Summary: | app-backup/bacula + gcc-4.3.3 - reports a false buffer overflow in glibc in cause of builded with FORTIFY_SOURCE on | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Martin <mrbscreen> |
Component: | Current packages | Assignee: | Wolfram Schlich (RETIRED) <wschlich> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | app-backup, asl, domen, mschiff, nabeken, nuitari, orzel, sghebuz, stsander |
Priority: | High | ||
Version: | 2008.0 | ||
Hardware: | AMD64 | ||
OS: | Linux | ||
URL: | http://bugs.bacula.org/view.php?id=1220 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 259417 | ||
Attachments: | adds -U_FORTIFY_SOURCE to CFLAGS |
Description
Martin
2009-01-30 23:04:36 UTC
i confirm this bug here... gcc (Gentoo 4.3.3 p1.0, pie-10.1.5) 4.3.3 starting bacula-fd gives. *** buffer overflow detected ***: /usr/sbin/bacula-fd terminated ======= Backtrace: ========= /lib/libc.so.6(__fortify_fail+0x37)[0x7f573b72e127] /lib/libc.so.6[0x7f573b72bf00] /usr/sbin/bacula-fd[0x43cca3] ........... 7f573c72c000-7f573c733000 r-xp 00000000 08:01 341219 /lib64/libwrap.so.0.7.6 7f573c733000-7f573c833000 ---p 00007000 08:01 341219 /lib64/libwrap31-Jan 13:34 bacula-fd: Fatal Error because: Bacula interrupted by signal 6: IOT trap Kaboom! bacula-fd, bacula-fd got signal 6 - IOT trap. Attempting traceback. Kaboom! exepath=/usr/sbin/ Calling: /usr/sbin/btraceback /usr/sbin/bacula-fd 6447 /usr/sbin/btraceback: line 22: /usr/sbin/bsmtp: No such file or directory cat: write error: Broken pipe Traceback complete, attempting cleanup ... Segmentation fault (core dumped) Hi, I added -D_FORTIFY_SOURCE=0 to the CFLAGS and compiled it and it no longer dumps but I've never used bacula before so I'm not really sure if it's running. Webmin says it looks ok though. (In reply to comment #2) Hi, I can confirm if bacula is build with: CFLAGS="-D_FORTIFY_SOURCE=0 ${CFLAGS}" emerge -v1 bacula Bacula runs well. Best Regards Martin Just a "me too" message, having same issue, solution also -U_FORTIFY_SOURCE or -D_FORTIFY_SOURCE=0 In this particular instance, it's the glibc implementation that is buggy, so the correct fix indeed is to add -U_FORTIFY_SOURCE to CFLAGS. per http://sourceforge.net/project/shownotes.php?release_id=651582 , it looks like upstream graciously have worked around this issue in the development version. -U_FORTIFY_SOURCE fixed this for me too - thanks! i had the same problem, CFLAGS="-D_FORTIFY_SOURCE=0 ${CFLAGS}" emerge -v1 bacula fixed it too... shouldn't that be somewhere in the ebuild ? Thx anyway. Got the same problem 6 months after it was reported, maybe it should be in the ebuild? Working on 3.0.2 which should incorporate the fix included in 2.5.28-b1... Should be fixed in 3.0.2. Hello. Perhaps the fix should be incorporated in the 2.x release as well. For example, in my setup I have to stick with 2.x versions because one other distro doesn't have bacula 3.x available, and I can't mix versions because they don't talk to each other. Anyway, I fixed in my system by adding -U_FORTIFY_SOURCE to my CFLAGS, but I still think this is more of a workaround, as this option will be passed along to all ebuilds, and not only bacula. Created attachment 209343 [details, diff]
adds -U_FORTIFY_SOURCE to CFLAGS
Simple patch that adds "-U_FORTIFY_SOURCE" to the CFLAGS of bacula-2.4.4 - should be the same for the other versions.
*** Bug 295246 has been marked as a duplicate of this bug. *** While this has been fixed in 2.4.4, this has not been fixed in the ebuild for 2.4.1(-r1 in portage) As this is marked stable I would expect this fix to be backported. Not fixed in 2.4.4, amd64 platform. same thing here, thanks for reporting the fix |