safecat versions 0.11 and 0.12 built by emerge both die with segmentation faults after creating the file in the tmp directory, and before writing to it. However, if I build it myself by just running "make", it works fine. Here's my emerge --info: Portage 2.1-r2 (default-linux/x86/2005.1, gcc-4.1.1, glibc-2.4-r3, 2.6.17-gentoo-r7 i686) ================================================================= System uname: 2.6.17-gentoo-r7 i686 Intel(R) Pentium(R) 4 CPU 3.60GHz Gentoo Base System version 1.12.4 app-admin/eselect-compiler: [Not Present] dev-lang/python: 2.4.3-r1 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-Os -march=pentium4 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/share/X11/xkb /usr/share/confi g /var/qmail/alias /var/qmail/control" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-Os -march=pentium4 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks metadata-transfer parallel-fetch sandbox sfperms strict" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LINGUAS="en_GB en" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-af ter --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 X aac alsa apm asf avi bash-completion berkdb bitmap-fonts browserplugin bzip2 cairo cdparanoia cjk cli crypt cs cope cups curl dga dlloader doc dri dvd dvdr dvdread eds emboss encode ffmpeg firefox flac font-server foomaticdb fpx gcj gdbm ggi gif gpm graphviz gstreamer gtk gtk2 i8x0 idea imlib insecure-savers isdnlog java javamail javascript jbig jikes jpeg jpeg2k junit ldap libg++ libwww lzo mad mikmod mmap mmx mmxext mng motif mozdevelop mozilla moznoirc moznomail mozs vg mp3 mpeg ncurses nis nls nptl nptlonly nsplugin ogg oggvorbis opengl oracle pam pcre pdflib perl png postgres pppd pyt hon qmail qt3 qt4 quicktime rc5 readline real reflection rhino ruby sasl sdk sdl seamonkey session slp spell spl sse sse2 ssl svg svga tcpd tga theora threads tiff tools truetype truetype-fonts type1-fonts unicode vidix vorbis win32codecs win bind wmf xanim xml xml2 xmms xorg xprint xscreensaver xv xvid xvmc zlib elibc_glibc input_devices_keyboard input_devices_ mouse kernel_linux linguas_en_GB linguas_en userland_GNU video_cards_vesa" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Reopen with a backtrace, thanks. http://www.gentoo.org/proj/en/qa/backtraces.xml
Here's a backtrace from safecat 1.11: #0 str_len (s=0x32333932 <Address 0x32333932 out of bounds>) at str_len.c:9 t = 0xbfca5be4 "`
Here's a backtrace from safecat 1.11: #0 str_len (s=0x32333932 <Address 0x32333932 out of bounds>) at str_len.c:9 t = 0xbfca5be4 "`Ì\004\b*" #1 0x08048bf9 in stralloc_cats (sa=0xbfca5bd8, s=0x32333932 <Address 0x32333932 out of bounds>) at stralloc_cats.c:9 No locals. #2 0x080488f4 in main (argc=3, argv=0xbfca5c94) at safecat.c:65 tempdir = 0x32333932 <Address 0x32333932 out of bounds> destdir = 0xbfca7987 "/home/pmh/Maildir/new" outfd = <value optimized out> dstpath = {s = 0x0, len = 0, a = 0} outfile = {s = 0x804cc60 "1157646464.M024380P111205293253924.edison", len = 42, a = 44} outpath = {s = 0x0, len = 0, a = 0} filestat = {st_dev = 0, __pad1 = 0, st_ino = 0, st_mode = 0, st_nlink = 0, st_uid = 0, st_gid = 3217710144, st_rdev = 577732619760035520, __pad2 = 0, st_size = 24641422, st_blksize = 0, st_blocks = 0, st_atim = {tv_sec = 0, tv_nsec = 134514640}, st_mtim = {tv_sec = 0, tv_nsec = 134527884}, st_ctim = {tv_sec = -1077257256, tv_nsec = 134514213}, __unused4 = 3086020596, __unused5 = 3085072610} count = 1
What CFLAGS did you use when you built it yourself? Could you try with -Os/-O1/-O2/-O3 (all of them)
Well, this is getting stranger. "emerge safecat" produces a safecat which segfaults. "CFLAGS=-O0 emerge safecat" produces one which works, as does "CFLAGS=-O3", and everything in between, and even CFLAGS=-g. If I unpack the tarball and run make in the resulting directory, I get a working safecat, no matter what level of -O I put in conf-cc. The only way I could get a useful backtrace from a version which segfaults was to use the /etc/portage/bashrc script from http://article.gmane.org/gmane.linux.gentoo.hardened/1204, with a package.cflags containing "net-mail/safecat -g", and running "FEATURES=nostrip emerge safecat"
Looks like I missed some tests cases last time. "CFLAGS=-Os emerge safecat" bucks the trend, and produces a version which segfaults. With the package.cflags approach, "-g" segfaults, "-g -Os" segfaults, but everything from "-g -O0" to "-g -O3" works OK
could you please include your full testcase here? exactly the command you are running. as safecat works perfectly fine for me in every compile configuration I've tried.
It's simple enough. This is without /etc/portage/bashrc: # emerge safecat ... lots of emerge output here # safecat /home/pmh/Maildir/{tmp,new} < /etc/filesystems Segmentation fault # CFLAGS=-O2 emerge safecat ... emerge output # safecat /home/pmh/Maildir/{tmp,new} < /etc/filesystems 1159435055.M718837P3477.edison # CFLAGS=-Os emerge safecat ... emerge output # safecat /home/pmh/Maildir/{tmp,new} < /etc/filesystems Segmentation fault I've just noticed that I have CFLAGS=-Os in make.conf, which I thought was set to -O2. This makes my previous observations look more consistent: it's just -Os which leads to segfaults.
Here's my testcase: d=/tmp/foo maildirmake $d && safecat $d/{tmp,new} < /etc/filesystems It works perfectly for me with -Os and every other CFLAG. What filesystem are you using for /home? Are you using grsec or selinux at all? Is your hardware sane?
> What filesystem are you using for /home? ext3 > Are you using grsec or selinux at all? No > Is your hardware sane? As far as I know. I'm using a Dell Optiplex GX620, and nothing else seems to have broken recently. Is there any any specific type of insanity I should look for?
could you try my testcase for a moment? in your backtrace, tempdir really shouldn't be corrupt like that.
Looks like it works now, even with -Os. I run emerge --update every week, so presumably one of those fixed it. safecat itself hasn't been updated since my last test, but glibc has been upgraded since then. I wish I knew for sure what the original problem was, though.
ok, i'll just blame it on a glibc bug.