[gmx-developers] xdrfile buffer overrun / segfault with malformed xtc files

Robert McGibbon rmcgibbo at gmail.com
Fri Sep 26 01:48:34 CEST 2014


I recently noticed a segfault while reading xtc files. The bug was first
noticed in MDTraj (which uses the gromacs xtc libraries), and was also
confirmed against `gmx check` from gromacs 5.0.1. The original bug report
can be found on the mdtraj github
<https://github.com/SimTk/mdtraj/issues/606>. This xtc file should be
sufficient to reproduce the crash:

Attached is a small patch that fixes the issue. The patch is
against xdrfile-1.1.4 from
http://www.gromacs.org/Developer_Zone/Programming_Guide/XTC_Library. The
issue stems from a buffer overrun inside xdrfile_decompress_coord_float
with certain corrupted files.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://maillist.sys.kth.se/pipermail/gromacs.org_gmx-developers/attachments/20140925/4ec48ef0/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix.patch
Type: application/octet-stream
Size: 620 bytes
Desc: not available
URL: <http://maillist.sys.kth.se/pipermail/gromacs.org_gmx-developers/attachments/20140925/4ec48ef0/attachment.obj>

More information about the gromacs.org_gmx-developers mailing list