Firefox 1.5.0.5 or 1.5.0.6 emerged from www-client/mozilla-firefox with the hardened toolchain on 2.6.17 hardened kernel on AMD 64 is unusable. Firefox starts, but crashes immediately if one trie to open Preferences, submit a form, open an https link, or pretty much do anything. The error is: firefox-bin: stack smashing attack in function _cairo_stroker_join() /usr/libexec/mozilla-launcher: line 117: 11919 Aborted "$mozbin" "$@" firefox-bin exited with non-zero status (134)
Created attachment 95855 [details] emerge --info
*** Bug 146162 has been marked as a duplicate of this bug. ***
The same problem is observed and when CFLAGS are set only to "CFLAGS="-march=athlon64 -O2 -pipe".
The problem appears to be specific not to Firefox but to x11-libs/cairo - see bug #146162: http://bugs.gentoo.org/show_bug.cgi?id=146162 Exactly the same problem is observed when using rox-base/rox.
Created attachment 103642 [details] Got the same for rufus, and also some other situations python: stack smashing attack in function _cairo_stroker_join() /usr/bin/rufus: line 22: 885 Aborted python -OO /usr/share/rufus/rufus.py [ebuild R ] x11-libs/cairo-1.2.4
Comment on attachment 103642 [details] Got the same for rufus, and also some other situations [ebuild R ] x11-libs/cairo-1.2.4
>x11-libs/cairo-1.0.2-r1 <x11-libs/cairo-1.0.2-r1 Stayed for a while on 1.0.2-r1, because of gdm session abends when using session selection. That problem is still not solved.
Been a bit busy... But I thought I remember this issue being fixed in cairo-1.2.6? Care to give it a whirl? I'll look into it on Monday.
Thank, I unmasked 1.2.6 and x11-libs/cairo Available versions: 1.0.2 1.0.2-r1[1] 1.0.4 1.0.4-r1 ~1.2.2 1.2.4 1.2.6 Installed: 1.2.6 Also revdep-rebuild, without inconsistencies. Problem is still there python: stack smashing attack in function _cairo_stroker_join() /usr/bin/rufus: line 22: 5883 Aborted python -OO /usr/share/rufus/rufus.py and also, GDM still crashes when selecting a language or session or ... I noticed the -debug but where will the output go. Maybe I've to do some homework, cathed gdm :0.log X Window System Version 7.1.1 Release Date: 12 May 2006 X Protocol Version 11, Revision 0, Release 7.1.1 Build Operating System: Linux 2.6.17-gentoo-r82006sep x86_64 Current Operating System: Linux KAST64 2.6.17-gentoo-r82006okt #10 PREEMPT Tue Nov 21 22:56:32 CET 2006 x86_64 Build Date: 16 October 2006 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Module Loader present Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/Xorg.0.log", Time: Mon Dec 11 12:55:06 2006 (==) Using config file: "/etc/X11/xorg.conf" xkb_keycodes { include "xfree86+aliases(qwerty)" }; xkb_types { include "complete" }; xkb_compatibility { include "complete" }; xkb_symbols { include "pc(pc105)+us" }; xkb_geometry { include "pc(pc105)" }; FreeType: couldn't open face /usr/share/fonts/TTF/luximr.ttf: 1 xkb_types { include "%" }; xkb_compatibility { include "%" }; xkb_symbols { include "%" }; xkb_geometry { include "%" }; The XKEYBOARD keymap compiler (xkbcomp) reports: > Error: Missing KeyNames section in a Keymap file > Description of Keymap not compiled Errors from xkbcomp are not fatal to the X server (EE) Error loading keymap /usr/share/X11/xkb/compiled/server-0.xkm xkb_keycodes { include "xfree86+aliases(qwerty)" }; xkb_types { include "complete" }; xkb_compatibility { include "complete" }; xkb_symbols { include "pc(pc105)+us" }; xkb_geometry { include "pc(pc105)" };
This 1.2.6 cairo is worse xsane: stack smashing attack in function _cairo_stroker_join() How can I help you to test it.
I'm guessing that these are all caused by bugs in gcc-3+SSP. I'm hoping these problems will go away with gcc-4.1, which has completely re-written SSP support. For the moment, switch to the hardenednossp compiler and rebuild cairo with that (switch back afterwards). Doug - in the ebuild for cairo you could just 'filter-flags -fstack-protector' for now, and we'll revisit once >gcc-4.1 is available and stable for hardened users.
Created attachment 103870 [details] emerge cairo > emcairo.txt Well, nice to learn these things (as a mainframe sysprog), I'm sure there must be something missing. source /etc/profile gcc-config -l [1] i686-pc-linux-gnu-3.4.6 * [2] i686-pc-linux-gnu-3.4.6-hardened [3] i686-pc-linux-gnu-3.4.6-hardenednopie [4] i686-pc-linux-gnu-3.4.6-hardenednopiessp [5] i686-pc-linux-gnu-3.4.6-hardenednossp [6] x86_64-pc-linux-gnu-3.4.6 [7] x86_64-pc-linux-gnu-3.4.6-hardenednopie [8] x86_64-pc-linux-gnu-3.4.6-hardenednopiessp [9] x86_64-pc-linux-gnu-3.4.6-hardenednossp * [10] x86_64-pc-linux-gnu-3.4.6-vanilla [11] x86_64-pc-linux-gnu-4.1.1 gcc -v Reading specs from /usr/lib/gcc/x86_64-pc-linux-gnu/3.4.6/specs Reading specs from /usr/lib/gcc/x86_64-pc-linux-gnu/3.4.6/hardenednossp.specs Configured with: /var/tmp/portage/gcc-3.4.6-r1/work/gcc-3.4.6/configure --prefix=/usr --bindir=/usr/x86_64-pc-linux-gnu/gcc-bin/3.4.6 --includedir=/usr/lib/gcc/x86_64-pc-linux-gnu/3.4.6/include --datadir=/usr/share/gcc-data/x86_64-pc-linux-gnu/3.4.6 --mandir=/usr/share/gcc-data/x86_64-pc-linux-gnu/3.4.6/man --infodir=/usr/share/gcc-data/x86_64-pc-linux-gnu/3.4.6/info --with-gxx-include-dir=/usr/lib/gcc/x86_64-pc-linux-gnu/3.4.6/include/g++-v3 --host=x86_64-pc-linux-gnu --build=x86_64-pc-linux-gnu --disable-altivec --enable-nls --without-included-gettext --with-system-zlib --disable-checking --disable-werror --disable-libunwind-exceptions --enable-multilib --disable-libgcj --enable-languages=c,c++,f77 --enable-shared --enable-threads=posix --enable-__cxa_atexit --enable-clocale=gnu Thread model: posix gcc version 3.4.6 (Gentoo Hardened 3.4.6-r1, ssp-3.4.5-1.0, pie-8.7.9) But it still crashes. Greetings Fred
Hi, a recompile with 4.1.1 (not hardened) at least makes cairo indeed run. Using built-in specs. Reading specs from /usr/lib/gcc/x86_64-pc-linux-gnu/3.4.6/hardenednossp.specs Target: x86_64-pc-linux-gnu Configured with: /var/tmp/portage/gcc-4.1.1-r1/work/gcc-4.1.1/configure --prefix=/usr --bindir=/usr/x86_64-pc-linux-gnu/gcc-bin/4.1.1 --includedir=/usr/lib/gcc/x86_64-pc-linux-gnu/4.1.1/include --datadir=/usr/share/gcc-data/x86_64-pc-linux-gnu/4.1.1 --mandir=/usr/share/gcc-data/x86_64-pc-linux-gnu/4.1.1/man --infodir=/usr/share/gcc-data/x86_64-pc-linux-gnu/4.1.1/info --with-gxx-include-dir=/usr/lib/gcc/x86_64-pc-linux-gnu/4.1.1/include/g++-v4 --host=x86_64-pc-linux-gnu --build=x86_64-pc-linux-gnu --disable-altivec --enable-nls --without-included-gettext --with-system-zlib --disable-checking --disable-werror --disable-libunwind-exceptions --enable-multilib --disable-libmudflap --disable-libssp --disable-libgcj --enable-languages=c,c++,fortran --enable-shared --enable-threads=posix --enable-__cxa_atexit --enable-clocale=gnu Thread model: posix gcc driver version 4.1.1 (Gentoo 4.1.1-r1) executing gcc version 3.4.6)
Well looks like this issue is resolved for gcc 4.1. Not sure how hardened wants to proceed... re-assigning. Please test this with cairo 1.4.x to see if we need the filter-flags call there as well.
(In reply to comment #14) > Well looks like this issue is resolved for gcc 4.1. Not sure how hardened wants > to proceed... re-assigning. > > Please test this with cairo 1.4.x to see if we need the filter-flags call there > as well. mozilla-firefox-2.0.0.9 is perfectly fine from my point of view, so I don't really see a reason.
