Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 339451 - app-misc/rioutil _FORTIFY_SOURCE indicates presence of overflow
Summary: app-misc/rioutil _FORTIFY_SOURCE indicates presence of overflow
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it
URL:
Whiteboard:
Keywords: Inclusion, PATCH
Depends on:
Blocks: fortify-source
  Show dependency tree
 
Reported: 2010-10-02 12:36 UTC by Diego Elio Pettenò (RETIRED)
Modified: 2012-03-03 16:00 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Build log (rioutil-1.5.0-r1:20101002-111009.log,33.45 KB, text/plain)
2010-10-02 12:37 UTC, Diego Elio Pettenò (RETIRED)
Details
Ebuild with patch (rioutil-1.5.0-r1.ebuild,830 bytes, text/plain)
2011-02-05 01:14 UTC, Kevin McCarthy (RETIRED)
Details
Really fix buffer overflow (rioutil-1.5.0-overflow.patch,515 bytes, patch)
2011-02-05 01:15 UTC, Kevin McCarthy (RETIRED)
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Diego Elio Pettenò (RETIRED) gentoo-dev 2010-10-02 12:36:46 UTC
You're receiving this bug because the package in Summary has produced _FORTIFY_SOURCE related warnings indicating the presence of a sure overflow in a static buffer.

Even though this is not always an indication of a security problem it might even be. So please check this out ASAP.

By the way, _FORTIFY_SOURCE is disabled when you disable optimisation, so don't try finding out the cause using -O0.

Thanks,
Your friendly neighborhood tinderboxer
Comment 1 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-10-02 12:37:24 UTC
Created attachment 249289 [details]
Build log
Comment 2 Kevin McCarthy (RETIRED) gentoo-dev 2011-02-05 01:14:09 UTC
Created attachment 261550 [details]
Ebuild with patch
Comment 3 Kevin McCarthy (RETIRED) gentoo-dev 2011-02-05 01:15:15 UTC
Comment on attachment 261550 [details]
Ebuild with patch

Oops, wrong file.
Comment 4 Kevin McCarthy (RETIRED) gentoo-dev 2011-02-05 01:15:55 UTC
Created attachment 261551 [details, diff]
Really fix buffer overflow
Comment 5 Pacho Ramos gentoo-dev 2012-03-03 16:00:31 UTC
+*rioutil-1.5.0-r2 (03 Mar 2012)
+
+  03 Mar 2012; Pacho Ramos <pacho@gentoo.org>
+  +files/rioutil-1.5.0-buffer-overflow.patch, +rioutil-1.5.0-r2.ebuild:
+  Fix overflow, bug 339451 by Kevin McCarthy.
+