Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 421843

Summary: sci-chemistry/mosflm _FORTIFY_SOURCE indicates presence of overflow
Product: Gentoo Linux Reporter: Diego Elio Pettenò (RETIRED) <flameeyes>
Component: Current packagesAssignee: Justin Lecher (RETIRED) <jlec>
Status: RESOLVED FIXED    
Severity: major CC: sci-chemistry
Priority: Highest    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://tinderboxlogs.s3.amazonaws.com/tbamd64.excelsior.flameeyes.eu/sci-chemistry%3Amosflm-7.0.7-r1%3A20120618-202131.html
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 259417    

Description Diego Elio Pettenò (RETIRED) gentoo-dev 2012-06-18 20:45:40 UTC
You're receiving this bug because the package in Summary has produced _FORTIFY_SOURCE related warnings indicating the presence of a sure overflow in a static buffer.

Even though this is not always an indication of a security problem it might even be. So please check this out ASAP.

By the way, _FORTIFY_SOURCE is disabled when you disable optimisation, so don't try finding out the cause using -O0.

Thanks,
Your friendly neighborhood tinderboxer
Comment 1 Justin Lecher (RETIRED) gentoo-dev 2012-06-19 06:21:15 UTC
+*mosflm-7.0.7-r2 (19 Jun 2012)
+
+  19 Jun 2012; Justin Lecher <jlec@gentoo.org> +mosflm-7.0.7-r2.ebuild,
+  +files/mosflm-7.0.7-buffer-overflow.patch,
+  +files/mosflm-7.0.7-impl-dec.patch:
+  Fix Buffer overflow, #421843
+