Since many years, I've been using Firebird with Gentoo kernels up to 2.6.38 without any problems.
Now, I have built a new Gentoo system from scratch, of course with kernel 3.0.6 (different hardware, slightly different .config). First, Firebird runs just normal, but when calling some special functions (for example, user rights management), it crashes because of a buffer overflow.
Steps to Reproduce:
1. emerge firebird on a 3.0.6 kernel
2. create some test database
3. use IBExpert to open this database and click on "Rights" (or just "Tools/User Manager")
Connection closed because fbserver terminated.
Nov 13 18:43:41 n *** buffer overflow detected ***: fbserver - terminated
Nov 13 18:43:41 n fbserver: buffer overflow attack in function <unknown> - terminated
Nov 13 18:43:41 n Report to http://bugs.gentoo.org/
opening the user rights management, as with kernel 2.6.38
I'm not quite sure if this is a Gentoo or a Firebird issue. But as syslog says, I should report to bugs.gentoo.org, which I have done now :-)
On the new system, in firebird.log, there are two message which I have never seen on the old system:
n (Server) Sun Nov 13 18:43:41 2011
64 bit i/o support is on.
n (Server) Sun Nov 13 18:43:41 2011
Open file limit increased from 1024 to 4096
Perhaps this is a result of the slightly different Linux .config? In any case, on both systems, Firebird 126.96.36.19981.0-r6 is installed (on the old system with USE="doc examples", on the new system without any USEs).
Reproducable with FlameRobin (instead of IBExpert), too. Register a Server (database registration is not necessary) and select "Server / Manage users".
I really recommend you migrate to Firebird 2.5 if you can. Its been out for over a year. If you can't try Firebird 2.1.x. It looks like there is a newer 2.0.x and 2.1.x than is in tree. Though most effort is going into latest release not the older ones. Its not slotted, the others have just yet to be stabilized, since the package is without a maintainer. Likely see about stabilizing 2.5 once we get some bugs resolved.
Of course, I'd prefer the latest Firebird version 2.5.1, it's just that I also prefer installing Gentoo packages :-)
Ok, I'll give it a try. Would you recommend the source or the binary version? The source installation docs in the file "README.build.posix.html" aren't very detailled - do I need "autogen.sh" while there is already "configure" included? Seems that I need "make", but it's not mentioned - and make "what"? What (and where) does "make install" finally install? And so on.
In case of the binaries, there seems to be just one "install.sh" and nothing else - less complicated...?!
But I wonder whether all the client software would still work - it's a lot of different clients here, from Delphi7's "IBSQL" component (relying on gdb32.dll) to PHP scripts with "ibase_" in Apache...). How big is the chance that all those clients can remain unchanged? I'll find out... but takes awhile.
Installed binary package .tgz 2.5.1 from Sourceforge (just "install.sh"). After removing some "deprecated" warnings from /etc/init.d/firebird, it works without any problems. Even the clients can remain unchanged.
You can change the status to "resolved" (was not sure if it's "wontfix", "cantfix", or "worksforme") :-)
Related problem: Since I unmerged Firebird 2.0.3 using portage, and installed Firebird 2.5.1 by hand, portage now thinks Firebird isn't installed at all and tries to pull it in at every emerge (because of USE="firebird" with PHP). Both masking it and/or including in in /var/lib/portage/world causes error messages. How can I tell portage "I have installed it myself" to get rid of those error messages? (I need PHP compiled with Firebird extensions, so "USE=-firebird" is no option there.)
(In reply to comment #5)
> Related problem: Since I unmerged Firebird 2.0.3 using portage, and installed
> Firebird 2.5.1 by hand, portage now thinks Firebird isn't installed at all and
> tries to pull it in at every emerge (because of USE="firebird" with PHP). Both
> masking it and/or including in in /var/lib/portage/world causes error messages.
> How can I tell portage "I have installed it myself" to get rid of those error
> messages? (I need PHP compiled with Firebird extensions, so "USE=-firebird" is
> no option there.)
This has nothing to do with buffer overflows, and you should have just asked in Gentoo Forum or on Gentoo IRC. You would have gotten an answer in a heartbeat.
ebuild for 2.5.1 in bug 392469, didn't realize a new version was out till mentioned on this bug
Please retry with 188.8.131.52540.0
Using 184.108.40.206780 for a long time, just found this issue, marked as obsolete.