Summary: | media-video/gpac-0.4.4: Segmentation faults on long filenames, gcc -O issue | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Sebastian <sebastian_ml> |
Component: | Current packages | Assignee: | Gentoo Media-video project <media-video> |
Status: | RESOLVED TEST-REQUEST | ||
Severity: | normal | CC: | avuton, coldwind, flameeyes, security |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | gpac-0.4.4-strip-O-see-bug-210865.diff |
Description
Sebastian
2008-02-20 11:39:31 UTC
Backtrace please... http://www.gentoo.org/proj/en/qa/backtraces.xml GNU gdb 6.7.1 Copyright (C) 2007 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu"... Using host libthread_db library "/lib/libthread_db.so.1". (gdb) set args -aviraw video /home/sk/The.Long.Filenames.Make.MP4Box.Crash.AKA.Segfault.blalfsd\ fsdfsd.avi (gdb) run Starting program: /usr/bin/MP4Box -aviraw video /home/sk/The.Long.Filenames.Make.MP4Box.Crash.AKA.Segfault.blalfsd\ fsdfsd.avi [Thread debugging using libthread_db enabled] [New Thread 0xb7bd16c0 (LWP 5607)] Extracting AVI mp3 audio AVI Extract: |=================== | (99/100) Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7bd16c0 (LWP 5607)] 0x00000000 in ?? () (gdb) set logging file backtrace.log (gdb) set logging on Copying output to backtrace.log. (gdb) bt #0 0x00000000 in ?? () #1 0x00000000 in ?? () (gdb) set logging off Done logging to backtrace.log. (gdb) quit The program is running. Exit anyway? (y or n) y Not really meaningful. I followed the guide, set CFLAGS="-O2 -march=athlon-xp -pipe -ggdb" and FEATURES="nostrip" and emerged glibc, zlib and gpac with USE=debug. I didn't emerge world like suggested in the guide as I don't have the time for that. Would that make a difference? MP4Box and libgpac only link to zlib and glibc. Smells like buffer overflow to me. Security team, can anybody take a look to this? I recompiled world and I still got nothing. But I found these in my syslog: MP4Box[5729]: segfault at 00000000 eip 00000000 esp bf8c0069 error 4 This should go to the auditing team but since they're not very active, could someone from security try to debug this one? Created attachment 159005 [details, diff]
gpac-0.4.4-strip-O-see-bug-210865.diff
Hi again,
long time no see. How about adding the workaround to the ebuild. Patch strips -O*. So for no one has come up with a better idea so why not?
Kind regards
Sebastian
(In reply to comment #2) > GNU gdb 6.7.1 > Copyright (C) 2007 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. Type "show copying" > and "show warranty" for details. > This GDB was configured as "i686-pc-linux-gnu"... > Using host libthread_db library "/lib/libthread_db.so.1". > (gdb) set args -aviraw video > /home/sk/The.Long.Filenames.Make.MP4Box.Crash.AKA.Segfault.blalfsd\ fsdfsd.avi > (gdb) run > Starting program: /usr/bin/MP4Box -aviraw video > /home/sk/The.Long.Filenames.Make.MP4Box.Crash.AKA.Segfault.blalfsd\ fsdfsd.avi > [Thread debugging using libthread_db enabled] > [New Thread 0xb7bd16c0 (LWP 5607)] > Extracting AVI mp3 audio > AVI Extract: |=================== | (99/100) > Program received signal SIGSEGV, Segmentation fault. > [Switching to Thread 0xb7bd16c0 (LWP 5607)] > 0x00000000 in ?? () > (gdb) set logging file backtrace.log > (gdb) set logging on > Copying output to backtrace.log. > (gdb) bt > #0 0x00000000 in ?? () > #1 0x00000000 in ?? () > (gdb) set logging off > Done logging to backtrace.log. > (gdb) quit > The program is running. Exit anyway? (y or n) y > > Not really meaningful. I followed the guide, set CFLAGS="-O2 -march=athlon-xp > -pipe -ggdb" and FEATURES="nostrip" and emerged glibc, zlib and gpac with > USE=debug. I didn't emerge world like suggested in the guide as I don't have > the time for that. Would that make a difference? MP4Box and libgpac only link > to zlib and glibc. > IIRC, -O2 includes -fomit-frame-pointer, which is definitely not what you want when debugging... Maybe "-02 -fno-omit-frame-pointer" could help, not sure how gcc parses the command-line. In any case, if you haven't reported this upstream, well, you should :) I definitely e-mailed the author about it but he didn't reply. Now I posted to their open forum: https://sourceforge.net/forum/message.php?msg_id=5077727 -O2 doesn't set -fomit-frame-pointer on x86 (only on arches where -fomit-frame-pointer doesn't interfere with debugging). Comment on attachment 159005 [details, diff]
gpac-0.4.4-strip-O-see-bug-210865.diff
This is bogus.
Need to identify the problem first.
If you can still reproduce with 0.4.5-r1, reopen with proper backtrace. http://www.gentoo.org/proj/en/qa/backtraces.xml |