Summary: | mail-client/thunderbird-3.1_rc2-r1 buffer overflow w/ gcc-4.5 and -U_FORTIFY_SOURCE=2 | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Samuli Suominen (RETIRED) <ssuominen> |
Component: | Current packages | Assignee: | Mozilla Gentoo Team <mozilla> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | david+gentoo.org, truedfx |
Priority: | High | Keywords: | REGRESSION |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.mozilla.org/show_bug.cgi?id=583582 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 296658 | ||
Attachments: |
hunspell-buffer.patch
hunspell-buffer.patch hunspell-buffer.patch |
Description
Samuli Suominen (RETIRED)
2010-06-20 18:57:30 UTC
Portage 2.2_rc67 (default/linux/amd64/10.0/desktop, gcc-4.5.0-asneeded, glibc-2.11.2-r0, 2.6.34 x86_64) ================================================================= System uname: Linux-2.6.34-x86_64-Intel-R-_Core-TM-2_Quad_CPU_Q8200_@_2.33GHz-with-gentoo-2.0.1 Timestamp of tree: Unknown app-shells/bash: 4.1_p7 dev-java/java-config: 2.1.11 dev-lang/python: 2.6.5-r2 dev-util/cmake: 2.8.1-r2 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.6.1-r1 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.65-r1 sys-devel/automake: 1.4_p6-r1, 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20.1-r1 sys-devel/gcc: 4.5.0 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.10 virtual/os-headers: 2.6.34 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=core2 -msse4.1 -O2 -pipe -Wimplicit-function-declaration" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=core2 -msse4.1 -O2 -pipe" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps=y" FEATURES="assume-digests collision-protect cvs distlocks fixpackages multilib-strict news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu" LINGUAS="en" MAKEOPTS="-j9" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/home/ssuominen/gentoo-x86" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" I have the same problem. Also gcc 4.5.0 *** buffer overflow detected ***: /usr/lib64/mozilla-thunderbird/thunderbird-bin terminated ======= Backtrace: ========= /lib/libc.so.6(__fortify_fail+0x37)[0x7fb804ee9a17] /lib/libc.so.6(+0xe4830)[0x7fb804ee7830] /usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x1dfc7)[0x7fb7fd3a7fc7] /usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x1e651)[0x7fb7fd3a8651] /usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x1e7af)[0x7fb7fd3a87af] /usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x1e9f9)[0x7fb7fd3a89f9] /usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0xf4a6)[0x7fb7fd3994a6] /usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0x727b)[0x7fb7fd39127b] /usr/lib64/mozilla-thunderbird/components/libcomposer.so(+0xd744)[0x7fb7e54f6744] /usr/lib64/mozilla-thunderbird/components/libcomposer.so(+0xe375)[0x7fb7e54f7375] /usr/lib64/mozilla-thunderbird/components/libspellchecker.so(+0xb50f)[0x7fb7fd39550f] /usr/lib64/mozilla-thunderbird/components/libgklayout.so(+0x582c85)[0x7fb7f4ed4c85] /usr/lib64/mozilla-thunderbird/libxpcom_core.so(NS_InvokeByIndex_P+0x249)[0x7fb8051d7c41] /usr/lib64/mozilla-thunderbird/components/libxpconnect.so(+0x416c0)[0x7fb7fb50f6c0] /usr/lib64/mozilla-thunderbird/components/libxpconnect.so(+0x475b7)[0x7fb7fb5155b7] /usr/lib64/mozilla-thunderbird/libmozjs.so(js_Invoke+0x43e)[0x7fb8047085de] /usr/lib64/mozilla-thunderbird/libmozjs.so(+0x68ed0)[0x7fb8046faed0] /usr/lib64/mozilla-thunderbird/libmozjs.so(js_Invoke+0x935)[0x7fb804708ad5] /usr/lib64/mozilla-thunderbird/libmozjs.so(+0x771d6)[0x7fb8047091d6] /usr/lib64/mozilla-thunderbird/libmozjs.so(+0x877a8)[0x7fb8047197a8] /usr/lib64/mozilla-thunderbird/libmozjs.so(+0x87fe3)[0x7fb804719fe3] /usr/lib64/mozilla-thunderbird/libmozjs.so(+0x68130)[0x7fb8046fa130] /usr/lib64/mozilla-thunderbird/libmozjs.so(js_Invoke+0x935)[0x7fb804708ad5] /usr/lib64/mozilla-thunderbird/libmozjs.so(+0x7708c)[0x7fb80470908c] /usr/lib64/mozilla-thunderbird/libmozjs.so(JS_CallFunctionValue+0x1a)[0x7fb8046b41fa] /usr/lib64/mozilla-thunderbird/components/libgklayout.so(+0x51bcf2)[0x7fb7f4e6dcf2] /usr/lib64/mozilla-thunderbird/components/libgklayout.so(+0x52e217)[0x7fb7f4e80217] /usr/lib64/mozilla-thunderbird/components/libgklayout.so(+0x52e4ba)[0x7fb7f4e804ba] /usr/lib64/mozilla-thunderbird/libxpcom_core.so(+0x6da0b)[0x7fb8051cfa0b] /usr/lib64/mozilla-thunderbird/libxpcom_core.so(+0x6dbbe)[0x7fb8051cfbbe] /usr/lib64/mozilla-thunderbird/libxpcom_core.so(+0x6b53a)[0x7fb8051cd53a] /usr/lib64/mozilla-thunderbird/libxpcom_core.so(_Z21NS_ProcessNextEvent_PP9nsIThreadi+0x2b)[0x7fb8051a218b] /usr/lib64/mozilla-thunderbird/components/libwidget_gtk2.so(+0x429e1)[0x7fb7fa29a9e1] /usr/lib64/mozilla-thunderbird/components/libtoolkitcomps.so(+0x8bea)[0x7fb7f8984bea] /usr/lib64/mozilla-thunderbird/libxul.so(XRE_main+0x2c6d)[0x7fb80543d60b] /usr/lib64/mozilla-thunderbird/thunderbird-bin[0x401bc0] /lib/libc.so.6(__libc_start_main+0xfd)[0x7fb804e21b6d] /usr/lib64/mozilla-thunderbird/thunderbird-bin[0x401989] ======= Memory map: ======== 00400000-0040d000 r-xp 00000000 08:01 963253 /usr/lib64/mozilla-thunderbird/thunderbird-bin 0060c000-0060d000 r--p 0000c000 08:01 963253 /usr/lib64/mozilla-thunderbird/thunderbird-bin 0060d000-0060e000 rw-p 0000d000 08:01 963253 /usr/lib64/mozilla-thunderbird/thunderbird-bin 0060e000-0060f000 rw-p 00000000 00:00 0 7fb7e5300000-7fb7e5400000 rw-p 00000000 00:00 0 7fb7e54e9000-7fb7e54fd000 r-xp 00000000 08:01 1161896 /usr/lib64/mozilla-thunderbird/components/libcomposer.so 7fb7e54fd000-7fb7e56fd000 ---p 00014000 08:01 1161896 /usr/lib64/mozilla-thunderbird/components/libcomposer.so 7fb7e56fd000-7fb7e56ff000 r--p 00014000 08:01 1161896 /usr/lib64/mozilla-thunderbird/components/libcomposer.so 7fb7e56ff000-7fb7e5700000 rw-p 00016000 08:01 1161896 /usr/lib64/mozilla-thunderbird/components/libcomposer.so 7fb7e5700000-7fb7e5800000 rw-p 00000000 00:00 0 7fb7e58ff000-7fb7e5900000 ---p 00000000 00:00 0 7fb7e5900000-7fb7e6200000 rw-p 00000000 00:00 0 7fb7e6300000-7fb7e6400000 rw-p 00000000 00:00 0 7fb7e64d1000-7fb7e64fe000 r-xp 00000000 08:01 1161995 /usr/lib64/mozilla-thunderbird/components/libgkplugin.so 7fb7e64fe000-7fb7e66fd000 ---p 0002d000 08:01 1161995 /usr/lib64/mozilla-thunderbird/components/libgkplugin.so 7fb7e66fd000-7fb7e66ff000 r--p 0002c000 08:01 1161995 /usr/lib64/mozilla-thunderbird/components/libgkplugin.so 7fb7e66ff000-7fb7e6700000 rw-p 0002e000 08:01 1161995 /usr/lib64/mozilla-thunderbird/components/libgkplugin.so 7fb7e6700000-7fb7e6800000 rw-p 00000000 00:00 0 7fb7e6900000-7fb7e6a00000 rw-p 00000000 00:00 0 7fb7e6b00000-7fb7e6c00000 rw-p 00000000 00:00 0 7fb7e6cfe000-7fb7e6cff000 ---p 00000000 00:00 0 7fb7e6cff000-7fb7e74ff000 rw-p 00000000 00:00 0 7fb7e74ff000-7fb7e7500000 ---p 00000000 00:00 0 7fb7e7500000-7fb7e7e00000 rw-p 00000000 00:00 0 7fb7e7f00000-7fb7e8000000 rw-p 00000000 00:00 0 7fb7e80cd000-7fb7e80ce000 ---p 00000000 00:00 0 7fb7e80ce000-7fb7e88ce000 rw-p 00000000 00:00 0 7fb7e88ce000-7fb7e88cf000 ---p 00000000 00:00 0 7fb7e88cf000-7fb7e90cf000 rw-p 00000000 00:00 0 7fb7e90cf000-7fb7e90d4000 r-xp 00000000 08:01 1224596 /lib64/libnss_dns-2.11.2.so 7fb7e90d4000-7fb7e92d3000 ---p 00005000 08:01 1224596 /lib64/libnss_dns-2.11.2.so 7fb7e92d3000-7fb7e92d4000 r--p 00004000 08:01 1224596 /lib64/libnss_dns-2.11.2.so 7fb7e92d4000-7fb7e92d5000 rw-p 00005000 08:01 1224596 /lib64/libnss_dns-2.11.2.so 7fb7e92d5000-7fb7e92d6000 ---p 00000000 00:00 0 7fb7e92d6000-7fb7e9ad6000 rw-p 00000000 00:00 0 7fb7e9ad6000-7fb7e9ada000 r-xp 00000000 08:01 1162001 /usr/lib64/mozilla-thunderbird/components/libunixproxy.so 7fb7e9ada000-7fb7e9cd9000 ---p 00004000 08:01 1162001 /usr/lib64/mozilla-thunderbird/components/libunixproxy.so 7fb7e9cd9000-7fb7e9cda000 r--p 00003000 08:01 1162001 /usr/lib64/mozilla-thunderbird/components/libunixproxy.so 7fb7e9cda000-7fb7e9cdb000 rw-p 00004000 08:01 1162001 /usr/lib64/mozilla-thunderbird/components/libunixproxy.so 7fb7e9cdb000-7fb7e9cfe000 r-xp 00000000 08:01 1162528 /usr/lib64/mozilla-thunderbird/components/libmailcomps.so 7fb7e9cfe000-7fb7e9efe000 ---p 00023000 08:01 1162528 /usr/lib64/mozilla-thunderbird/components/libmailcomps.so 7fb7e9efe000-7fb7e9eff000 r--p 00023000 08:01 1162528 /usr/lib64/mozilla-thunderbird/components/libmailcomps.so 7fb7e9eff000-7fb7e9f00000 rw-p 00024000 08:01 1162528 /usr/lib64/mozilla-thunderbird/components/libmailcomps.so 7fb7e9f00000-7fb7ea000000 rw-p 00000000 00:00 0 7fb7ea100000-7fb7ea200000 rw-p 00000000 00:00 0 7fb7ea300000-7fb7ea400000 rw-p 00000000 00:00 0 7fb7ea500000-7fb7ea600000 rw-p 00000000 00:00 0 7fb7ea700000-7fb7ea800000 rw-p 00000000 00:00 0 7fb7ea85b000-7fb7ea85d000 r-xp 00000000 08:01 870969 /usr/lib64/libXinerama.so.1.0.0 7fb7ea85d000-7fb7eaa5c000 ---p 00002000 08:01 870969 /usr/lib64/libXinerama.so.1.0.0 7fb7eaa5c000-7fb7eaa5d000 r--p 00001000 08:01 870969 /usr/lib64/libXinerama.so.1.0.0 7fb7eaa5d000-7fb7eaa5e000 rw-p 00002000 08:01 870969 /usr/lib64/libXinerama.so.1.0.0 7fb7eaa5e000-7fb7eaa65000 r-xp 00000000 08:01 1161853 /usr/lib64/mozilla-thunderbird/components/libmsgsmime.so 7fb7eaa65000-7fb7eac64000 ---p 00007000 08:01 1161853 /usr/lib64/mozilla-thunderbird/components/libmsgsmime.so 7fb7eac64000-7fb7eac65000 r--p 00006000 08:01 1161853 /usr/lib64/mozilla-thunderbird/components/libmsgsmime.so 7fb7eac65000-7fb7eac66000 rw-p 00007000 08:01 1161853 /usr/lib64/mozilla-thunderbird/components/libmsgsmime.so 7fb7eac66000-7fb7eacd3000 r-xp 00000000 08:01 869710 /usr/lib64/libnssckbi.so.12 7fb7eacd3000-7fb7eaed3000 ---p 0006d000 08:01 869710 /usr/lib64/libnssckbi.so.12 7fb7eaed3000-7fb7eaee4000 r--p 0006d000 08:01 869710 /usr/lib64/libnssckbi.so.12 7fb7eaee4000-7fb7eaeee000 rw-p 0007e000 08:01 869710 /usr/lib64/libnssckbi.so.12 7fb7eaeee000-7fb7eaf50000 r-xp 00000000 08:01 869691 /usr/lib64/libfreebl3.so.12 7fb7eaf50000-7fb7eb150000 ---p 00062000 08:01 869691 /usr/lib64/libfreebl3.so.12 7fb7eb150000-7fb7eb151000 r--p 00062000 08:01 869691 /usr/lib64/libfreebl3.so.12 7fb7eb151000-7fb7eb152000 rw-p 00063000 08:01 869691 /usr/lib64/libfreebl3.so.12 7fb7eb152000-7fb7eb156000 rw-p 00000000 00:00 0 7fb7eb156000-7fb7eb17e000 r-xp 00000000 08:01 869390 /usr/lib64/libnssdbm3.so.12 7fb7eb17e000-7fb7eb37e000 ---p 00028000 08:01 869390 /usr/lib64/libnssdbm3.so.12 7fb7eb37e000-7fb7eb37f000 r--p 00028000 08:01 869390 /usr/lib64/libnssdbm3.so.12 7fb7eb37f000-7fb7eb380000 rw-p 00029000 08:01 869390 /usr/lib64/libnssdbm3.so.12 7fb7eb380000-7fb7eb3be000 r-xp 00000000 08:01 869403 /usr/lib64/libsoftokn3.so.12 7fb7eb3be000-7fb7eb5bd000 ---p 0003e000 08:01 869403 /usr/lib64/libsoftokn3.so.12 7fb7eb5bd000-7fb7eb5bf000 r--p 0003d000 08:01 869403 /usr/lib64/libsoftokn3.so.12 7fb7eb5bf000-7fb7eb5c0000 rw-p 0003f000 08:01 869403 /usr/lib64/libsoftokn3.so.12 7fb7eb5c0000-7fb7eb5db000 r-xp 00000000 08:01 869707 /usr/lib64/libnssutil3.so.12 7fb7eb5db000-7fb7eb7da000 ---p 0001b000 08:01 869707 /usr/lib64/libnssutil3.so.12 7fb7eb7da000-7fb7eb7df000 r--p 0001a000 08:01 869707 /usr/lib64/libnssutil3.so.12 7fb7eb7df000-7fb7eb7e0000 rw-p 0001f000 08:01 869707 /usr/lib64/libnssutil3.so.12 7fb7eb7e0000-7fb7eb90c000 r-xp 00000000 08:01 869708 /usr/lib64/libnss3.so.12 7fb7eb90c000-7fb7ebb0b000 ---p 0012c000 08:01 869708 /usr/lib64/libnss3.so.12 7fb7ebb0b000-7fb7ebb10000 r--p 0012b000 08:01 869708 /usr/lib64/libnss3.so.12 7fb7ebb10000-7fb7ebb12000 rw-p 00130000 08:01 869708 /usr/lib64/libnss3.so.12 7fb7ebb12000-7fb7ebb14000 rw-p 00000000 00:00 0 7fb7ebb14000-7fb7ebb3e000 r-xp 00000000 08:01 869701 /usr/lib64/libsmime3.so.12 7fb7ebb3e000-7fb7ebd3e000 ---p 0002a000 08:01 869701 /usr/lib64/libsmime3.so.12 7fb7ebd3e000-7fb7ebd41000 r--p 0002a000 08:01 869701 /usr/lib64/libsmime3.so.12 7fb7ebd41000-7fb7ebd42000 rw-p 0002d000 08:01 869701 /usr/lib64/libsmime3.so.12 7fb7ebd42000-7fb7ebd78000 r-xp 00000000 08:01 869694 /usr/lib64/libssl3.so.12 7fb7ebd78000-7fb7ebf78000 ---p 00036000 08:01 869694 /usr/lib64/libssl3.so.12 7fb7ebf78000-7fb7ebf7a000 r--p 00036000 08:01 869694 /usr/lib64/libssl3.so.12 7fb7ebf7a000-7fb7ebf7b000 rw-p 00038000 08:01 869694 /usr/lib64/libssl3.so.12/usr/lib64/mozilla-thunderbird/run-mozilla.sh: line 131: 30129 Aborted "$prog" ${1+"$@"} Portage 2.1.8.3 (default/linux/amd64/10.0/desktop, gcc-4.5.0, glibc-2.11.2-r0, 2.6.33-ck-r1 x86_64) ================================================================= System uname: Linux-2.6.33-ck-r1-x86_64-AMD_Athlon-tm-_II_X3_425_Processor-with-gentoo-2.0.1 Timestamp of tree: Sun, 20 Jun 2010 08:30:22 +0000 app-shells/bash: 4.0_p37 dev-lang/python: 2.6.5-r2, 3.1.2-r3 dev-util/cmake: 2.6.4-r3 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.6.1-r1 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.65 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20.1-r1 sys-devel/gcc: 4.3.4, 4.5.0 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=native -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/init.d /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/xdg" CXXFLAGS="-O2 -march=native -pipe" DISTDIR="/mnt/lupus/gentoo/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LANG="pl_PL" LDFLAGS="-Wl,-O1 -Wl,--sort-common -Wl,--as-needed" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/mnt/lupus/gentoo/build" PORTDIR="/mnt/lupus/gentoo/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/kde-sunset /usr/portage/local/layman/sunrise /mnt/lupus/gentoo/portage/local" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X a52 aac acl acpi alsa amd64 branding bzip2 cairo cdr cli consolekit cracklib crypt cxx dbus dri dts dvd dvdr emboss encode exif fam firefox flac fortran gif gpm gtk gtk2 hal iconv jpeg kpathsea lame lcms lirc mad mikmod mmx mmxext mng modules mp3 mp4 mpeg mudflap multilib musepack mysql ncurses nls nptl nptlonly nvidia offensive ogg opengl openmp pam pango pcre pdf perl png postscript ppds pppd python qt3support qt4 readline reflection sdl session smp spell spl sse sse2 sse3 sse4a ssl ssse3 svg sysfs system-sqlite tcpd tetex threads tiff truetype truetype-fonts unicode usb userlocales vdpau vorbis x264 xcb xml xorg xulrunner xv xvid zlib" ALSA_CARDS="intel8x0 emu10k1 virtuoso" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIRC_DEVICES="serial" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="nvidia s3 vesa vga radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS Tomasz, or anyone else stumbling into this bug: You can test `CFLAGS="-U_FORTIFY_SOURCE" emerge thunderbird` (or CXXFLAGS or CPPFLAGS, long as you see it being used in the build, i'm not sure what thunderbird is exactly using). That should disable the level 2 it's failing on. If that doesn't work, you can always downgrade to 3.0.5 (that works even with gcc-4.5 compiled) Or you can compile thunderbird with gcc-4.4.x if you still have it installed Same problem here. x86 system and gcc-4.5.0 This is a duplicate of #256668 But it was closed cantfix because its summary referred to the overlay ebuild. Trying with CFLAGS. >
> Trying with CFLAGS.
>
You need
CXXFLAGS="-U_FORTIFY_SOURCE" emerge -1 thunderbird
(In reply to comment #4) > Same problem here. x86 system and gcc-4.5.0 > This is a duplicate of #256668 > But it was closed cantfix because its summary referred to the overlay ebuild. > > Trying with CFLAGS. > Until gcc-4.5.0 is unmasked for arch testing I am not gonna concern mozilla team with this. The bug will remain open. If someone decides they want to help resolve the issue please get a strace -f and email to mozilla alias for review. Created attachment 236443 [details, diff]
hunspell-buffer.patch
thunderbird is basically doing
struct s {
int x;
char data;
} *p = (struct s *) malloc (sizeof(struct s) + 3);
strcpy(&p->data, "!!!");
which isn't a security risk when done intentionally as it is here, but is neither valid C nor C++ and is rightly blocked. However, since it is valid to access a random block of memory as an array of char, provided you start from a pointer to that whole block, attached patch should fix this. Compiling takes a long time so it is currently untested.
Sorry, that patch has a bogus &. (char *) &h should be (char *) h. Created attachment 236453 [details, diff]
hunspell-buffer.patch
It was also missing the #include for offsetof. Now compiled and installed, and the Write button doesn't cause a crash anymore.
(In reply to comment #9) > Created an attachment (id=236453) [details] > hunspell-buffer.patch > > It was also missing the #include for offsetof. Now compiled and installed, and > the Write button doesn't cause a crash anymore. > I've tested this against 3.1 final, still applies cleanly and solves the issue, thanks! Fixed without revision bump because gcc-4.5 is still p.masked. + 26 Jun 2010; Samuli Suominen <ssuominen@gentoo.org> + thunderbird-3.1.ebuild, +files/thunderbird-3.1-gcc45.patch: + Fix buffer overflow with GCC 4.5 and _U_FORTIFY_SOURCE=2 wrt #324863 by + Harald van Dijk. Created attachment 237839 [details, diff]
hunspell-buffer.patch
Now with a nice Signed-off-by line (and -U corrected to -D in the description) so that Jory can take it upstream :)
reopened for my benefit only. We have it upstream now, will get it landed on trunk for next release. Reopening bug has resurfaced. Once again I am closing thanks to ssuominen for the help we discovered the patch was not being applied, this was caused when I moved everything to the patchset and forgot to rename from diff to patch. |