[opensuse-factory] Buffer Overflows
I noticed that I am encountering a few "buffer overflows" but I don't see any relevant reports in bugzilla, so it might be something specific to my system. Could someone confirm before I enter a bunch of bugs? The two executables that come to mind, are /usr/bin/dvd+rw-format and /usr/sbin/bacula-fd but I have seen a few others as well... This is on x86_64 with "latest" packages from Factory. # dvd+rw-format *** buffer overflow detected ***: dvd+rw-format terminated ======= Backtrace: ========= /lib64/libc.so.6(__fortify_fail+0x37)[0x7f63a99f3397] /lib64/libc.so.6[0x7f63a99f17a0] /lib64/libc.so.6[0x7f63a99f21dc] dvd+rw-format[0x4014fe] dvd+rw-format[0x4030e5] /lib64/libc.so.6(__libc_start_main+0xfa)[0x7f63a992b11a] dvd+rw-format[0x4011c9] ======= Memory map: ======== 00400000-00408000 r-xp 00000000 fd:01 920585 /usr/bin/dvd+rw-format 00607000-00608000 r--p 00007000 fd:01 920585 /usr/bin/dvd+rw-format 00608000-00609000 rw-p 00008000 fd:01 920585 /usr/bin/dvd+rw-format 02257000-02278000 rw-p 02257000 00:00 0 [heap] 7f63a990d000-7f63a9a5a000 r-xp 00000000 fd:01 1212617 /lib64/libc-2.7.so 7f63a9a5a000-7f63a9c5a000 ---p 0014d000 fd:01 1212617 /lib64/libc-2.7.so 7f63a9c5a000-7f63a9c5e000 r--p 0014d000 fd:01 1212617 /lib64/libc-2.7.so 7f63a9c5e000-7f63a9c5f000 rw-p 00151000 fd:01 1212617 /lib64/libc-2.7.so 7f63a9c5f000-7f63a9c64000 rw-p 7f63a9c5f000 00:00 0 7f63a9c64000-7f63a9c7a000 r-xp 00000000 fd:01 1214110 /lib64/libgcc_s.so.1 7f63a9c7a000-7f63a9e79000 ---p 00016000 fd:01 1214110 /lib64/libgcc_s.so.1 7f63a9e79000-7f63a9e7a000 r--p 00015000 fd:01 1214110 /lib64/libgcc_s.so.1 7f63a9e7a000-7f63a9e7b000 rw-p 00016000 fd:01 1214110 /lib64/libgcc_s.so.1 7f63a9e7b000-7f63a9ecf000 r-xp 00000000 fd:01 1212684 /lib64/libm-2.7.so 7f63a9ecf000-7f63aa0cf000 ---p 00054000 fd:01 1212684 /lib64/libm-2.7.so 7f63aa0cf000-7f63aa0d0000 r--p 00054000 fd:01 1212684 /lib64/libm-2.7.so 7f63aa0d0000-7f63aa0d1000 rw-p 00055000 fd:01 1212684 /lib64/libm-2.7.so 7f63aa0d1000-7f63aa1c1000 r-xp 00000000 fd:01 920100 /usr/lib64/libstdc++.so.6.0.10 7f63aa1c1000-7f63aa3c0000 ---p 000f0000 fd:01 920100 /usr/lib64/libstdc++.so.6.0.10 7f63aa3c0000-7f63aa3c7000 r--p 000ef000 fd:01 920100 /usr/lib64/libstdc++.so.6.0.10 7f63aa3c7000-7f63aa3c9000 rw-p 000f6000 fd:01 920100 /usr/lib64/libstdc++.so.6.0.10 7f63aa3c9000-7f63aa3dc000 rw-p 7f63aa3c9000 00:00 0 7f63aa3dc000-7f63aa3f2000 r-xp 00000000 fd:01 1212694 /lib64/libpthread-2.7.so 7f63aa3f2000-7f63aa5f2000 ---p 00016000 fd:01 1212694 /lib64/libpthread-2.7.so 7f63aa5f2000-7f63aa5f3000 r--p 00016000 fd:01 1212694 /lib64/libpthread-2.7.so 7f63aa5f3000-7f63aa5f4000 rw-p 00017000 fd:01 1212694 /lib64/libpthread-2.7.so 7f63aa5f4000-7f63aa5f8000 rw-p 7f63aa5f4000 00:00 0 7f63aa5f8000-7f63aa615000 r-xp 00000000 fd:01 1212579 /lib64/ld-2.7.so 7f63aa7ab000-7f63aa7ea000 r--p 00000000 fd:01 1034658 /usr/lib/locale/en_US.utf8/LC_CTYPE 7f63aa7ea000-7f63aa7ed000 rw-p 7f63aa7ea000 00:00 0 7f63aa80a000-7f63aa811000 r--s 00000000 fd:01 1034600 /usr/lib64/gconv/gconv-modules.cache 7f63aa811000-7f63aa812000 rw-s 00000000 fd:01 1461576 /tmp/dvd+rw-format.66Exya (deleted) 7f63aa812000-7f63aa814000 rw-p 7f63aa812000 00:00 0 7f63aa814000-7f63aa815000 r--p 0001c000 fd:01 1212579 /lib64/ld-2.7.so 7f63aa815000-7f63aa816000 rw-p 0001d000 fd:01 1212579 /lib64/ld-2.7.so 7fffb2800000-7fffb2815000 rw-p 7ffffffea000 00:00 0 [stack] 7fffb29fe000-7fffb2a00000 r-xp 7fffb29fe000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] # /etc/init.d/bacula-fd restart Shutting down the Bacula File daemon done Starting the Bacula File daemon*** buffer overflow detected ***: /usr/sbin/bacula-fd terminated ======= Backtrace: ========= /lib64/libc.so.6(__fortify_fail+0x37)[0x7f870fbff397] /lib64/libc.so.6[0x7f870fbfd7a0] /usr/sbin/bacula-fd[0x43327e] /usr/sbin/bacula-fd[0x4336ae] /usr/sbin/bacula-fd[0x40706d] /lib64/libc.so.6(__libc_start_main+0xfa)[0x7f870fb3711a] /usr/sbin/bacula-fd[0x406c09] ======= Memory map: ======== 00400000-00453000 r-xp 00000000 fd:01 920390 /usr/sbin/bacula-fd 00653000-00654000 r--p 00053000 fd:01 920390 /usr/sbin/bacula-fd 00654000-00656000 rw-p 00054000 fd:01 920390 /usr/sbin/bacula-fd 00656000-00657000 rw-p 00656000 00:00 0 01f3e000-01f5f000 rw-p 01f3e000 00:00 0 [heap] 7f870f914000-7f870f918000 r-xp 00000000 fd:01 1212806 /lib64/libattr.so.1.1.0 7f870f918000-7f870fb17000 ---p 00004000 fd:01 1212806 /lib64/libattr.so.1.1.0 7f870fb17000-7f870fb18000 r--p 00003000 fd:01 1212806 /lib64/libattr.so.1.1.0 7f870fb18000-7f870fb19000 rw-p 00004000 fd:01 1212806 /lib64/libattr.so.1.1.0 7f870fb19000-7f870fc66000 r-xp 00000000 fd:01 1212617 /lib64/libc-2.7.so 7f870fc66000-7f870fe66000 ---p 0014d000 fd:01 1212617 /lib64/libc-2.7.so 7f870fe66000-7f870fe6a000 r--p 0014d000 fd:01 1212617 /lib64/libc-2.7.so 7f870fe6a000-7f870fe6b000 rw-p 00151000 fd:01 1212617 /lib64/libc-2.7.so 7f870fe6b000-7f870fe70000 rw-p 7f870fe6b000 00:00 0 7f870fe70000-7f870fe86000 r-xp 00000000 fd:01 1214110 /lib64/libgcc_s.so.1 7f870fe86000-7f8710085000 ---p 00016000 fd:01 1214110 /lib64/libgcc_s.so.1 7f8710085000-7f8710086000 r--p 00015000 fd:01 1214110 /lib64/libgcc_s.so.1 7f8710086000-7f8710087000 rw-p 00016000 fd:01 1214110 /lib64/libgcc_s.so.1 7f8710087000-7f87100db000 r-xp 00000000 fd:01 1212684 /lib64/libm-2.7.so 7f87100db000-7f87102db000 ---p 00054000 fd:01 1212684 /lib64/libm-2.7.so 7f87102db000-7f87102dc000 r--p 00054000 fd:01 1212684 /lib64/libm-2.7.so 7f87102dc000-7f87102dd000 rw-p 00055000 fd:01 1212684 /lib64/libm-2.7.so 7f87102dd000-7f87103cd000 r-xp 00000000 fd:01 920100 /usr/lib64/libstdc++.so.6.0.10 7f87103cd000-7f87105cc000 ---p 000f0000 fd:01 920100 /usr/lib64/libstdc++.so.6.0.10 7f87105cc000-7f87105d3000 r--p 000ef000 fd:01 920100 /usr/lib64/libstdc++.so.6.0.10 7f87105d3000-7f87105d5000 rw-p 000f6000 fd:01 920100 /usr/lib64/libstdc++.so.6.0.10 7f87105d5000-7f87105e8000 rw-p 7f87105d5000 00:00 0 7f87105e8000-7f8710745000 r-xp 00000000 fd:01 918972 /usr/lib64/libcrypto.so.0.9.8 7f8710745000-7f8710945000 ---p 0015d000 fd:01 918972 /usr/lib64/libcrypto.so.0.9.8 7f8710945000-7f8710952000 r--p 0015d000 fd:01 918972 /usr/lib64/libcrypto.so.0.9.8 7f8710952000-7f8710968000 rw-p 0016a000 fd:01 918972 /usr/lib64/libcrypto.so.0.9.8 7f8710968000-7f871096c000 rw-p 7f8710968000 00:00 0 7f871096c000-7f87109b3000 r-xp 00000000 fd:01 931957 /usr/lib64/libssl.so.0.9.8 7f87109b3000-7f8710bb2000 ---p 00047000 fd:01 931957 /usr/lib64/libssl.so.0.9.8 7f8710bb2000-7f8710bb4000 r--p 00046000 fd:01 931957 /usr/lib64/libssl.so.0.9.8 7f8710bb4000-7f8710bba000 rw-p 00048000 fd:01 931957 /usr/lib64/libssl.so.0.9.8 7f8710bba000-7f8710bc2000 r-xp 00000000 fd:01 1216038 /lib64/libwrap.so.0.7.6 7f8710bc2000-7f8710dc1000 ---p 00008000 fd:01 1216038 /lib64/libwrap.so.0.7.6 7f8710dc1000-7f8710dc2000 r--p 00007000 fd:01 1216038 /lib64/libwrap.so.0.7.6 7f8710dc2000-7f8710dc3000 rw-p 00008000 fd:01 1216038 /lib64/libwrap.so.0.7.6 7f8710dc3000-7f8710dc4000 rw-p 7f8710dc3000 00:00 0 7f8710dc4000-7f8710dc6000 r-xp 00000000 fd:01 1212664 /lib64/libdl-2.7.so 7f8710dc6000-7f8710fc6000 ---p 00002000 fd:01 1212664 /lib64/libdl-2.7.so 7f8710fc6000-7f8710fc7000 r--p 00002000 fd:01 1212664 /lib64/libdl-2.7.so 7f8710fc7000-7f8710fc8000 rw-p 00003000 fd:01 1212664 /lib64/libdl-2.7.so 7f8710fc8000-7f8710fde000 r-xp 00000000 fd:01 1212694 /lib64/libpthread-2.7.so 7f8710fde000-7f87111de000 ---p 00016000 fd:01 1212694 /lib64/libpthread-2.7.so 7f87111de000-7f87111df000 r--p 00016000 fd:01 1212694 /lib64/libpthread-2.7.so 7f87111df000-7f87111e0000 rw-p 00017000 fd:01 1212694 /lib64/libpthread-2.7.so 7f87111e0000-7f87111e4000 rw-p 7f87111e0000 00:00 0 7f87111e4000-7f87111f9000 r-xp 00000000 fd:01 1213511 /lib64/libz.so.1.2.3 7f87111f9000-7f87113f8000 ---p 00015000 fd:01 1213511 /lib64/libz.so.1.2.3 7f87113f8000-7f87113f9000 r--p 00014000 fd:01 1213511 /lib64/libz.so.1.2.3 7f87113f9000-7f87113fa000 rw-p 00015000 fd:01 1213511 /lib64/libz.so.1.2.3 7f87113fa000-7f8711401000 r-xp 00000000 fd:01 1213513 /lib64/libacl.so.1.1.0 7f8711401000-7f8711600000 ---p 00007000 fd:01 1 done --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
Hi,
I noticed that I am encountering a few "buffer overflows" but I don't see any relevant reports in bugzilla, so it might be something specific to my system. Could someone confirm before I enter a bunch of bugs?
The two executables that come to mind, are /usr/bin/dvd+rw-format and /usr/sbin/bacula-fd but I have seen a few others as well... This is on x86_64 with "latest" packages from Factory.
# dvd+rw-format *** buffer overflow detected ***: dvd+rw-format terminated ======= Backtrace: ========= I can confirm this on i586.
Felix Möller --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
Felix Möller wrote:
Hi,
I noticed that I am encountering a few "buffer overflows" but I don't see any relevant reports in bugzilla, so it might be something specific to my system. Could someone confirm before I enter a bunch of bugs?
The two executables that come to mind, are /usr/bin/dvd+rw-format and /usr/sbin/bacula-fd but I have seen a few others as well... This is on x86_64 with "latest" packages from Factory.
# dvd+rw-format *** buffer overflow detected ***: dvd+rw-format terminated ======= Backtrace: ========= I can confirm this on i586.
Please report all these bugs. They are not specific for your system. It's an enhanced feature in the latest glibc to report possible buffer overflows due to "bad coding". More packages could be affected and those should be found asap. Wolfgang --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
Hi,
# dvd+rw-format *** buffer overflow detected ***: dvd+rw-format terminated ======= Backtrace: ========= I can confirm this on i586.
Please report all these bugs. They are not specific for your system. It's an enhanced feature in the latest glibc to report possible buffer overflows due to "bad coding". More packages could be affected and those should be found asap.
Opened a report at: https://bugzilla.novell.com/show_bug.cgi?id=354838 Felix Möller --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
On Fri, Jan 18, 2008 at 07:56:21PM +0100, Wolfgang Rosenauer wrote:
Felix Möller wrote:
Hi,
I noticed that I am encountering a few "buffer overflows" but I don't see any relevant reports in bugzilla, so it might be something specific to my system. Could someone confirm before I enter a bunch of bugs?
The two executables that come to mind, are /usr/bin/dvd+rw-format and /usr/sbin/bacula-fd but I have seen a few others as well... This is on x86_64 with "latest" packages from Factory.
# dvd+rw-format *** buffer overflow detected ***: dvd+rw-format terminated ======= Backtrace: ========= I can confirm this on i586.
Please report all these bugs. They are not specific for your system. It's an enhanced feature in the latest glibc to report possible buffer overflows due to "bad coding". More packages could be affected and those should be found asap.
Yes, the new thing is that the buffer overflow checking we had for C programs now is also applied on C++ programs. Ciao, Marcus --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org
participants (4)
-
Felix Möller
-
Marcus Meissner
-
Warren Stockton
-
Wolfgang Rosenauer