550566 – net-analyzer/sarg fails glibc hardened check - buffer overflow detected

Bug 550566 - net-analyzer/sarg fails glibc hardened check - buffer overflow detected

Summary: net-analyzer/sarg fails glibc hardened check - buffer overflow detected

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Hardened (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	The Gentoo Linux Hardened Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-05-27 14:50 UTC by Todd Walter
Modified:	2015-07-04 14:39 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
emerge --info (t6wall_emerge_info.txt,6.03 KB, text/plain) 2015-05-27 14:50 UTC, Todd Walter	Details
strace of command (strace_sarg.txt,17.45 KB, text/plain) 2015-05-27 17:02 UTC, Todd Walter	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Todd Walter 2015-05-27 14:50:25 UTC

Created attachment 404096 [details]
emerge --info

dmesg:
May 27 10:39:50 [glibc-gentoo-hardened-check] *** buffer overflow detected ***: sarg terminated; report to <http://bugs.gentoo.org/>_

command line as issued:
t6wall ~ # sarg -d 15/05/2015-30/05/2015 -g -e -n -o /var/www/localhost/htdocs/squid-rports/
*** buffer overflow detected ***: sarg terminated; report to <http://bugs.gentoo.org/>
Killed

Comment 1 Todd Walter 2015-05-27 14:51:29 UTC

Sarg 2.3.8 with use gd, ldap, pcre enabled.

Comment 2 Todd Walter 2015-05-27 17:02:39 UTC

Created attachment 404100 [details]
strace of command

Comment 3 Mike Gilbert gentoo-dev

2015-05-29 01:50:26 UTC

Please rebuild with debug symbols enabled (-ggdb) and obtain a backtrace.

https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces

Comment 4 Todd Walter 2015-06-01 15:54:22 UTC

GNU gdb (Gentoo 7.7.1 p1) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://bugs.gentoo.org/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from sarg...(no debugging symbols found)...done.
(gdb) r  -d 15/05/2015-30/05/2015 -g -e -n -o /var/www/localhost/htdocs/squid-reports/
Starting program: /usr/bin/sarg -d 15/05/2015-30/05/2015 -g -e -n -o /var/www/localhost/htdocs/squid-reports/
warning: Cannot call inferior functions, Linux kernel PaX protection forbids return to non-executable pages!
*** buffer overflow detected ***: sarg terminated; report to <http://bugs.gentoo.org/>

Program terminated with signal SIGKILL, Killed.
The program no longer exists.
(gdb) bt
No stack.
(gdb)

Comment 5 Todd Walter 2015-06-01 15:56:49 UTC

PaX control v0.9
Copyright 2004,2005,2006,2007,2009,2010,2011,2012,2014 PaX Team <pageexec@freemail.hu>

- PaX flags: -p-s-m-x-e-- [/usr/bin/sarg]
        PAGEEXEC is disabled
        SEGMEXEC is disabled
        MPROTECT is disabled
        RANDEXEC is disabled
        EMUTRAMP is disabled

Comment 6 Todd Walter 2015-06-25 14:51:49 UTC

This bug was against 2.3.8.  I unmasked and emerged 2.3.10 and it executes successfully.

Comment 7 Magnus Granberg gentoo-dev

2015-07-04 14:39:55 UTC

I see this as fixed in newer version.
buffer overflow detected is a fortify sources check and that applay to
default gentoo to.