336605 – net-analyzer/tcpreplay _FORTIFY_SOURCE indicates presence of overflow

Bug 336605 - net-analyzer/tcpreplay _FORTIFY_SOURCE indicates presence of overflow

Summary: net-analyzer/tcpreplay _FORTIFY_SOURCE indicates presence of overflow

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High major (vote)
Assignee:	Gentoo Netmon project

URL:	http://tcpreplay.synfin.net/changeset...
Whiteboard:
Keywords:

Depends on:
Blocks:	fortify-source
	Show dependency tree

Reported:	2010-09-09 14:46 UTC by Diego Elio Pettenò (RETIRED)
Modified:	2012-09-22 11:20 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Build log (tcpreplay-3.4.4:20100909-011432.log,75.60 KB, text/plain) 2010-09-09 14:46 UTC, Diego Elio Pettenò (RETIRED)	Details
Patch to tcpreplay-3.4.4.ebuild to add sed statement to fix overflow (tcpreplay-3.4.4.ebuild.patch,379 bytes, patch) 2010-09-11 05:43 UTC, Kevin Pyle	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Diego Elio Pettenò (RETIRED) gentoo-dev

2010-09-09 14:46:27 UTC

You're receiving this bug because the package in Summary has produced _FORTIFY_SOURCE related warnings indicating the presence of a sure overflow in a static buffer.

Even though this is not always an indication of a security problem it might even be. So please check this out ASAP.

By the way, _FORTIFY_SOURCE is disabled when you disable optimisation, so don't try finding out the cause using -O0.

Thanks,
Your friendly neighborhood tinderboxer

Comment 1 Diego Elio Pettenò (RETIRED) gentoo-dev

2010-09-09 14:46:59 UTC

Created attachment 246603 [details]
Build log

Comment 2 Kevin Pyle 2010-09-11 05:43:24 UTC

Created attachment 246800 [details, diff]
Patch to tcpreplay-3.4.4.ebuild to add sed statement to fix overflow

Upstream declares a char ipaddr[16], then tells snprintf that the length is 17.  This sed bumps the buffer up to char ipaddr[20].

Comment 3 Jeroen Roovers (RETIRED) gentoo-dev

2010-10-29 05:24:44 UTC

Looks like it's fixed in 3.4.5beta2 and in the URL. Maybe we can introduce that patch or get 3.4.5_beta2 in the tree. Or wait for the final 3.4.5.

Comment 4 Jeroen Roovers (RETIRED) gentoo-dev

2010-10-29 06:04:48 UTC

3.4.5_beta2 is in the tree.

Comment 5 Jeroen Roovers (RETIRED) gentoo-dev

2010-10-29 17:16:52 UTC

Index: package.mask
===================================================================
RCS file: /var/cvsroot/gentoo-x86/profiles/package.mask,v
retrieving revision 1.12116
retrieving revision 1.12117
diff -u -B -r1.12116 -r1.12117
--- package.mask        29 Oct 2010 10:15:28 -0000      1.12116
+++ package.mask        29 Oct 2010 13:16:33 -0000      1.12117
@@ -1,5 +1,5 @@
 ####################################################################
-# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.12116 2010/10/29 10:15:28
 ssuominen Exp $                                                                       +# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.12117 2010/10/29 13:16:33
 pva Exp $                                                                              #
 # When you add an entry to the top of this file, add your name, the date, and
 # an explanation of why something is getting masked. Please be extremely
@@ -31,6 +31,10 @@
 
 #--- END OF EXAMPLES ---
 
+# Peter Volkov <pva@gentoo.org> (29 Oct 2010)
+# mask beta release
+=net-analyzer/tcpreplay-3.4.5*
+
 # Samuli Suominen <ssuominen@gentoo.org> (29 Oct 2010)
 # freqtweak, bug 336160, uses obsolete wxgtk
 # mplinuxman, bug 338863, for old MP3 players, overflows buffers

Comment 6 Pacho Ramos gentoo-dev

2012-03-19 11:41:10 UTC

Could the patch be applied to 3.4.4 then?

Comment 7 Pacho Ramos gentoo-dev

2012-09-22 11:20:29 UTC

*tcpreplay-3.4.4-r1 (29 Oct 2010)

  29 Oct 2010; Peter Volkov <pva@gentoo.org> +tcpreplay-3.4.4-r1.ebuild,
  +files/tcpreplay-3.4.4-crash.patch:
  Fix buffer overflow (bug #336605) in stable version.