904720 – sys-devel/distcc-3.4-r1: segfault (maybe due to hardened profile)

Bug 904720 - sys-devel/distcc-3.4-r1: segfault (maybe due to hardened profile)

Summary: sys-devel/distcc-3.4-r1: segfault (maybe due to hardened profile)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Cluster Team

URL:	https://github.com/distcc/distcc/comm...
Whiteboard:
Keywords:	PATCH

Depends on:
Blocks:

Reported:	2023-04-20 19:01 UTC by Louis Leseur
Modified:	2023-11-15 01:47 UTC (History)
CC List:	1 user (show)

See Also:	825566
Package list:
Runtime testing required:	---

Attachments
emerge info (file_904720.txt,20.49 KB, text/plain) 2023-04-20 19:01 UTC, Louis Leseur	Details
address sanitizer report (file_904720.txt,3.25 KB, text/plain) 2023-04-20 19:01 UTC, Louis Leseur	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Louis Leseur 2023-04-20 19:01:02 UTC

Created attachment 860451 [details]
emerge info

When I run distcc with "cc" or "gcc" as compiler, I get a segfault. This does not occur when using "aarch64-gentoo-linux-musl-gcc".

System configuration: gentoo musl hardened profile.
This problem does not occur on my laptop with non-hardened profile.


I recompiled with address sanitizer and found the issue comes from the `dcc_gcc_rewrite_fqn` function.
There is an upstream patch available. Unfortunately, the patch is from July 2021 and no release have been made since May 2021.

This bug prevents from using distcc when the compiler is "cc", "gcc", "c++, ...

Patch: https://github.com/distcc/distcc/commit/879b71d6e95673e58d33f6c3c341a893ee307161
Old issue asking for a new release: https://github.com/distcc/distcc/issues/450

Segfault:
$ DISTCC_VERBOSE=1 distcc cc -c -o /tmp/test.o /tmp/test.c
distcc[31117] (dcc_trace_version) distcc 3.4 aarch64-gentoo-linux-musl; built Apr 19 2023 03:39:54
distcc[31117] (dcc_recursion_safeguard) safeguard level=0
distcc[31117] (main) compiler name is "distcc"
distcc[31117] (dcc_scan_args) scanning arguments: cc -c -o /tmp/test.o /tmp/test.c
distcc[31117] (dcc_scan_args) found object/output file "/tmp/test.o"
distcc[31117] (dcc_scan_args) found input file "/tmp/test.c"
distcc[31117] compile from test.c to test.o
distcc[31117] (dcc_rewrite_generic_compiler) Rewriting 'cc' to 'gcc'
distcc[31117] (dcc_gcc_rewrite_fqn) Re-writing call to 'gcc' to 'aarch64-gentoo-linux-musl-gcc' to support cross-compilation.
Segmentation fault

Comment 1 Louis Leseur 2023-04-20 19:01:38 UTC

Created attachment 860452 [details]
address sanitizer report

Comment 2 Louis Leseur 2023-04-20 19:05:01 UTC

Maybe I should have selected the "Hardened" component rather than "Current packages" since it seems to only affect hardened profiles, but I'm not sure.

Comment 3 Larry the Git Cow gentoo-dev

2023-04-20 19:37:05 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=82469e1b6888efad9c7e08dec227694c9f1684c8

commit 82469e1b6888efad9c7e08dec227694c9f1684c8
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-04-20 19:21:39 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-04-20 19:36:50 +0000

    sys-devel/distcc: backport corruption fix
    
    Closes: https://bugs.gentoo.org/904720
    Signed-off-by: Sam James <sam@gentoo.org>

 sys-devel/distcc/distcc-3.4-r2.ebuild              | 182 +++++++++++++++++++++
 ...cc-3.4-fix-dcc_gcc_rewrite_fqn-corruption.patch |  65 ++++++++
 2 files changed, 247 insertions(+)