Summary: | mplayer-1.0_pre5-r4: stack smashing attack in function Setup_FS_Segment() | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Ole Tange <bugs.gentoo.org> |
Component: | Current packages | Assignee: | Gentoo Media-video project <media-video> |
Status: | RESOLVED CANTFIX | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Ole Tange
2004-09-24 08:36:51 UTC
Can you confirm this with MPlayer-1.0_pre5-r2? -r3+ use custom CFLAGS (they are masked and experimental), so I'd like to make sure that's what were dealing with. Just a quick look over of the code, and it's asm, something to which I don't do well with (yes, I admit to that :), and may contact someone that does know more. I had a gut feeling that this was caused by USE=hardened. So I tried removing hardened when compiling mplayer. This gave the same result. However, if I remove hardened and recompile first gcc then mplayer, then it works - even with 1.0_pre5-r4. I thereby feel that it is proven that it is the hardened version of gcc that conflicts with mplayer. For my expierence with compiling older versions of mplayer, see bug 64450. I get the same thing with -fstack-protector in CFLAGS on mplayer-1.0_pre5-r5. This deals with loading dll's and windows style files. That said.. not much I can do about it, as I'd have to ask apple to fix their stuff in preventing stack smashing on linux. Guess how that would go :P. |