|Summary:||sci-electronics/alliance _FORTIFY_SOURCE indicates presence of overflow|
|Product:||Gentoo Linux||Reporter:||Diego Elio Pettenò (RETIRED) <flameeyes>|
|Component:||Current packages||Assignee:||The Soldering-Iron Brotherhood <sci-electronics>|
|Package list:||Runtime testing required:||---|
|Bug Depends on:|
|Attachments:||Build log (compressed)|
Description Diego Elio Pettenò (RETIRED) 2010-10-13 01:04:35 UTC
You're receiving this bug because the package in Summary has produced _FORTIFY_SOURCE related warnings indicating the presence of a sure overflow in a static buffer. Even though this is not always an indication of a security problem it might even be. So please check this out ASAP. By the way, _FORTIFY_SOURCE is disabled when you disable optimisation, so don't try finding out the cause using -O0. Thanks, Your friendly neighborhood tinderboxer
Comment 1 Diego Elio Pettenò (RETIRED) 2010-10-13 01:07:33 UTC
Created attachment 250419 [details] Build log (compressed)
Comment 2 Thomas Beierlein 2010-10-13 19:40:57 UTC
Sorry, the attached log does not look like a log file. Instead it seems to be a binary. Please check and resubmit Diego.
Comment 3 Diego Elio Pettenò (RETIRED) 2010-10-13 19:55:27 UTC
Description Build log (compressed) It's a gzip-encoded file…
Comment 4 Kacper Kowalik (Xarthisius) (RETIRED) 2010-10-13 20:03:59 UTC
(In reply to comment #3) > It's a gzip-encoded file… It's gzipped twice (guess bug 337784 happened here too) hence the confusion
Comment 5 Thomas Beierlein 2010-10-13 20:14:42 UTC
(In reply to comment #4) > (In reply to comment #3) > > It's a gzip-encoded file… > It's gzipped twice (guess bug 337784 happened here too) hence the confusion > Ah yes. Now I see. Thanks. I had the idea about double zipping but did not check correctly for it. Thanks anyway.
Comment 6 Thomas Beierlein 2010-10-15 14:38:56 UTC
Fixed now. Thanks for reporting Diego. + 15 Oct 2010; Thomas Beierlein <firstname.lastname@example.org> + alliance-5.0.20070718.ebuild, +files/alliance-5.0.20070718-overun.patch, + +files/alliance-5.0.20070718-test.patch: + Switch to shared linking (bug 252469). Fix tests (bug 282490). Fix buffer + overrun (bug 340789).