Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 257360 - app-cdr/dvd+rw-tools-7.1 compiled with sys-devel/gcc-4.3.3 - buffer overflow when executing dvd+rw-format
Summary: app-cdr/dvd+rw-tools-7.1 compiled with sys-devel/gcc-4.3.3 - buffer overflow ...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Unspecified (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Optical Media project
URL: http://cvs.fedoraproject.org/viewvc/d...
Whiteboard:
Keywords:
: 258562 (view as bug list)
Depends on:
Blocks:
 
Reported: 2009-02-02 10:24 UTC by Grzegorz {NineX} Krzystek
Modified: 2009-04-27 01:50 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Grzegorz {NineX} Krzystek 2009-02-02 10:24:11 UTC 
shadow ~ # /usr/bin/dvd+rw-format                                                                                                                                                   
*** buffer overflow detected ***: /usr/bin/dvd+rw-format terminated                                                                                                                 
======= Backtrace: =========                                                                                                                                                        
/lib/libc.so.6(__fortify_fail+0x37)[0x7f09be37f127]
/lib/libc.so.6[0x7f09be37cf00]
/lib/libc.so.6[0x7f09be37d903]
/usr/bin/dvd+rw-format[0x40165e]
/usr/bin/dvd+rw-format[0x403115]
/lib/libc.so.6(__libc_start_main+0xe6)[0x7f09be2b85c6]
/usr/bin/dvd+rw-format[0x401249]
======= Memory map: ========
00400000-0040b000 r-xp 00000000 08:02 917461                             /usr/bin/dvd+rw-format
0060a000-0060b000 r--p 0000a000 08:02 917461                             /usr/bin/dvd+rw-format
0060b000-0060c000 rw-p 0000b000 08:02 917461                             /usr/bin/dvd+rw-format
01c45000-01c66000 rw-p 01c45000 00:00 0                                  [heap]
7f09be29a000-7f09be3e5000 r-xp 00000000 08:02 311885                     /lib64/libc-2.9.so
7f09be3e5000-7f09be5e5000 ---p 0014b000 08:02 311885                     /lib64/libc-2.9.so
7f09be5e5000-7f09be5e9000 r--p 0014b000 08:02 311885                     /lib64/libc-2.9.so
7f09be5e9000-7f09be5ea000 rw-p 0014f000 08:02 311885                     /lib64/libc-2.9.so
7f09be5ea000-7f09be5ef000 rw-p 7f09be5ea000 00:00 0
7f09be5ef000-7f09be605000 r-xp 00000000 08:02 311062                     /lib64/libgcc_s.so.1
7f09be605000-7f09be804000 ---p 00016000 08:02 311062                     /lib64/libgcc_s.so.1
7f09be804000-7f09be805000 r--p 00015000 08:02 311062                     /lib64/libgcc_s.so.1
7f09be805000-7f09be806000 rw-p 00016000 08:02 311062                     /lib64/libgcc_s.so.1
7f09be806000-7f09be888000 r-xp 00000000 08:02 311854                     /lib64/libm-2.9.so
7f09be888000-7f09bea87000 ---p 00082000 08:02 311854                     /lib64/libm-2.9.so
7f09bea87000-7f09bea88000 r--p 00081000 08:02 311854                     /lib64/libm-2.9.so
7f09bea88000-7f09bea89000 rw-p 00082000 08:02 311854                     /lib64/libm-2.9.so
7f09bea89000-7f09beb79000 r-xp 00000000 08:02 895384                     /usr/lib64/gcc/x86_64-pc-linux-gnu/4.3.3/libstdc++.so.6.0.10
7f09beb79000-7f09bed79000 ---p 000f0000 08:02 895384                     /usr/lib64/gcc/x86_64-pc-linux-gnu/4.3.3/libstdc++.so.6.0.10
7f09bed79000-7f09bed80000 r--p 000f0000 08:02 895384                     /usr/lib64/gcc/x86_64-pc-linux-gnu/4.3.3/libstdc++.so.6.0.10
7f09bed80000-7f09bed82000 rw-p 000f7000 08:02 895384                     /usr/lib64/gcc/x86_64-pc-linux-gnu/4.3.3/libstdc++.so.6.0.10
7f09bed82000-7f09bed95000 rw-p 7f09bed82000 00:00 0
7f09bed95000-7f09bedab000 r-xp 00000000 08:02 311898                     /lib64/libpthread-2.9.so
7f09bedab000-7f09befab000 ---p 00016000 08:02 311898                     /lib64/libpthread-2.9.so
7f09befab000-7f09befac000 r--p 00016000 08:02 311898                     /lib64/libpthread-2.9.so
7f09befac000-7f09befad000 rw-p 00017000 08:02 311898                     /lib64/libpthread-2.9.so
7f09befad000-7f09befb1000 rw-p 7f09befad000 00:00 0
7f09befb1000-7f09befce000 r-xp 00000000 08:02 311880                     /lib64/ld-2.9.so
7f09befd3000-7f09bf1a7000 r--p 00000000 08:02 296542                     /usr/lib64/locale/locale-archive
7f09bf1a7000-7f09bf1aa000 rw-p 7f09bf1a7000 00:00 0
7f09bf1ca000-7f09bf1cb000 rw-s 00000000 08:02 895721                     /tmp/dvd+rw-format.eHMWP3 (deleted)
7f09bf1cb000-7f09bf1cd000 rw-p 7f09bf1cb000 00:00 0
7f09bf1cd000-7f09bf1ce000 r--p 0001c000 08:02 311880                     /lib64/ld-2.9.so
7f09bf1ce000-7f09bf1cf000 rw-p 0001d000 08:02 311880                     /lib64/ld-2.9.so
7fffc71ba000-7fffc71cf000 rw-p 7ffffffea000 00:00 0                      [stack]
7fffc71ff000-7fffc7200000 r-xp 7fffc71ff000 00:00 0                      [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

shadow ~ # emerge --info
Portage 2.2_rc23 (default/linux/amd64/2008.0, gcc-4.3.3, glibc-2.9_p20081201-r1, 2.6.28-gentoo-r1 x86_64)
=================================================================                                        
System uname: Linux-2.6.28-gentoo-r1-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T7700_@_2.40GHz-with-glibc2.2.5   
Timestamp of tree: Sun, 01 Feb 2009 22:05:01 +0000                                                       
app-shells/bash:     3.2_p48                                                                             
dev-java/java-config: 1.3.7-r1, 2.1.7                                                                    
dev-lang/python:     2.5.4-r2                                                                            
dev-util/cmake:      2.6.2-r1                                                                            
sys-apps/baselayout: 2.0.0
sys-apps/openrc:     0.4.2
sys-apps/sandbox:    1.3.3
sys-devel/autoconf:  2.13, 2.63
sys-devel/automake:  1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2
sys-devel/binutils:  2.19
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6a
virtual/os-headers:  2.6.28-r1
ACCEPT_KEYWORDS="amd64 ~amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -pipe -O2 -fomit-frame-pointer"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/init.d /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-march=native -pipe -O2 -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="candy collision-protect distlocks fixpackages metadata-transfer parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://gentoo.prz.rzeszow.pl            http://distfiles.gentoo.org             http://www.ibiblio.org/pub/Linux/distributions/gentoo           http://dev.gentoo.org"
LDFLAGS="-Wl,-O1"
LINGUAS="pl en"
MAKEOPTS="-s -j3"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage/layman/roslin"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="7zip X a52 aac accessibility acpi alsa amazon amd64 amrnb amrwb ao aotuv archive aspell ass atm audio audiofile bash-completion branding bzip2 cairo caps cddb cdio cdparanoiaconsolekit contrast corefonts cups cupsddk curl cxx dbus devil dga dhcpcd dirac djbfft djvu dri dts dvd dvdr dvdread embedded emoticons enca encode exif expat fam fbcon ffmpeg firefox firefox3 flac fontconfig fpx ftp gd gecko gif gimp glib glitz gnutls gpm graphviz grub gs gtk hal hdri icons iconv icu id3tag idn ieee1394 imagemagick infowidget inotify ipv6 irrlicht java jbig jpeg jpeg2k kde kipi lame laptop lcms libgcrypt libsamplerate libssh2 lm_sensors logitech-mouse logrotate lzma lzo mad masquerade mediaplayer midi mikmod mjpeg mmap mmx mmxext mng mp2 mp3 mp4 mpeg mplayer multicall multilib musepack ncurses nemesi network-cron networkmanager nls nptl nsplugin nss offensive ogg ogg123 openal openexr opengl openmp pam pccts pcf pch pcre pdf perl pixmaps plugins png ppds pth python q32 q8 qt3 qt3support qt4 quicktime rar raw rdesktop readline rle rtc samba scanfolder schroedinger sdl search slang smp sndfile sounds speex spell sqlite srt sse sse2 ssl ssse3 startup-notification svg symlink syslog theora threads threadsafe tiff timezone truetype unicode upnp usb utempter v4l2 vcd video visualization vnc voice vorbis wavpack webkit wmf x264 xanim xcb xcomposite xine xinerama xml xmp xorg xpm xscreensaver xulrunner xv xvid yv12 zip zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file          hooks iec958 ioplug ladspa lfloat linear meter mulaw multi              null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="pl en" USERLAND="GNU" VIDEO_CARDS="nvidia"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS



Reproducible: Always

Steps to Reproduce:
1
2.
3.
Comment 1 Martin Väth 2009-02-02 17:42:52 UTC 
I remember this problem: This is caused by -D_FORTIFY_SOURCE=2
Comment 2 giovanni.bobbio 2009-02-07 13:09:53 UTC 
(In reply to comment #1)
> I remember this problem: This is caused by -D_FORTIFY_SOURCE=2

Is there a fix, then? A workaround?
Comment 3 Peter Alfredsen (RETIRED) gentoo-dev 2009-02-07 13:28:36 UTC 
I'll apply the above patch sometime this weekend. It should fix the problem. Anyone else who is hit by this, feel free to commit to CVS if it works for you while I get my work-queue cleared.
(Remember to rev-bump)
Comment 4 Peter Alfredsen (RETIRED) gentoo-dev 2009-02-08 15:42:05 UTC 
Fixed
Comment 5 Carsten Lohrke (RETIRED) gentoo-dev 2009-02-13 12:15:36 UTC 
*** Bug 258562 has been marked as a duplicate of this bug. ***
Comment 6 Lukasz Ligowski 2009-04-27 01:08:42 UTC 
i ran on it today, it would be nice if you stabilize app-cdr/dvd+rw-tools-7.1-r1 that does contain fix for this error, thanks for fix :)
Comment 7 Peter Alfredsen (RETIRED) gentoo-dev 2009-04-27 01:50:41 UTC 
(In reply to comment #6)
> i ran on it today, it would be nice if you stabilize
> app-cdr/dvd+rw-tools-7.1-r1 that does contain fix for this error, thanks for
> fix :)
> 

Bug 267614