[screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 ch

screen-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 ch

From:	Felix Weinmann
Subject:	[screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination
Date:	Tue, 9 Feb 2021 08:04:41 -0500 (EST)
User-agent:	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) Gecko/20100101 Firefox/84.0

URL:
  <https://savannah.gnu.org/bugs/?60030>

                 Summary: Screen segfaults by displaying some UTF-8 character
combination
                 Project: GNU Screen
            Submitted by: lixfel
            Submitted on: Tue 09 Feb 2021 01:04:39 PM UTC
                Category: Crash/Freeze/Infloop
                Severity: 3 - Normal
                Priority: 5 - Normal
                  Status: None
                 Privacy: Private
             Assigned to: None
             Open/Closed: Open
                 Release: 4.5.0
         Discussion Lock: Any
           Fixed Release: None
         Planned Release: None
           Work Required: None

    _______________________________________________________

Details:

== How to reproduce ==
Open a screen and bring it to display the character sequence described below.
(For example: paste them into bash)

== Could not reproduce on/with ==
MacOS Catalina (10.15.7) (Screen version 4.00.03 (FAU) 23-Oct-06)

== Reproduced on/with ==
Debian 9 (Screen version 4.05.00 (GNU) 10-Dec-16)
Raspbian 10 (Screen version 4.06.02 (GNU) 23-Oct-17)
Debian 10 (screen 4.06.02, Windows WSL)
Ubuntu 20.04.1 (Screen version 4.08.00, Windows WSL)
Ubuntu 20.04 (Screen version 4.08.00 (GNU) 05-Feb-20)

== The Character sequence ==
This character sequence was not optimized/nailed down and it takes sometimes
multiple pastes into the screen to finally crash it:

/ᇨᆬᆑᆺ忐ᆝᇯ忁徼ᅳ忬ᇎᆿ忘ᆮᆗᆈᆡ念ᆾᇧ応ᇙᆨᆂᆓ忌ᅷᆱᆫᇺ忔ᇔ志ᅻ忄忑ᇸᇐ忍ᆠᇫᇱ徸ᇜ徲徺ᆧ忏徹忚忓徺ᆤᇆᇓ忒ᇀ忂ᇎᇃ忈ᆦᇦᆹᇵᇢᇀᆵᇘ徱忲忽快忹ᅿ忊ᆳᅲᆉᇧᆕᆦᇟᇑᅵ忯ᇼ忌ᇃ忻徰ᆺᆠᆏᆾᆌᇩᇅ/徽忳ᇒᆬᇣ徽忑ᆂ忳ᅳᆎ忯忣ᅰᇗ忶ᇯ忈ᇯᇴᇝᇨ忲忩忇ᆞᆁ忑ᇅᇆᇭᅾᆌᇺᆏᆮ徳忆忙ᇟᅾᆌᇀᆘᅷᆶᇣᇫ忨ᇷ忂快ᆼᆴᇓᆖᇳ忇ᆃᆰᆼ快ᅶᆳᇠ忧徺忲ᇮᇮᆛᇖᆅᆠ徲忁ᇃᆍ忌ᇕ忚ᆓᆨᇾ忨ᇄ忊ᆆ忿応ᇫᅵ忑忱ᆷᆌᆜᆮᇳ/ᇺ忦ᆅᆏᅵ忿ᆡ忏徸念ᇒᇎᇕ忷忼ᅿ忇徿ᇐᇢᆹ忶徺ᇲᇴ忏忦忍ᆼᇳᆒ忡ᆭᆏᅿᆽᇉ忬応忻ᇀᆎᇴ忀ᇑᅲᆦ德徾ᇀ忨ᇳᇵ忟徱応ᇓᇱᆘᆵᆅᅵᆰᇎᆕ忚ᇨᇀᆏᆆ徴ᆂ忄ᇵᇒᇫ忤ᇧ忁ᇅᇛ忙ᇛᇜ忀ᆛ忠ᇁᆚ忿ᇀᅸᆮᇵᆅᇇ德ᅶᇉ/ᇚᇎ徳ᇎ必ᇢᇖ忟ᆾᇡᆝᆂᇾᆴᇈ快ᇢ徱ᆶᆥᆍᅶᆧᆝᆵ忇ᆕᇣᆢᅻᆜ徵ᇾᇢ�
 
��忉ᅿᆋᇸᆖᆡ徻ᇭᆗᅴ忻ᇃᇉᇏ忟ᇟ忬ᇭᇅ忉忝ᇔᇠᆪᆛᆽᆶᇁᇿᇁ忽忠ᆌ忩ᆏᇪᅲ忥ᆾᇿᆙ徱ᆍ忩徶応ᆰᇥᆧᆆ忼ᇮᇉ心ᇥᆇᅳ念ᅱᆬᅰᆞ忑忾/徼ᆞᆇ徴ᆠᆗ徴ᆿ忠ᆎ徻ᇩᆬᅿᇷᇁ忺ᇌ忠ᇙᇙᇿᆊᆘ徳ᆧᇥᆚ忂ᆸ徸忼ᇂᇻᇸᇭᇸᇆᆺᆊ忪徸忌ᇒᆲᆂᆹᆐ忾忥徹徳ᇔᇻ徺ᆾᆁᆓᇅᇪᇦᆧᅱ忻ᆨ徵ᇲᅲ志忀ᆤᆠᅶ忐ᆂ忼忙ᆒ忠忶徾ᇄᇻ徿ᇌᆳᇷ忇ᆉᆃ徱ᇎ忲ᆞ忐徾忁ᅼ忉/ᇹᇞᆄ忋ᆎᇦ忘ᆶᅷᇬ忊ᇂᆿᅱ志ᇢ志ᆐᆃᇀᆩ徹忞ᆯᇋᆁᇲᇕᅺ忷ᅵᇻ忤ᆤᇶ忼忬忬ᆠᆆᆦ忡忱ᇀᇭᇋ忔ᆝ忁忱ᇯᆭᇨᆉᆃᅳ忧忄ᆻᇏᆞᆇᆍᆁ忒念忓忸ᇳᅸ忨ᆳ忯ᇊᆗᇫᆆ忦ᇉ忩ᆠ忥ᆊ忌忽ᆼᇷᆳᆜᆺ徹ᇷ忧忈忱忏ᇍᆜᅽ/ᆜᇝᇣᇖᆱ忾ᆇᇿ忼ᇎ徸ᇍ徱忯ᆬᇳ忬ᅱᇯᇮ忎快ᇦᇲᇺᇷ応志ᇞᇥᇴ忿ᆜᆎᆁᆬᇥ忞忠ᅿ忀ᆠᆲ徲忈忯ᇞᇼᇳᅽ徲ᅳ徸ᆨᆄᇃᆏᆄᆤ忹ᇦᇞ志ᇸ忬ᆪᆎᆻ��
 
�ᇠ快ᆪᇈ忻徽德忋ᇁ忏忩ᅹ徴ᇁᆔᆵᅶᆡᇮᇜ忀ᆐᅺ忀快ᆪ徳ᇰᇚ徽/ᆜᆼ徼ᅼᆊ忒快ᇪ忖ᆬᇸᆽᅱᇂᆿ徰ᅺᇴᆚᇸ忿忌ᆁ忀ᅻᇮᇒᇰᇒᆜ忧ᆌ忮ᇹ心ᇩᇹᇸ念ᆧᇤᆑ忠ᅶᇒᇔᇣ志忞ᆈᇒ忥ᇠ忔ᆊᇲᇌᇿ忺ᆐᇂᇧ徿忠忕徹ᆰ念ᆁ忱快ᇰ忝ᆮᅵ徽ᇺᆠᆰ念ᇾ忦ᆳ忩ᇨ徴ᆼᇔᇮᇚ忤ᆕᇥ徵ᇵᆛᆨ忟ᆮ/忷ᇶᆊᇁᆺᇀ忒ᆴ忎ᇿᇉᆂᆆᆴᇵᅵᇍ忦忿ᇕ忸ᅾᆈᇩᆴ徵ᆻ德ᆃᅴᇇ徳忺ᇖᇷᅲ忛ᅷᆺᅼᇡ徰ᆸ徻忱ᇉᆾᆋᇭᆅᇰᆌᇠᆜᆡᆔᆅᆽᆇ徳応ᆡ忯忞ᆛᆬ忤忆ᇷᆠ忲忭ᆔᆓᆠᇜ忨ᆊ徽忣ᅹ忤ᇫᆅᇆᇚ志ᇍᆗᅺ徱ᆭᆃᇯᅵᇑ徱ᇖᆌ/徰ᆠᇼ忢ᇀᆆᇊᆯ忮忋忘ᇹ忲ᆣ徱ᆾᇑᇥᇛᇄ忦ᆪᇕᇮᅺᇍ忭ᆴ忚ᅿ忉ᇒᆻᆂ忸ᆮᇦᅸ忿ᇯᆜ忿ᆏᆕᆵᇬᅿ忓忇ᇞᇆᇧᅳᇹ忨ᇶ忲ᆒ忥忌ᇯᆛᅵᅸᆮᆸᅶᆉ忪ᇇᆍᆖᇄ忴忍ᅿᆐᆠᇬᇉᆥ忝ᆙᆱᇩ忸ᇔᆳᇺᆴ忞忍徾徰ᅺᆆᇁᇔᇫ/忙徾ᅾ��
 
�忆ᇘᆈ忷ᇵ忩ᇅᇪ忍ᇄᆝ忀ᇏᆠᆜᆢᆦᇤ忍ᆭᆵᇏᆷ忌ᇸᇛᆉᆂᇵᇉᇽᆂ徼ᆛᇙ徹ᇮᆁᆘᇵᇬᆾ忍ᇡᆀᆉᇱ忻忽ᅲᇝᇀ忄ᆺᆛ徽德ᇩᇑᇓ忴忬ᆦᆜ徻忺徸ᇉᇚᆤᆸ忐忁ᆷᇵ德ᅱᆘᇊᇮᆉᆹᆚᇶᇺ忧忲徺徰ᅾᇵᆒᇃ忑ᇼ/徸ᆦᆂᇁ忄ᆢᆚ忘ᇾᇊᆈᇨᆼ快忰ᅶᅻ忹ᇡ忽ᆣᆳᇃᆵᆅᅰᇖᅽᆣᇆᆿ忥忁徳ᆾ忥ᆹ忺ᇬᇺᅹᇃᅹᆈᆂᆃᆅᆯ德ᆭᆒᇇᇻ忺ᇉᆔᆙ忯ᆰ忋必ᆶᆇ忮ᆌ忱忘徳ᇮ忠ᅱᇺᇸ忯ᆼᆴ徹徹忘ᇼᇍ忼快忎ᆉᆻᇲᇡᆮᇜᇫᆹᆣ忚ᆛᅶᇮ忤ᇍ/ᇝᆱᆵᅸᆹᇱᅲᆪᇂᆧᆶᆞᇮᆳ忥ᇯᆢᇼᇷᇏᆻ忤ᆱᆇ忖ᆪ忣ᇉᆌᇼᆡ忡ᇁᆡ忤ᇼᆤ忂ᆇ忠念ᇐᇒ忮ᆉᇛᇛ忉ᆊ忲ᅿᆻᆼᇙᇵᆽ徽ᆦᆢ忿ᆐᆅᆖ忝ᇒᇔ忌ᆧᆨ徶忒ᆤᇤᇉᆱ忥忧ᇜᆑᅶᇾᆏᆊ忺ᇷ忈ᆌ忂忨ᆢᇨ心ᆜ忊ᇞ忐ᇵᆭ忸/ᆦᇺᆡ忛ᆙᆔᇈᇩᆢ忣ᅲ忺ᇡ徾忺忭志忙忰ᇌ忣忔ᆈᆃᆥᆐ応徸ᆀᆁᆭᆔᆩ忋ᆲᇣᇠ忋
 
ᇣᇺ忡ᇉᅻ忸忀ᇘᇦᅶᆱᅸᅷ忁ᆊ忩ᆳ忽ᆡ忥ᇬᆾᇔᆢᆼᇭ忝忕ᇥᇳᇉᇱᆺᇎ忳ᆦ徼ᇝ忆忊ᆞᆻᆪ忄忣ᆲ忄忋ᇬ心ᅼᇇᆝ忮忾忠ᇐᇈᆌ徼忩/忮ᆳᆨᇼᇹᇨᇪᆍ忄ᆠᅱᆳ徺ᆁᇕᆘ志ᅱᆢᆯᆝ忳忂忙忒忓ᆆᆊᆢᇀ忤ᆨᇖᆏᆛ徴ᅶᇛᇴᅸᆮ徼ᇓᇱᅴᆉ忈ᇸᇌ徳ᇻᇥ忔ᆎ忍ᇸᇝᇯᆕᆽᆹ忮ᆉᇗᆄᇧ徱ᆤᆽᇿ忰ᇎᇳ忲忻ᇲᆦᇸᆫᆐᆯᆐᇽ忯忬ᇽ忇ᇞᅸᅵᆲ忰ᇱᆺ徰ᆽ忏ᆖ忞/忖忒ᇄ忋ᇟᇒ忺ᆅᇇᅽᇗᆗᆕ徹忧ᆆ忻ᇰ忴ᆝᇧᇱᆠ忂忢忎忘ᆥᇞ徴ᇝ忌忥ᆴ忄心ᇞ忯ᆄᇅᇷᆊᇉᇈ忯ᆹᇓᆤ忡忧ᆦᅹᅳᆰᇟᆳ応ᆠᆫᇒᇮᇃ忑ᆩ忑ᅻᇂ忣ᇡ忩徺忙忚ᆩᇗᇲᆵ忰ᆎᇂᆖᆺᆙᆑᇈ徲ᇄᇑ忕ᆥᇋᇊ忝ᇣ徼ᇂᇝᆊᇺ/ᆿᆟᇜᆕᆂᆇᅼ心ᇹᅻᇐᆹᇔᇨᇡ忻ᇊᆮ忲忁忌ᆯᇍᆹ忍ᇡ忼ᆥ徲ᇊᇦ忙忂忇ᆿ徴ᆦ忢忣ᇃᆶ徼ᆩ忣ᆱᆯᆴ忊忻ᆊᇑ忹ᇚᆰᆬᆨᇀ忋ᆝ徰ᆱᆬ忇ᇌᆷ徺忶ᇨᇈᇇᇖ忨�
 
��ᆏᇟ忋ᆻᇶᆣᆣᅻᆝᇒᆴᆒᇣ忕ᆎ心ᆑᇈᇻᇆᆛᇰ徶忞ᇳᇈ/ᆛ徶ᆑᅹᆄᇍ志ᇣ忶忄ᇿᆁᆣ忽ᅹᆩᇻ忱忉忔忛ᆾ忣忚忣ᇟᇖᇳᅾᇋ忨志ᅼᆒᆊ忿ᇡ忖ᇮᇞᆥᆪᅻᆰ忠ᆬ忨ᆇᅿᆜ徴ᇢ忷ᇤ忧徵ᇈ忁ᆿᇈᆱ忑忺徵ᅰᇝ忷ᅱ忞応ᇇᆇᆼ忤ᇷᆜᆁᅺᇯ忂ᅻ忒忓忱ᆍ忧ᇳᇁ忩ᆞ快忂ᇺ忯ᆤᇚᇞ忳徰

== Additional Context ==
Some player joined a minecraft server i maintain and startet 10s after joining
to type the UTF-8 characters above in multiple commands (very likely
automated). As i log these commands in a screen, screen crashed and terminated
my minecraft server. So this bug is already exploited, but very likely without
knowing the origin in screen. I don't know if this bug might enable remote
code execution, thus marked as private.




    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?60030>

_______________________________________________
  Message sent via Savannah
  https://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Felix Weinmann <=
- Re: [screen-devel] [bug #60030] [CVE-2021-26937] Screen segfaults by displaying some UTF-8 character combination, Axel Beckert, 2021/02/10
- [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Michael Schröder, 2021/02/10
  - Re: [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Axel Beckert, 2021/02/10
    - Re: [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Axel Beckert, 2021/02/10
    - Re: [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Tavis Ormandy, 2021/02/10
    - Re: [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Axel Beckert, 2021/02/10
    - Re: [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Axel Beckert, 2021/02/11
    - Re: [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Michael Schroeder, 2021/02/11
    - Re: [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Axel Beckert, 2021/02/11
    - Re: [screen-devel] [bug #60030] Screen segfaults by displaying some UTF-8 character combination, Michael Schroeder, 2021/02/11

Next by Date: Re: [screen-devel] [bug #60030] [CVE-2021-26937] Screen segfaults by displaying some UTF-8 character combination
Next by thread: Re: [screen-devel] [bug #60030] [CVE-2021-26937] Screen segfaults by displaying some UTF-8 character combination
Index(es):
- Date
- Thread