SyncTERM / Bugs / #205 buffer overflow core

Anonymous - 2025-07-30

Same issue here on CachyOS (arch-based) running kernel 6.15.7-3-cachyos and KDE plasma on Wayland.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Anonymous - 2025-08-07

Same on CachyOS (arch-based)

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Anonymous - 2025-08-07

Same happens with 1.5. Seems to be an issue with newer kernels or maybe even libc (seen tools with similar issues).

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Stephen James Hurd - 2025-08-10

Sorry, been doing summer things. Could you attach a properly sanitized syncterm.ini and syncterm.lst file (ie: remove all user/password lines, etc)?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Stephen James Hurd - 2025-08-10

Actually, installing CachyOS in a VM now... will update if I can't repro.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Stephen James Hurd - 2025-08-10

status: open --> pending

assigned_to: Stephen James Hurd
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.
- Anonymous - 2025-08-11
  
  Yes, it worked.
  
  |)/`. /\/\/-|) a ()xy()zb()urne venture
  
  On Sun, Aug 10, 2025 at 3:24 PM Stephen James Hurd
  deuce@users.sourceforge.net wrote:
  
  status: open --> pending
  assigned_to: Stephen James Hurd
  Comment:
  
  Ok, should be fixed in git now, and I've kicked off a new test build to update the source/binaries on the website.
  
  The issue appears to be a mismatch between GCC v15 and Cryptlib with regard to what sizeof returns for the size of a struct that ends in a flex array. It appears that GCC is standard compliant in this behaviour, so this was a bug in Cryptlib.
  
  Please comment/close this ticket if the issue is resolved for you.
  
  [tickets:#205] buffer overflow core
  
  Status: pending
  1.7: 1.7
  Created: Mon Jul 21, 2025 02:35 AM UTC by Chris
  Last Updated: Sun Aug 10, 2025 06:50 PM UTC
  Owner: Stephen James Hurd
  
  so both release src 1.6 and 20250720 do this.
  gcc.linux.x64.exe.debug]$ ./syncterm
  *** buffer overflow detected ***: terminated
  Aborted (core dumped)
  
  I am assuming thats syncterm's test, because it way shouldn't happen with arch/manjaro.
  Linux version 6.12.37-1-MANJARO
  
  Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/syncterm/tickets/205/
  
  To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/
  
  Related
  
  Bugs: ~~#205~~
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Anonymous
    
    Add attachments
    Cancel
    You seem to have CSS turned off. Please don't fill out this field.
    
    You seem to have CSS turned off. Please don't fill out this field.

Stephen James Hurd - 2025-08-10

Ok, should be fixed in git now, and I've kicked off a new test build to update the source/binaries on the website.

The issue appears to be a mismatch between GCC v15 and Cryptlib with regard to what sizeof returns for the size of a struct that ends in a flex array. It appears that GCC is standard compliant in this behaviour, so this was a bug in Cryptlib.

Please comment/close this ticket if the issue is resolved for you.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Stephen James Hurd - 2025-08-11

status: pending --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Stephen James Hurd - 2025-08-11

Fix confirmed.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

buffer overflow core

Cross-platform BBS (ANSI) Terminal

Milestone

Searches

Help

#205 buffer overflow core

Related

Discussion

Related