atti@magic ~/tmp/media $ gaim gaim: stack smashing attack in function _cairo_stroker_join() Abgebrochen (core dumped) atti@magic ~/tmp/media $ gdb -core core GNU gdb 6.4 Copyright 2005 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "x86_64-pc-linux-gnu". Core was generated by `gaim'. Program terminated with signal 6, Aborted. #0 0x00002aaaad880f79 in ?? () (gdb) bt #0 0x00002aaaad880f79 in ?? () (gdb) [ebuild R ] net-im/gaim-1.5.0 -cjk -debug +eds -gnutls -krb4 -nas +nls +perl -silc +spell +tcltk 0 kB [ebuild R ] x11-libs/cairo-1.0.2 +X -doc -glitz +png 0 kB I recently updated gtk+-2.8.8 - maybe this is connected with the bug. [ebuild R ] x11-libs/gtk+-2.8.8 -debug -doc +jpeg +tiff 0 kB Btw: This might be related to this bug #118346 although gaim crashes when executed as root too. I recompiled gaim and it's plugins which did NOT solve the problem. Portage 2.0.53 (default-linux/amd64/2005.1, gcc-3.4.4, glibc-2.3.5-r2, 2.6.13-gentoo-r5 x86_64) ================================================================= System uname: 2.6.13-gentoo-r5 x86_64 AMD Athlon(tm) 64 Processor 3000+ Gentoo Base System version 1.6.13 dev-lang/python: 2.3.5, 2.4.2 sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r6 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.20 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=athlon64 -O1 -pipe -fomit-frame-pointer -g -ggdb3" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /usr/X11R6/bin/startx /etc/env.d" CXXFLAGS="-march=athlon64 -O1 -pipe -fomit-frame-pointer -g -ggdb3" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig candy distlocks sandbox severe sfperms strict test" GENTOO_MIRRORS="http://pandemonium.tiscali.de/pub/gentoo/ ftp://ftp.tu-clausthal.de/pub/linux/gentoo/ ftp://ftp.gentoo.mesh-solutions.com/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/" LANG="de_DE@euro" LC_ALL="de_DE@euro" LDFLAGS="-Wl,-O1" LINGUAS="de" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.de.gentoo.org/gentoo-portage" USE="7zip X a52 aac acpi alsa amd64 asf audiofile avi berkdb bitmap-fonts bzip2 bzlib cdda cdio cdr crypt css cups curl dbus dga directfb dlloader dmalloc dnd dpms dts dvd dvdr dvdread eds emacs emboss encode esd exif expat fam fame fat fbcon ffmpeg firefox foomaticdb freetype gcj gdbm ggi gif gimpprint glut gmp gnome gpm gs gstreamer gtk gtk2 hal hardened howl idn imagemagick imlib ipv6 ithreads javascript jpeg jpeg2k kde lcms libsamplerate libwww linuxthreads-tls lzo lzw lzw-tiff matroska memlimit mjpeg mmap mng mozcalendar mozdevelop mozsvg mp3 mpeg mpi ncurses nls nptl nptlonly ntfs nvidia ogg oggvorbis on-the-fly-crypt openal openexr opengl pam pcre pdflib perl png ppds python qt quicktime readline real reiserfs rle sdl slang sndfile spell ssl stream svg symlink tcltk tcpd test tetex tga theora threads tidy tiff toolbar truetype truetype-fonts type1-fonts udev unicode usb userlocales vcd videos vorbis wmf xine xml xml2 xmms xosd xpm xprint xtermtoolbar xv xvid xvmc yv12 zlib linguas_de userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, PORTDIR_OVERLAY
ups ... is this a duplicate of the following report? http://bugs.gentoo.org/show_bug.cgi?id=109480
yes ... vanilla gaim hasn't got this problem altering summary to "gaim crashes -> cairo-1.0.2 needs vanilla gcc on AMD64" and adding hardened team to CC list
sorry, correction: using vanilla CAIRO solves the problem
and a better summary here too sorry for bug-spamming :-(
This is probably a security problem. filtering ssp is probably the wrong thing todo.
You're right, it is a dup of #109480. *** This bug has been marked as a duplicate of 109480 ***