Bug 279536

Summary:	sys-boot/grub-0.97 segfaults with >=sys-devel/gcc-4.1 SSP
Product:	Gentoo Linux	Reporter:	Magnus Granberg <zorry>
Component:	Hardened	Assignee:	Gentoo's Team for Core System packages <base-system>
Status:	RESOLVED FIXED
Severity:	normal	CC:	hardened, netbox253
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://hardened.gentooexperimental.org/trac/secure/ticket/20
Whiteboard:
Package list:		Runtime testing required:	---
Attachments:	emerge --info Fix the segfault on grub with gcc > 4.* and SSP Isolates where the problem occurs Use va_list, va_start, va_arg instead of dataptr++ for variadic functions

Description Magnus Granberg gentoo-dev

2009-07-29 00:24:54 UTC

Grub segmentation fault when run from command line with SSP enable on gcc > 4.1.
* *** IMPORTANT NOTE: you must run grub and install
 * the new version's stage1 to your MBR.  Until you do,
 * stage1 and stage2 will still be the old version, but
 * later stages will be the new version, which could
 * cause problems such as an unbootable system.
 * This means you must use either grub-install or perform
 * root/setup manually! For more help, see the handbook:
 * http://www.gentoo.org/doc/en/handbook/handbook-amd64.xml?part=1&chap=10#grub-install-auto
 * Copying files from /lib/grub, /usr/lib/grub and /usr/share/grub to //boot/grub
/var/tmp/portage/sys-boot/grub-0.97-r9/temp/environment: line 3871: 31151 Exit 1                  egrep -v '^[[:space:]]*(#|$|default|fallback|initrd|password|splashimage|timeout|title)' "${grub_config}"
     31152 Segmentation fault      | /sbin/grub --batch --device-map="${dir}"/device.map > /dev/null
 * Grub has been installed to //boot successfully.
 *
 * To interactively install grub files to another device such as a USB
 * stick, just run the following and specify the directory as prompted:
 *    emerge --config =grub-0.97-r9
 * Alternately, you can export GRUB_ALT_INSTALLDIR=/path/to/use to tell
 * grub where to install in a non-interactive way.
>>> Auto-cleaning packages...

>>> No outdated packages were found on your system.

 * Regenerating GNU info directory index...
 * Processed 92 info files.
jasmin / #
asmin / # grub
Segmentation fault
jasmin / #

Comment 1 Magnus Granberg gentoo-dev

2009-07-29 00:25:51 UTC

Created attachment 199500 [details]
emerge --info

Comment 2 Magnus Granberg gentoo-dev

2009-07-29 00:26:52 UTC

The patch is on the URL ticket.

Comment 3 Gordon Malm (RETIRED) gentoo-dev

2009-08-08 11:05:34 UTC

Magnus, thank you for filing this bug.  Please attach the patch here too.  In the future should inline emerge --info rather than attach it.

Comment 4 Magnus Granberg gentoo-dev

2009-08-08 12:15:54 UTC

Created attachment 200565 [details, diff]
Fix the segfault on grub with gcc > 4.* and SSP

Comment 5 Magnus Granberg gentoo-dev

2010-02-11 23:42:12 UTC

Is that patch okey?

Comment 6 Anthony Basile gentoo-dev

2010-02-14 03:03:23 UTC

Created attachment 219567 [details]
Isolates where the problem occurs

The problem occurs in the grub_printf function between lines 179 to 214 in char_io.c.  The attachment works as expected on non-hardened systems but fails on hardened with a seg fault.

Comment 7 Anthony Basile gentoo-dev

2010-02-14 15:41:06 UTC

Created attachment 219645 [details, diff]
Use va_list, va_start, va_arg instead of dataptr++ for variadic functions

The above patch removes all instances of dataptr in favor of va_list, va_start, va_arg.  (Thank you klondike.)  You have to make sure that stdarg.h is in the include path when compiling, so use something like -I/usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.3/include.  It fixes the seg fault.

Comment 8 SpanKY gentoo-dev

2010-02-14 16:16:37 UTC

that looks much saner ... thanks for looking into it guys

ive queued the patch in the grub dir, but i'm not going to push out -r10 because there is a patch (300_all_grub-0.97-pie-safety.patch) that needs addressing first in bug 139277

Comment 9 Fab 2010-07-23 08:50:58 UTC

-r10 was stabilized today, and grub segfaults in the same way. But this bug is marked as fixed ?

Comment 10 El Goretto 2010-07-23 13:05:26 UTC

+1 with netfab 
This bug need to be reopened for 0.97-r10 version.

Comment 11 Magnus Granberg gentoo-dev

2010-07-23 13:33:06 UTC

(In reply to comment #10)
> +1 with netfab 
> This bug need to be reopened for 0.97-r10 version.
> 
This bug is about -fstack-protector(-all) thats in newer >=gcc-4.1, that we enable in newer >=gcc-4.4.3-r3 in the hardenede profile so it don't have any thing to do with that error. For i can't get -r10 to segfault that way in the hardened profile. The sefault look the same but is not the same error.
netfab is on default profile and have gcc-4.4.3-r2, He do not hit this error with -fstack-protector(-all). Will have this bug as fixed.