Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 341223 - dev-db/firebird - _FORTIFY_SOURCE indicates presence of overflow
Summary: dev-db/firebird - _FORTIFY_SOURCE indicates presence of overflow
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Development (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: No maintainer - Look at if you want to take care of it
Keywords: NeedPatch
Depends on:
Blocks: fortify-source
  Show dependency tree
Reported: 2010-10-16 07:30 UTC by Diego Elio Pettenò (RETIRED)
Modified: 2014-12-11 11:40 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Build log (firebird-,708.23 KB, text/plain)
2010-10-16 07:32 UTC, Diego Elio Pettenò (RETIRED)

Note You need to log in before you can comment on or make changes to this bug.
Description Diego Elio Pettenò (RETIRED) gentoo-dev 2010-10-16 07:30:58 UTC
You're receiving this bug because the package in Summary has produced _FORTIFY_SOURCE related warnings indicating the presence of a sure overflow in a static buffer.

Even though this is not always an indication of a security problem it might even be. So please check this out ASAP.

By the way, _FORTIFY_SOURCE is disabled when you disable optimisation, so don't try finding out the cause using -O0.

Your friendly neighborhood tinderboxer
Comment 1 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-10-16 07:32:01 UTC
Created attachment 250811 [details]
Build log
Comment 2 Pacho Ramos gentoo-dev 2012-02-09 12:01:54 UTC
Still valid with 2.5.x?
Comment 3 William L. Thomson Jr. 2012-02-09 16:26:16 UTC
Not sure I started looking into it but fell off, I assume its still an issue and needs to be addressed.
Comment 4 Tom Wijsman (TomWij) (RETIRED) gentoo-dev 2013-07-14 19:44:55 UTC
Ping, we're more than a year later; can you look into this?

If you don't have time now, please move to Gentoo Security / Vulnerabilities and re-assign to security@g.o (move wlt to CC) so this is at least tracked.
Comment 5 Pacho Ramos gentoo-dev 2014-09-07 13:16:55 UTC
No idea if still valid with
Comment 6 Adrian Marius Popa 2014-11-26 14:24:18 UTC
This can be closed , in ubuntu firebird 2.5.3 builds with  CPPFLAGS="-D_FORTIFY_SOURCE=2"

Here is the build log
Comment 7 Adrian Marius Popa 2014-11-26 17:28:43 UTC
and the related debian bug that was fixed long time ago
Comment 8 Pacho Ramos gentoo-dev 2014-12-11 11:40:22 UTC
thanks for feedback