501826 – dev-java/java-service-wrapper-3.5.14-r1 terminates with buffer overflow

Bug 501826 - dev-java/java-service-wrapper-3.5.14-r1 terminates with buffer overflow

Summary: dev-java/java-service-wrapper-3.5.14-r1 terminates with buffer overflow

Status:	RESOLVED TEST-REQUEST

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Java (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Java team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-02-19 21:21 UTC by Michael Rowell
Modified:	2015-10-16 15:08 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Rowell 2014-02-19 21:21:39 UTC

Running dev-java/java-service-wrapper-3.5.14-r1 as part of the net-p2p/freenet runscript produces the following in /var/log/messages: 

*** buffer overflow detected ***: wrapper - terminated
wrapper: buffer overflow attack in function <unknown> - terminated

The process terminates and freenet does not run. Solution is to update to at least version 3.5.22 as per http://wrapper.tanukisoftware.com/doc/english/release-notes.html . 

However, no ebuild above 3.5.14-r1 exists in tree. I created a new ebuild for version 3.5.24 with updated as-needed patch, which compiles and runs correctly (no buffer overflow). I am not attaching at the moment as I am unsure what to do with the gentoo-wrapper-defaults patch (the function arguments have changed slightly from when the patch was written).

Comment 1 Patrice Clement gentoo-dev

2015-10-16 15:08:07 UTC

We now have java-service-wrapper 3.5.25 in the tree. Have another go at it and let us know.