08048000-084ac000 r-xp 00000000 08:01 162532     /home/eqemu/source/EQEmuServer/zone/zone
084ac000-084ad000 r--p 00463000 08:01 162532     /home/eqemu/source/EQEmuServer/zone/zone
084ad000-084af000 rw-p 00464000 08:01 162532     /home/eqemu/source/EQEmuServer/zone/zone
084af000-08a53000 rw-p 00000000 00:00 0 
0a2c3000-0b2f3000 rw-p 00000000 00:00 0          [heap]
ad400000-ad45a000 rw-p 00000000 00:00 0 
ad45a000-ad500000 ---p 00000000 00:00 0 
ad6a8000-ad6a9000 rw-p 00000000 00:00 0 
ad6a9000-ad6aa000 ---p 00000000 00:00 0 
ad6aa000-adeaa000 rw-p 00000000 00:00 0 
adeaa000-adeab000 ---p 00000000 00:00 0 
adeab000-ae7f0000 rw-p 00000000 00:00 0 
ae7f0000-ae7f1000 ---p 00000000 00:00 0 
ae7f1000-aeff2000 rw-p 00000000 00:00 0 
aeff2000-aeff3000 r--p 0043a000 08:01 400089     /usr/lib/locale/locale-archive
aeff3000-af033000 r--p 002bd000 08:01 400089     /usr/lib/locale/locale-archive
af033000-af233000 r--p 00000000 08:01 400089     /usr/lib/locale/locale-archive
af233000-b1451000 r--s 00000000 00:04 229383     /SYSV530145e5 (deleted)
b1451000-b149d000 r--s 00000000 00:04 196614     /SYSV4b0145e5 (deleted)
b149d000-b1625000 r--s 00000000 00:04 163845     /SYSV4c0145e5 (deleted)
b1625000-b168b000 r--s 00000000 00:04 131076     /SYSV460145e5 (deleted)
b168b000-b70e9000 r--s 00000000 00:04 98307      /SYSV490145e5 (deleted)
b70e9000-b70ea000 ---p 00000000 00:00 0 
b70ea000-b78ef000 rw-p 00000000 00:00 0 
b78f2000-b78f9000 r--s 00000000 08:01 393220     /usr/lib/i386-linux-gnu/gconv/gconv-modules.cache
b78f9000-b7900000 rw-p 00000000 00:00 0 
bfdcc000-bfded000 rw-p 00000000 00:00 0          [stack]

Anyone else notice that Underfoot client shows the HPs as around 60-80 percent of max -- even though it's really the same as normal max?

[sorvani]

Quote:

Originally Posted by ProSkeptic

Anyone else notice that Underfoot client shows the HPs as around 60-80 percent of max -- even though it's really the same as normal max?

Change the rule to use SoF HP to true.

[ProSkeptic]

Excellent catch there Sorvani. Thanks greatly. It's minor, but it was a nagging issue and your remedy worked.

[lerxst2112]

ClientList::SendWhoAll is some sketchy code indeed. There are several places where it could overflow due to unchecked string copying. It's all wrapped in an exception handler, so ideally even if something goes wrong it shouldn't crash, but I would guess the gcc check is ignoring that.

You may be able to disable the buffer overflow checking by adding -D_FORTIFY_SOURCE=0 to your compile flags in the zone makefile.

[daspork]

Quote:

Originally Posted by lerxst2112

ClientList::SendWhoAll is some sketchy code indeed. There are several places where it could overflow due to unchecked string copying. It's all wrapped in an exception handler, so ideally even if something goes wrong it shouldn't crash, but I would guess the gcc check is ignoring that.

You may be able to disable the buffer overflow checking by adding -D_FORTIFY_SOURCE=0 to your compile flags in the zone makefile.

Did this fix work for you? I have been experiencing this as well.

Chris

[lerxst2112]

Quote:

Originally Posted by daspork

Did this fix work for you? I have been experiencing this as well.

I wasn't the one having the problem, I just researched a possible solution. You should try it and get back to us if it helped or not.