34381 – kdebase-3.1.4 does not emerge due to "stack smashing attack"

Bug 34381 - kdebase-3.1.4 does not emerge due to "stack smashing attack"

Summary: kdebase-3.1.4 does not emerge due to "stack smashing attack"

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	x86 Linux

Importance:	High normal
Assignee:	Gentoo KDE team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2003-11-25 18:03 UTC by Miguel Sousa Filipe
Modified:	2004-08-09 12:01 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Miguel Sousa Filipe 2003-11-25 18:03:01 UTC

kdebase-3.1.4 fails to emerge due to a stack smashing attack in the install fase...

I suppose that this is false positive, but... since I'm ignorant in these
things... dunno.

It happens right in the end.. where emerge is calling install to copy the built
application to some target dir.

If the problem is due to overly agressive optimization flags, I would apreciate
if you ppl could tell me wich of my flags is the aggressive one :)
(-fomit-frame-pointer is pretty stable, maybe some of the -mXXX ?)


Reproducible: Always
Steps to Reproduce:
1.put -fstack-protector in CFLAGS
2.emerge kdebase
3.wait...

Actual Results:  
/bin/sh ../../admin/mkinstalldirs
/usr/portage/tmp/portage/kdebase-3.1.4/image//usr/kde/3.1/bin
  /bin/sh ../../libtool --silent --mode=install /bin/install -c -p  kdm_config
/usr/portage/tmp/portage/kdebase-3.1.4/image//usr/kde/3.1/bin/kdm_config
  /bin/sh ../../libtool --silent --mode=install /bin/install -c -p  kdm_greet
/usr/portage/tmp/portage/kdebase-3.1.4/image//usr/kde/3.1/bin/kdm_greet
  /bin/sh ../../libtool --silent --mode=install /bin/install -c -p  krootimage
/usr/portage/tmp/portage/kdebase-3.1.4/image//usr/kde/3.1/bin/krootimage
mkdir -p --
/usr/portage/tmp/portage/kdebase-3.1.4/image//usr/kde/3.1/share/config/kdm
Information: reading old xdm config file /etc/X11/xdm/xdm-config
Warning: cannot copy file /etc/X11/xdm/xdm-keys
genkdmconf: stack smashing attack in function mainmake[4]: ***
[install-data-local] Aborted
make[4]: Leaving directory
`/usr/portage/tmp/portage/kdebase-3.1.4/work/kdebase-3.1.4/kdm/kfrontend'
make[3]: *** [install-am] Error 2
make[3]: Leaving directory
`/usr/portage/tmp/portage/kdebase-3.1.4/work/kdebase-3.1.4/kdm/kfrontend'
make[2]: *** [install-recursive] Error 1
make[2]: Leaving directory
`/usr/portage/tmp/portage/kdebase-3.1.4/work/kdebase-3.1.4/kdm/kfrontend'
make[1]: *** [install-recursive] Error 1
make[1]: Leaving directory
`/usr/portage/tmp/portage/kdebase-3.1.4/work/kdebase-3.1.4/kdm'
make: *** [install-recursive] Error 1

!!! ERROR: kde-base/kdebase-3.1.4 failed.
!!! Function kde_src_install, Line 162, Exitcode 2
!!! died running make install, kde_src_install:make


Expected Results:  
happy emerge of kdebase....

here is my emerge info:
[82p] dali : ~ $ emerge info
Portage 2.0.49-r15 (default-x86-1.4, gcc-3.2.3, glibc-2.3.2-r3, 2.6.0-test9-mm2)
=================================================================
System uname: 2.6.0-test9-mm2 i686 AMD Athlon(TM) MP 2200+
Gentoo Base System version 1.4.3.10p1
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O2 -march=athlon-mp -mmmx -msse -m3dnow -mfpmath=sse,387 -pipe
-fstack-protector -fomit-frame-pointer "
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /var/qmail/control /usr/share/config
/usr/kde/2/share/config /usr/kde/3/share/config /usr/X11R6/lib/X11/xkb
/opt/tomcat/conf"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-O2 -march=athlon-mp -mmmx -msse -m3dnow -mfpmath=sse,387 -pipe
-fstack-protector -fomit-frame-pointer "
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs sandbox ccache userpriv usersandbox digest"
GENTOO_MIRRORS="ftp://ftp.rnl.ist.utl.pt/gentoo http://gentoo.oregonstate.edu
http://www.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/usr/portage/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://ftp.rnl.ist.utl.pt/gentoo-portage"
USE="x86 oss avi encode foomaticdb gif jpeg libg++ mad mikmod mpeg ncurses
pdflib png quicktime spell xml2 xv zlib gdbm berkdb slang readline tetex svga
tcltk mysql gpm tcpd libwww perl python imlib oggvorbis qt motif X xft gtk gtk2
truetype nls alsa dga sdl xmms opengl cdr sse mmx 3dnow threads samba cpd ipv6
crypt ssl pam prelude java junit mozilla moznocompose moznoirc doc -gnome -kde
-arts -apm -cups"

Comment 1 Alexander Gabert (RETIRED) gentoo-dev

2003-12-01 15:01:14 UTC

can you please emerge glibc-2.3.2-r3 and gcc-3.2.3-r3 then recompile almost all of kde, yes, i am serious, and do report back to me please?

we had this happening with apache2 and mod_php and galeon and mozilla that these big chicks were producing false positives all the way home.
i think the kde stuff is prone to these errors too because they use a lot of libraries also.

please report back any forthcoming proceedings, otherwise we might close this bug,

thanks,

Alex

Comment 2 Heiko Wundram 2004-01-09 11:11:37 UTC

I've also encountered this bug, with the following configuration:

Portage 2.0.49-r20 (hardened-x86-1.4, gcc-3.3.2, glibc-2.3.3_pre20031222-r0, 2.6.1-rc2-gentoo)
=================================================================
System uname: 2.6.1-rc2-gentoo i686 AMD Athlon(tm) XP 2400+
Gentoo Base System version 1.4.3.12
ccache version 2.3 [enabled]
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CFLAGS="-Os -march=athlon-xp -pipe"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.1/share/config /usr/kde/3/share/config /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/bind /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-Os -march=athlon-xp -pipe"
DISTDIR="/home/data/portage/distfiles"
FEATURES="autoaddcvs ccache sandbox sfperms strict"
GENTOO_MIRRORS="http://mirrors.sec.informatik.tu-darmstadt.de/gentoo http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror"
MAKEOPTS="-j2"
PKGDIR="/home/data/portage/packages"
PORTAGE_TMPDIR="/home/data/portage/tmp"
PORTDIR="/home/data/portage/portage"
PORTDIR_OVERLAY="/home/data/portage/local"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="3dnow X acl adns apache2 arts berkdb cdr crypt doc dvd dvdr fam gdbm gnome gpm gtk gtk2 idea innodb ipv6 java javascript jpeg kde ldap libwww maildir mbox mmx mozilla mysql ncurses nls opengl pam perl png prelude pwdb python qt readline ruby samba sasl snmp spell sse ssl svga tcltk tcpd tetex tiff truetype x86 xml2 zlib"

Maybe this has something to do with a similar bug report for kde-3.2.0-beta2, which also has genkdmconf failing due to some permission error (which is unexpected due to sandboxing). I've yet to try and recompile kde, but the error itself doesn't seem to be limited to aggressive optimizations (as the original author suggested), but rather appears also on other systems.

I've not yet had any other problems with the combination gcc 3.3.2+hardened and glibc_2.3.3_20031222.

I'll try and investigate, and please, Alex, reopen the bug...

Comment 3 Brandon Hale (RETIRED) gentoo-dev

2004-01-09 14:34:00 UTC

Reopened at user request.

Comment 4 Caleb Tennis (RETIRED) gentoo-dev

2004-05-17 16:30:35 UTC

closing due to inactivity - if it persists with the latest kdes, please reopen and file with hardened@gentoo.org

Comment 5 Jordan Ritter 2004-08-09 12:01:52 UTC

I still have the problem "stack smashing attack in function main" bug with the latest rev of kdebase-3.2.3-r1.  

I usually end up having to re-emerge with FEATURES="keeptemp keepwork" so that I don't have to wait for the entire thing to compile again, pause emerge, then cd into kdebase-3.2.3/kdm/kfrontend/, rm genkdmconf.o, edit the local Makefile to remove -fstack-protector, make genkdmconf, then let the emerge complete.  It is becoming very tedious to have to do this repeatedly; genkdmconf has been problematic for me in more ways than just this since 3.1. 

Using gcc-3.2.3-r4.  Always reproducible.  Just having the -fstack-protector flag induces it to occur.

# emerge info
Portage 2.0.50-r9 (default-x86-1.4, gcc-3.2.3, glibc-2.3.3.20040420-r0,2.3.2-r9, 2.6.7)
=================================================================
System uname: 2.6.7 i686 Mobile Intel(R) Pentium(R) 4 - M CPU 2.40GHz
Gentoo Base System version 1.4.16
ccache version 2.3 [enabled]
Autoconf: sys-devel/autoconf-2.59-r4
Automake: sys-devel/automake-1.8.3
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="no"
CFLAGS="-O3 -mcpu=pentium4 -march=pentium4 -funroll-loops -pipe -fstack-protector"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.1/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O3 -mcpu=pentium4 -march=pentium4 -funroll-loops -pipe -fstack-protector"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs ccache sandbox"
GENTOO_MIRRORS="http://gentoo.oregonstate.edu http://distro.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/proj/portage/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/portage/overlay"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="X Xaw3d acpi arts avi berkdb cdr crypt cups dga dvd emacs encode fbcon foomaticdb gd gdbm gif gpm icc imlib jpeg kde leim libg++ libwww mad mbox mikmod mmx motif mpeg mpi ncurses nls nocd odbc oggvorbis opengl oss pam pcmcia pdflib perl png ppds python qt quicktime radeon readline samba sdl slang slp spell sse ssl svga tcpd tetex threads tiff truetype trusted usb x86 xml2 xosd xv zlib"