Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 264605 Details for
Bug 357203
mail-filter/procmail: is failing with a buffer overflow (on hardened?)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
strace of procmail
strace.txt (text/plain), 11.69 KB, created by
Alexander Wright
on 2011-03-03 19:03:42 UTC
(
hide
)
Description:
strace of procmail
Filename:
MIME Type:
Creator:
Alexander Wright
Created:
2011-03-03 19:03:42 UTC
Size:
11.69 KB
patch
obsolete
># strace /usr/bin/procmail <test.mbox >execve("/usr/bin/procmail", ["/usr/bin/procmail"], [/* 25 vars */]) = 0 >brk(0) = 0x615988 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd38ad000 >access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) >open("/etc/ld.so.cache", O_RDONLY) = 3 >fstat(3, {st_mode=S_IFREG|0644, st_size=72352, ...}) = 0 >mmap(NULL, 72352, PROT_READ, MAP_PRIVATE, 3, 0) = 0x3ebd389b000 >close(3) = 0 >open("/lib/libm.so.6", O_RDONLY) = 3 >read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200>\0\0\0\0\0\0"..., 832) = 832 >fstat(3, {st_mode=S_IFREG|0755, st_size=526288, ...}) = 0 >mmap(NULL, 2621576, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3ebd3411000 >mprotect(0x3ebd3491000, 2093056, PROT_NONE) = 0 >mmap(0x3ebd3690000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7f000) = 0x3ebd3690000 >close(3) = 0 >open("/usr/lib/libnet.so.1", O_RDONLY) = 3 >read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@=\0\0\0\0\0\0"..., 832) = 832 >fstat(3, {st_mode=S_IFREG|0755, st_size=99968, ...}) = 0 >mmap(NULL, 2204920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3ebd31f6000 >mprotect(0x3ebd320d000, 2097152, PROT_NONE) = 0 >mmap(0x3ebd340d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x3ebd340d000 >mmap(0x3ebd340f000, 5368, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ebd340f000 >close(3) = 0 >open("/lib/libnsl.so.1", O_RDONLY) = 3 >read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320@\0\0\0\0\0\0"..., 832) = 832 >fstat(3, {st_mode=S_IFREG|0755, st_size=87968, ...}) = 0 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd389a000 >mmap(NULL, 2193296, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3ebd2fde000 >mprotect(0x3ebd2ff3000, 2093056, PROT_NONE) = 0 >mmap(0x3ebd31f2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14000) = 0x3ebd31f2000 >mmap(0x3ebd31f4000, 6032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ebd31f4000 >close(3) = 0 >open("/lib/libdl.so.2", O_RDONLY) = 3 >read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\r\0\0\0\0\0\0"..., 832) = 832 >fstat(3, {st_mode=S_IFREG|0755, st_size=14320, ...}) = 0 >mmap(NULL, 2109600, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3ebd2dda000 >mprotect(0x3ebd2ddc000, 2097152, PROT_NONE) = 0 >mmap(0x3ebd2fdc000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x3ebd2fdc000 >close(3) = 0 >open("/lib/libc.so.6", O_RDONLY) = 3 >read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\355\1\0\0\0\0\0"..., 832) = 832 >fstat(3, {st_mode=S_IFREG|0755, st_size=1403944, ...}) = 0 >mmap(NULL, 3513064, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3ebd2a80000 >mprotect(0x3ebd2bd1000, 2093056, PROT_NONE) = 0 >mmap(0x3ebd2dd0000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x150000) = 0x3ebd2dd0000 >mmap(0x3ebd2dd5000, 19176, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ebd2dd5000 >close(3) = 0 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd3899000 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd3898000 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd3897000 >arch_prctl(ARCH_SET_FS, 0x3ebd3898700) = 0 >mprotect(0x3ebd2dd0000, 16384, PROT_READ) = 0 >mprotect(0x3ebd2fdc000, 4096, PROT_READ) = 0 >mprotect(0x3ebd31f2000, 4096, PROT_READ) = 0 >mprotect(0x3ebd340d000, 4096, PROT_READ) = 0 >mprotect(0x3ebd3690000, 4096, PROT_READ) = 0 >mprotect(0x614000, 4096, PROT_READ) = 0 >mprotect(0x3ebd38af000, 4096, PROT_READ) = 0 >munmap(0x3ebd389b000, 72352) = 0 >getpid() = 11517 >getegid() = 0 >geteuid() = 0 >getuid() = 0 >getgid() = 0 >brk(0) = 0x615988 >brk(0x636988) = 0x636988 >brk(0x637000) = 0x637000 >socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3 >connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) >close(3) = 0 >socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3 >connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) >close(3) = 0 >open("/etc/nsswitch.conf", O_RDONLY) = 3 >fstat(3, {st_mode=S_IFREG|0644, st_size=508, ...}) = 0 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd38ac000 >read(3, "# /etc/nsswitch.conf:\n# $Header:"..., 4096) = 508 >read(3, "", 4096) = 0 >close(3) = 0 >munmap(0x3ebd38ac000, 4096) = 0 >open("/etc/ld.so.cache", O_RDONLY) = 3 >fstat(3, {st_mode=S_IFREG|0644, st_size=72352, ...}) = 0 >mmap(NULL, 72352, PROT_READ, MAP_PRIVATE, 3, 0) = 0x3ebd389b000 >close(3) = 0 >open("/lib/libnss_compat.so.2", O_RDONLY) = 3 >read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \23\0\0\0\0\0\0"..., 832) = 832 >fstat(3, {st_mode=S_IFREG|0755, st_size=31064, ...}) = 0 >mmap(NULL, 2126800, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3ebd2878000 >mprotect(0x3ebd287f000, 2093056, PROT_NONE) = 0 >mmap(0x3ebd2a7e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x3ebd2a7e000 >close(3) = 0 >mprotect(0x3ebd2a7e000, 4096, PROT_READ) = 0 >munmap(0x3ebd389b000, 72352) = 0 >open("/etc/ld.so.cache", O_RDONLY) = 3 >fstat(3, {st_mode=S_IFREG|0644, st_size=72352, ...}) = 0 >mmap(NULL, 72352, PROT_READ, MAP_PRIVATE, 3, 0) = 0x3ebd389b000 >close(3) = 0 >open("/lib/libnss_nis.so.2", O_RDONLY) = 3 >read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200 \0\0\0\0\0\0"..., 832) = 832 >fstat(3, {st_mode=S_IFREG|0755, st_size=42936, ...}) = 0 >mmap(NULL, 2138968, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3ebd266d000 >mprotect(0x3ebd2677000, 2093056, PROT_NONE) = 0 >mmap(0x3ebd2876000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9000) = 0x3ebd2876000 >close(3) = 0 >open("/lib/libnss_files.so.2", O_RDONLY) = 3 >read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p!\0\0\0\0\0\0"..., 832) = 832 >fstat(3, {st_mode=S_IFREG|0755, st_size=51104, ...}) = 0 >mmap(NULL, 2147408, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3ebd2460000 >mprotect(0x3ebd246b000, 2097152, PROT_NONE) = 0 >mmap(0x3ebd266b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x3ebd266b000 >close(3) = 0 >mprotect(0x3ebd266b000, 4096, PROT_READ) = 0 >mprotect(0x3ebd2876000, 4096, PROT_READ) = 0 >munmap(0x3ebd389b000, 72352) = 0 >open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3 >fcntl(3, F_GETFD) = 0x1 (flags FD_CLOEXEC) >lseek(3, 0, SEEK_CUR) = 0 >fstat(3, {st_mode=S_IFREG|0644, st_size=3213, ...}) = 0 >mmap(NULL, 3213, PROT_READ, MAP_SHARED, 3, 0) = 0x3ebd38ac000 >lseek(3, 3213, SEEK_SET) = 3213 >munmap(0x3ebd38ac000, 3213) = 0 >close(3) = 0 >umask(077) = 022 >dup(1) = 3 >close(1) = 0 >close(1) = -1 EBADF (Bad file descriptor) >open("/dev/null", O_WRONLY|O_CREAT|O_APPEND, 0667) = 1 >rt_sigaction(SIGXCPU, {SIG_IGN, [XCPU], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, {SIG_DFL, [], 0}, 8) = 0 >rt_sigaction(SIGXFSZ, {SIG_IGN, [XFSZ], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, {SIG_DFL, [], 0}, 8) = 0 >rt_sigaction(SIGUSR2, {0x40d880, [USR2], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, {SIG_DFL, [], 0}, 8) = 0 >rt_sigaction(SIGUSR2, {0x409140, [USR2], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, {0x40d880, [USR2], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, 8) = 0 >rt_sigaction(SIGUSR1, {0x40d880, [USR1], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, {SIG_DFL, [], 0}, 8) = 0 >rt_sigaction(SIGUSR1, {0x409160, [USR1], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, {0x40d880, [USR1], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, 8) = 0 >rt_sigaction(SIGCHLD, {SIG_DFL, [CHLD], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, {SIG_DFL, [], 0}, 8) = 0 >rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x3ebd2ab21e0}, {SIG_DFL, [], 0}, 8) = 0 >open("/etc/resolv.conf", O_RDONLY) = 4 >fstat(4, {st_mode=S_IFREG|0644, st_size=105, ...}) = 0 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd38ac000 >read(4, "# Generated by resolvconf\noption"..., 4096) = 105 >read(4, "", 4096) = 0 >close(4) = 0 >munmap(0x3ebd38ac000, 4096) = 0 >time([1299178156]) = 1299178156 >stat("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=105, ...}) = 0 >open("/etc/resolv.conf", O_RDONLY) = 4 >fstat(4, {st_mode=S_IFREG|0644, st_size=105, ...}) = 0 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd38ac000 >read(4, "# Generated by resolvconf\noption"..., 4096) = 105 >read(4, "", 4096) = 0 >close(4) = 0 >munmap(0x3ebd38ac000, 4096) = 0 >socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4 >connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) >close(4) = 0 >socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4 >connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) >close(4) = 0 >open("/etc/host.conf", O_RDONLY) = 4 >fstat(4, {st_mode=S_IFREG|0644, st_size=936, ...}) = 0 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd38ac000 >read(4, "# /etc/host.conf:\n# $Header: /va"..., 4096) = 936 >read(4, "", 4096) = 0 >close(4) = 0 >munmap(0x3ebd38ac000, 4096) = 0 >open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 4 >fcntl(4, F_GETFD) = 0x1 (flags FD_CLOEXEC) >fstat(4, {st_mode=S_IFREG|0644, st_size=623, ...}) = 0 >mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3ebd38ac000 >read(4, "# /etc/hosts: This file describ"..., 4096) = 623 >close(4) = 0 >munmap(0x3ebd38ac000, 4096) = 0 >socket(PF_FILE, SOCK_DGRAM, 0) = 4 >connect(4, {sa_family=AF_FILE, path="/dev/log"}, 110) = -1 EPROTOTYPE (Protocol wrong type for socket) >close(4) = 0 >socket(PF_FILE, SOCK_STREAM, 0) = 4 >connect(4, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0 >write(2, "*** buffer overflow detected ***"..., 56*** buffer overflow detected ***: procmail - terminated >) = 56 >write(4, "*** buffer overflow detected ***"..., 56) = 56 >write(2, "procmail: buffer overflow attack"..., 68procmail: buffer overflow attack in function <unknown> - terminated >) = 68 >write(4, "procmail: buffer overflow attack"..., 68) = 68 >write(2, "Report to http://bugs.gentoo.org"..., 35Report to http://bugs.gentoo.org/ >) = 35 >write(4, "Report to http://bugs.gentoo.org"..., 35) = 35 >close(4) = 0 >getpid() = 11517 >kill(11517, SIGKILL <unfinished ...> >+++ killed by SIGKILL +++ >Killed >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=264605">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 357203
:
264575
| 264605
