Hi, I opened a bug into the bacula bug tracking system and got the answer that the source has to been build without FORTIFY_SOURCE turned on. To solve the issue that builded bacula versions with gcc 4.3.3 detects a false buffer overflow. The complete thread is appended as additional information. Here the direct link to the bug also with emerge info: http://bugs.bacula.org/view.php?id=1220 Best Regards Martin Reproducible: Always The following issue has been CLOSED ====================================================================== http://bugs.bacula.org/view.php?id=1220 ====================================================================== Reported By: mrbscreen Assigned To: kern ====================================================================== Project: bacula Issue ID: 1220 Category: bat Reproducibility: always Severity: major Priority: normal Status: closed Resolution: not a bug Fixed in Version: ====================================================================== Date Submitted: 2009-01-30 06:53 UTC Last Modified: 2009-01-30 08:04 UTC ====================================================================== Summary: compile bacula with gcc 4.3.3 doesnot work Description: Dear Sear or Madame, yesterday I updated gcc from version 4.3.2 to version 4.3.3 on my gentoo system. After that I updated bacula to version 2.4.4 the build was without errors but if I start the any program a "buffer overflow" detection of glibc occurs (see additional information). I downgraded to version 2.4.1 and the same thing happens. After downgrade the C Compiler to version 4.3.2 bacula works well also in version 2.4.4. The error occurs also in bconsole etc. Best Regards, Martin Bauer ====================================================================== ---------------------------------------------------------------------- (0003901) mrbscreen (reporter) - 2009-01-30 06:55 http://bugs.bacula.org/view.php?id=1220#c3901 ---------------------------------------------------------------------- Note that the "emerge --info" is from the working set. If it is helpfully I can do one with gcc 4.3.2 ---------------------------------------------------------------------- (0003902) kern (administrator) - 2009-01-30 08:04 http://bugs.bacula.org/view.php?id=1220#c3902 ---------------------------------------------------------------------- You are not building Bacula with the Bacula makefiles, and consequently, you (or you packaging tool) are adding the -DFORTIFY_SOURCE option, which is broken. This creates a false buffer overflow detection by glibc. You need to build without FORTIFY_SOURCE turned on. Issue History Date Modified Username Field Change ====================================================================== 2009-01-30 06:53 mrbscreen New Issue 2009-01-30 06:53 mrbscreen Status new => assigned 2009-01-30 06:53 mrbscreen Assigned To => dbartley 2009-01-30 06:55 mrbscreen Note Added: 0003901 2009-01-30 06:55 mrbscreen Issue Monitored: mrbscreen 2009-01-30 06:55 mrbscreen Note Edited: 0003901 2009-01-30 08:04 kern Note Added: 0003902 2009-01-30 08:04 kern Assigned To dbartley => kern 2009-01-30 08:04 kern Status assigned => closed 2009-01-30 08:04 kern Resolution open => not a bug 2009-01-30 08:04 kern Steps to Reproduce Updated ======================================================================
i confirm this bug here... gcc (Gentoo 4.3.3 p1.0, pie-10.1.5) 4.3.3 starting bacula-fd gives. *** buffer overflow detected ***: /usr/sbin/bacula-fd terminated ======= Backtrace: ========= /lib/libc.so.6(__fortify_fail+0x37)[0x7f573b72e127] /lib/libc.so.6[0x7f573b72bf00] /usr/sbin/bacula-fd[0x43cca3] ........... 7f573c72c000-7f573c733000 r-xp 00000000 08:01 341219 /lib64/libwrap.so.0.7.6 7f573c733000-7f573c833000 ---p 00007000 08:01 341219 /lib64/libwrap31-Jan 13:34 bacula-fd: Fatal Error because: Bacula interrupted by signal 6: IOT trap Kaboom! bacula-fd, bacula-fd got signal 6 - IOT trap. Attempting traceback. Kaboom! exepath=/usr/sbin/ Calling: /usr/sbin/btraceback /usr/sbin/bacula-fd 6447 /usr/sbin/btraceback: line 22: /usr/sbin/bsmtp: No such file or directory cat: write error: Broken pipe Traceback complete, attempting cleanup ... Segmentation fault (core dumped)
Hi, I added -D_FORTIFY_SOURCE=0 to the CFLAGS and compiled it and it no longer dumps but I've never used bacula before so I'm not really sure if it's running. Webmin says it looks ok though.
(In reply to comment #2) Hi, I can confirm if bacula is build with: CFLAGS="-D_FORTIFY_SOURCE=0 ${CFLAGS}" emerge -v1 bacula Bacula runs well. Best Regards Martin
Just a "me too" message, having same issue, solution also -U_FORTIFY_SOURCE or -D_FORTIFY_SOURCE=0
In this particular instance, it's the glibc implementation that is buggy, so the correct fix indeed is to add -U_FORTIFY_SOURCE to CFLAGS. per http://sourceforge.net/project/shownotes.php?release_id=651582 , it looks like upstream graciously have worked around this issue in the development version.
-U_FORTIFY_SOURCE fixed this for me too - thanks!
i had the same problem, CFLAGS="-D_FORTIFY_SOURCE=0 ${CFLAGS}" emerge -v1 bacula fixed it too... shouldn't that be somewhere in the ebuild ? Thx anyway.
Got the same problem 6 months after it was reported, maybe it should be in the ebuild?
Working on 3.0.2 which should incorporate the fix included in 2.5.28-b1...
Should be fixed in 3.0.2.
Hello. Perhaps the fix should be incorporated in the 2.x release as well. For example, in my setup I have to stick with 2.x versions because one other distro doesn't have bacula 3.x available, and I can't mix versions because they don't talk to each other. Anyway, I fixed in my system by adding -U_FORTIFY_SOURCE to my CFLAGS, but I still think this is more of a workaround, as this option will be passed along to all ebuilds, and not only bacula.
Created attachment 209343 [details, diff] adds -U_FORTIFY_SOURCE to CFLAGS Simple patch that adds "-U_FORTIFY_SOURCE" to the CFLAGS of bacula-2.4.4 - should be the same for the other versions.
*** Bug 295246 has been marked as a duplicate of this bug. ***
While this has been fixed in 2.4.4, this has not been fixed in the ebuild for 2.4.1(-r1 in portage) As this is marked stable I would expect this fix to be backported.
Not fixed in 2.4.4, amd64 platform.
same thing here, thanks for reporting the fix
