Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 280041 - net-analyzer/ntop segfaults when compiled using =sys-devel/gcc-3.4.6-r2
Summary: net-analyzer/ntop segfaults when compiled using =sys-devel/gcc-3.4.6-r2
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: The Gentoo Linux Hardened Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-08-02 13:25 UTC by Christian Ruppert (idl0r)
Modified: 2010-10-28 15:42 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Ruppert (idl0r) gentoo-dev 2009-08-02 13:25:42 UTC 
Hey guys,

ntop is not running if built with hardened gcc-3.4.6-r2.

Steps to reproduce:
1. emerge ntop
2. Start ntop
3. Go through the webinterface an click on 'Admin->Configure->Startup Options'.

Result: ntop will segfault:
device eth0 entered promiscuous mode
ntop[22314] trap stack segment ip:757dd9c630ef sp:757dd2c08e10 error:0
grsec: From 10.8.6.6: signal 7 sent to /usr/bin/ntop[ntop:22314] uid/euid:104/104 gid/egid:1022/1022, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
device eth0 left promiscuous mode

Tommy[D] confirmed that ntop is working fine with hardened gcc-4.x.
Zorry confirmed that ntop is _not_ working with hardened gcc-3.x.

Even no luck with 3.4.6-vanilla specs.

emerge --info
Portage 2.1.6.13 (hardened/amd64/multilib, gcc-3.4.6-asneeded, glibc-2.9_p20081201-r2, 2.6.28-hardened-r9 x86_64)
=================================================================
System uname: Linux-2.6.28-hardened-r9-x86_64-Intel-R-_Core-TM-_i7_CPU_920_@_2.67GHz-with-gentoo-2.0.1
Timestamp of tree: Sun, 02 Aug 2009 12:20:02 +0000
ccache version 2.4 [enabled]
app-shells/bash:     3.2_p39
dev-lang/python:     2.5.4-r3, 2.6.2-r1
dev-python/pycrypto: 2.0.1-r8
dev-util/ccache:     2.4-r7
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.4.3-r3
sys-apps/sandbox:    1.6-r2
sys-devel/autoconf:  2.63-r1
sys-devel/automake:  1.7.9-r1, 1.9.6-r2, 1.10.2
sys-devel/binutils:  2.18-r3
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   1.5.26
virtual/os-headers:  2.6.27-r2
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=nocona -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-march=nocona -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS="--with-bdeps y"
FEATURES="autoconfig ccache collision-protect distlocks fakeroot fixpackages parallel-fetch preserve-libs protect-owned sandbox sfperms strict stricter suidctl unmerge-orphans userfetch userpriv usersandbox usersync"
GENTOO_MIRRORS="http://gentoo.mneisen.org/ http://mirror.jamit.de/gentoo/ http://mirror.netcologne.de/gentoo/ ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo"
LANG="en_US.UTF-8"
LC_ALL="en_US.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,-z,now -Wl,--sort-common"
MAKEOPTS="-j8"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.de.gentoo.org/gentoo-portage"
USE="X509 acl amd64 audit bash-completion bcmath berkdb bzip2 caps cgi checkpath clamdtop cli cracklib crypt cscope ctype ctypes-python curl curlwrappers cxx dnsdb exif exiscan-acl filter fontconfig ftp gcrypt gd gdbm geoip gmp gnutls gpgme hardened hash hpn iconv idn imap iproute2 jabber jpeg justify kpoll libgcrypt libssh2 lm_sensors lzma lzo maildir mhash mktemp mmx mode-paranoid multilib mysql mysqli nagios-dns nagios-ntp nagios-ping nagios-ssh ncurses network-cron nptl nptlonly openmp opensslcrypt pam pcntl pcre perl pic plugins png posix pth python readline reflection rrdcgi sasl sensord session sha512 sieve simplexml smime smp sockets spl sqlite sqlite3 sse sse2 ssh ssl ssse3 suexec svg syslog sysvipc threads threadsafe tokenizer truetype unicode urandom vim-syntax web webdav-serf xattr xml xmlreader xmlrpc xmlwriter xsl zip zlib zsh-completion" APACHE2_MODULES="asis actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif so speling status unique_id userdir usertrack vhost_alias substitute proxy proxy_connect proxy_http" APACHE2_MPMS="worker" ELIBC="glibc" KERNEL="linux" USERLAND="GNU"
Unset:  CPPFLAGS, CTARGET, FFLAGS, INSTALL_MASK, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 1 Christian Ruppert (idl0r) gentoo-dev 2009-09-26 23:07:35 UTC 
Seems to work now with glibc-2.9_p20081201-r4 and gcc-4.3.4-r1 from hardened-dev overlay.
Comment 2 Magnus Granberg gentoo-dev 2010-10-28 15:42:30 UTC 
Reopen if it still fails with gcc-4.4.4-r2