ipmitool aborts due to buffer overflow.
Issue
- ipmitool aborts and dumps core when performing the follwing command.:
Core was generated by `/usr/bin/ipmitool -v -I lanplus -H 10.10.10.10 -U xxxxx -P XXXXXXXX sdr elist'.
Program terminated with signal 6, Aborted.
#0 0x00000000010d6625 in raise () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.149.el6_6.9.x86_64
(gdb) bt
#0 0x00000000010d6625 in raise () from /lib64/libc.so.6
#1 0x00000000010d7e05 in abort () from /lib64/libc.so.6
#2 0x0000000001114537 in __libc_message () from /lib64/libc.so.6
#3 0x00000000011a6527 in __fortify_fail () from /lib64/libc.so.6
#4 0x00000000011a4410 in __chk_fail () from /lib64/libc.so.6
#5 0x00000000011a3b0b in __vsnprintf_chk () from /lib64/libc.so.6
#6 0x00000000011a39da in __snprintf_chk () from /lib64/libc.so.6
#7 0x000000000040b56b in snprintf (intf=0x69e8a0, sensor=0x1bc9700) at /usr/include/bits/stdio2.h:65
#8 ipmi_sdr_print_sensor_full (intf=0x69e8a0, sensor=0x1bc9700) at ipmi_sdr.c:1145
#9 0x000000000040d11a in ipmi_sdr_print_rawentry (intf=<value optimized out>, type=<value optimized out>,
raw=<value optimized out>, len=<value optimized out>) at ipmi_sdr.c:2303
#10 0x000000000040d3a0 in ipmi_sdr_print_sdr (intf=0x69e8a0, type=1 '\001') at ipmi_sdr.c:2509
#11 0x000000000040d935 in ipmi_sdr_main (intf=0x69e8a0, argc=2, argv=0x7fff18e6d260) at ipmi_sdr.c:4345
#12 0x0000000000436395 in ipmi_main (argc=<value optimized out>, argv=<value optimized out>, cmdlist=0x68c1e0,
intflist=0x0) at ipmi_main.c:706
#13 0x00000000004048a0 in main (argc=<value optimized out>, argv=<value optimized out>) at ipmitool.c:126
Environment
- Red Hat Enterprise Linux 6
- ipmitool-1.8.11-16.el6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
