Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 550566

Summary: net-analyzer/sarg fails glibc hardened check - buffer overflow detected
Product: Gentoo Linux Reporter: Todd Walter <todd>
Component: HardenedAssignee: The Gentoo Linux Hardened Team <hardened>
Status: RESOLVED FIXED    
Severity: normal CC: netmon
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: emerge --info
strace of command

Description Todd Walter 2015-05-27 14:50:25 UTC 
Created attachment 404096 [details]
emerge --info

dmesg:
May 27 10:39:50 [glibc-gentoo-hardened-check] *** buffer overflow detected ***: sarg terminated; report to <http://bugs.gentoo.org/>_

command line as issued:
t6wall ~ # sarg -d 15/05/2015-30/05/2015 -g -e -n -o /var/www/localhost/htdocs/squid-rports/
*** buffer overflow detected ***: sarg terminated; report to <http://bugs.gentoo.org/>
Killed
Comment 1 Todd Walter 2015-05-27 14:51:29 UTC 
Sarg 2.3.8 with use gd, ldap, pcre enabled.
Comment 2 Todd Walter 2015-05-27 17:02:39 UTC 
Created attachment 404100 [details]
strace of command
Comment 3 Mike Gilbert gentoo-dev 2015-05-29 01:50:26 UTC 
Please rebuild with debug symbols enabled (-ggdb) and obtain a backtrace.

https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
Comment 4 Todd Walter 2015-06-01 15:54:22 UTC 
GNU gdb (Gentoo 7.7.1 p1) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://bugs.gentoo.org/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from sarg...(no debugging symbols found)...done.
(gdb) r  -d 15/05/2015-30/05/2015 -g -e -n -o /var/www/localhost/htdocs/squid-reports/
Starting program: /usr/bin/sarg -d 15/05/2015-30/05/2015 -g -e -n -o /var/www/localhost/htdocs/squid-reports/
warning: Cannot call inferior functions, Linux kernel PaX protection forbids return to non-executable pages!
*** buffer overflow detected ***: sarg terminated; report to <http://bugs.gentoo.org/>

Program terminated with signal SIGKILL, Killed.
The program no longer exists.
(gdb) bt
No stack.
(gdb)
Comment 5 Todd Walter 2015-06-01 15:56:49 UTC 
PaX control v0.9
Copyright 2004,2005,2006,2007,2009,2010,2011,2012,2014 PaX Team <pageexec@freemail.hu>

- PaX flags: -p-s-m-x-e-- [/usr/bin/sarg]
        PAGEEXEC is disabled
        SEGMEXEC is disabled
        MPROTECT is disabled
        RANDEXEC is disabled
        EMUTRAMP is disabled
Comment 6 Todd Walter 2015-06-25 14:51:49 UTC 
This bug was against 2.3.8.  I unmasked and emerged 2.3.10 and it executes successfully.
Comment 7 Magnus Granberg gentoo-dev 2015-07-04 14:39:55 UTC 
I see this as fixed in newer version.
buffer overflow detected is a fortify sources check and that applay to
default gentoo to.