Summary: | net-misc/xmrig 6.20.0 + 6.18.1-r1 (GCC) buffer overflow | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | William Rabbermann <willrabbermann> |
Component: | Current packages | Assignee: | Matthew Smith <matthew> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | candrews, telans |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/xmrig/xmrig/issues/3305 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 847148 |
Description
William Rabbermann
2023-09-01 14:54:54 UTC
Can you try get a backtrace with https://wiki.gentoo.org/wiki/Debugging#Per-package please? Thanks! It looks like it's related to configuring the RandomX hash: (gdb) bt #0 0x00007ffff7889dbc in ?? () from /usr/lib64/libc.so.6 #1 0x00007ffff7839cc2 in raise () from /usr/lib64/libc.so.6 #2 0x00007ffff78224ed in abort () from /usr/lib64/libc.so.6 #3 0x00007ffff782355c in ?? () from /usr/lib64/libc.so.6 #4 0x00007ffff791a8c5 in __fortify_fail () from /usr/lib64/libc.so.6 #5 0x00007ffff791a270 in __chk_fail () from /usr/lib64/libc.so.6 #6 0x00005555557c8102 in memcpy (__len=16, __src=0x7ffff77fecf0, __dest=<optimized out>) at /usr/include/bits/string_fortified.h:29 #7 RandomX_ConfigurationBase::Apply (this=0x555555a03840 <RandomX_CurrentConfig>) at /usr/src/debug/net-misc/xmrig-6.20.0/xmrig-6.20.0/src/crypto/randomx/randomx.cpp:350 #8 0x00005555557cc8aa in randomx_apply_config<RandomX_ConfigurationBase> (config=...) at /usr/src/debug/net-misc/xmrig-6.20.0/xmrig-6.20.0/src/crypto/randomx/randomx.h:166 #9 xmrig::RxAlgo::apply (algorithm=xmrig::Algorithm::RX_0) at /usr/src/debug/net-misc/xmrig-6.20.0/xmrig-6.20.0/src/crypto/rx/RxAlgo.cpp:26 #10 0x00005555557ccc9f in xmrig::RxBasicStoragePrivate::setSeed (seed=..., this=0x555555ad6a50) at /usr/src/debug/net-misc/xmrig-6.20.0/xmrig-6.20.0/src/crypto/rx/RxBasicStorage.cpp:56 #11 xmrig::RxBasicStorage::init (this=0x555555adb620, seed=..., threads=24, hugePages=true, oneGbPages=false, mode=xmrig::RxConfig::AutoMode, priority=2) at /usr/src/debug/net-misc/xmrig-6.20.0/xmrig-6.20.0/src/crypto/rx/RxBasicStorage.cpp:168 #12 0x00005555557d0107 in xmrig::RxQueue::backgroundInit (this=0x555555adb170) at /usr/src/debug/net-misc/xmrig-6.20.0/xmrig-6.20.0/src/crypto/rx/RxQueue.cpp:149 #13 0x00005555558d66ff in execute_native_thread_routine () #14 0x00007ffff7888069 in ?? () from /usr/lib64/libc.so.6 #15 0x00007ffff790c548 in ?? () from /usr/lib64/libc.so.6 (gdb) frame 7 #7 RandomX_ConfigurationBase::Apply (this=0x555555a03840 <RandomX_CurrentConfig>) at /usr/src/debug/net-misc/xmrig-6.20.0/xmrig-6.20.0/src/crypto/randomx/randomx.cpp:350 350 INST_HANDLE(ISTORE, CFROUND); I'm not familiar with the bowels of XMRig, but I think that this function is copying code out of .text (for its JIT) which deeply upsets the checks. Is there a way to disable the FORTIFY_SOURCE checks just for this memcpy, or do we need to filter it for the whole package? (In reply to Matthew Smith from comment #3) > I'm not familiar with the bowels of XMRig, but I think that this function is > copying code out of .text (for its JIT) which deeply upsets the checks. > > Is there a way to disable the FORTIFY_SOURCE checks just for this memcpy, or > do we need to filter it for the whole package? I'm speechless at the discussion on that bug. Anyway, no, you have to disable it entirely unfortunately, i.e. append-cppflags -U_FORTIFY_SOURCE (you can't do it partially because of ODR w/ C++ but also this package surely isn't going to be clean in other places anyway). The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d094dd12e83313941d9936cdaa89b62dde62035e commit d094dd12e83313941d9936cdaa89b62dde62035e Author: Matthew Smith <matthew@gentoo.org> AuthorDate: 2023-09-01 17:17:18 +0000 Commit: Matthew Smith <matthew@gentoo.org> CommitDate: 2023-09-01 17:21:15 +0000 net-misc/xmrig: filter FORTIFY_SOURCE=3 Closes: https://bugs.gentoo.org/913420 Signed-off-by: Matthew Smith <matthew@gentoo.org> .../xmrig/{xmrig-6.18.1-r1.ebuild => xmrig-6.18.1-r2.ebuild} | 9 ++++++++- net-misc/xmrig/{xmrig-6.20.0.ebuild => xmrig-6.20.0-r1.ebuild} | 9 ++++++++- net-misc/xmrig/xmrig-9999.ebuild | 9 ++++++++- 3 files changed, 24 insertions(+), 3 deletions(-) Thank you, xmrig is working now. :) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9577efa11cca713f2e5b7e80ab07cb37365fba19 commit 9577efa11cca713f2e5b7e80ab07cb37365fba19 Author: Matthew Smith <matthew@gentoo.org> AuthorDate: 2024-03-23 07:32:32 +0000 Commit: Matthew Smith <matthew@gentoo.org> CommitDate: 2024-03-23 07:36:25 +0000 net-misc/xmrig: stop filtering -D_FORTIFY_SOURCE=3 Fixed upstream in commit f6c50b5393. Bug: https://bugs.gentoo.org/913420 Signed-off-by: Matthew Smith <matthew@gentoo.org> net-misc/xmrig/xmrig-9999.ebuild | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) |