Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 430248 - net-irc/eggdrop-1.6.21: fortify source reports overflow
Summary: net-irc/eggdrop-1.6.21: fortify source reports overflow
Status: RESOLVED OBSOLETE
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Louis Sautier (sbraz)
URL: https://tinderboxlogs.s3.amazonaws.co...
Whiteboard:
Keywords:
Depends on:
Blocks: fortify-source
  Show dependency tree
 
Reported: 2012-08-07 01:15 UTC by Diego Elio Pettenò (RETIRED)
Modified: 2018-10-26 08:36 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Diego Elio Pettenò (RETIRED) gentoo-dev 2012-08-07 01:15:29 UTC 
Portage 2.2.0_alpha120 (default/linux/amd64/10.0, gcc-4.7.1-asneeded, glibc-2.16.0, 3.4.4-hardened-r1 x86_64)
=================================================================
System uname: Linux-3.4.4-hardened-r1-x86_64-AMD_Opteron-TM-_Processor_6272-with-gentoo-2.1
Timestamp of tree: Mon, 23 Jul 2012 14:30:01 +0000
ccache version 3.1.7 [disabled]
app-shells/bash:          4.2_p37
dev-java/java-config:     2.1.12
dev-lang/python:          2.6.8, 2.7.3-r2, 3.2.3-r1
dev-util/ccache:          3.1.7
dev-util/cmake:           2.8.8-r3
sys-apps/baselayout:      2.1-r1
sys-apps/openrc:          0.10.5
sys-apps/sandbox:         2.6
sys-devel/autoconf:       2.13, 2.69
sys-devel/automake:       1.4_p6-r1, 1.9.6-r3, 1.10.3, 1.11.6, 1.12.2
sys-devel/binutils:       2.22-r1
sys-devel/gcc:            4.5.4, 4.6.3, 4.7.1
sys-devel/gcc-config:     1.7.3
sys-devel/libtool:        2.4.2
sys-devel/make:           3.82-r3
sys-kernel/linux-headers: 3.5 (virtual/os-headers)
sys-libs/glibc:           2.16.0
Repositories: gentoo tbamd64
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="*"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe -ggdb -march=native -ftracer -frecord-gcc-switches"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /etc/entropy /opt/openjms/config /usr/share/config /usr/share/gnupg/qualified.txt /usr/share/maven-bin-3.0/conf /usr/share/openvpn/easy-rsa /usr/share/qpsmtpd/plugins /usr/share/themes/oxygen-gtk/gtk-2.0 /var/bind /var/lib/hsqldb /var/lib/redmine/config /var/spool/torque"
CONFIG_PROTECT_MASK="${EPREFIX}/etc/gconf /etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/games/angband/edit/ /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.3/ext-active/ /etc/php/apache2-php5.4/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cgi-php5.4/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/php/cli-php5.4/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /var/lib/redmine/config/locales /var/lib/redmine/config/settings.yml"
CXXFLAGS="-O2 -pipe -ggdb -march=native -ftracer -frecord-gcc-switches"
DISTDIR="/var/cache/portage/distfiles"
FCFLAGS="-O2 -pipe -ggdb -march=native -frecord-gcc-switches"
FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fail-clean fixlafiles news parallel-fetch parse-eapi-ebuild-head protect-owned sandbox sfperms strict test test-fail-continue unknown-features-warn unmerge-orphans userfetch userpriv usersandbox"
FFLAGS="-O2 -pipe -ggdb -march=native -frecord-gcc-switches"
GENTOO_MIRRORS="http://ftp.ucsb.edu/pub/mirrors/linux/gentoo/ http://gentoo.mirrors.hoobly.com/ http://gentoo.llarian.net/"
LANG="en_US.utf8"
LC_ALL="C"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j24"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/tmp"
PORTDIR="/var/cache/tinderbox/tree"
PORTDIR_OVERLAY="/root/overlay"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="3dnow 3dnowex acl amd64 berkdb bzip2 cli cracklib crypt cups cxx dri emacs ffmpeg fortran gdbm gnutls gphoto gphoto2 gpm iconv ipv6 mmx modules mudflap multilib ncurses nls nptl openmp pam pax_kernel pcre pdf plasma pppd qt3support readline semantic-desktop session sse sse2 sse3 sse4 ssl ssse3 tcmalloc tcpd udev unicode vhosts xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" PHP_TARGETS="php5-3" PYTHON_TARGETS="python3_2 python2_7" RUBY_TARGETS="ruby18 ruby19 ree18" USERLAND="GNU" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON
Comment 1 William Waisse 2012-11-23 08:57:49 UTC 
and its just crashing when using grsec kernel :
Nov 23 09:42:30 gemelos kernel: grsec: From XX.190.26.215: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /opt/eggdrop/eggdrop-1.6.21[eggdrop:26813] uid/euid:1019/1019 gid/egid:100/100, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0

to get back to a stable eggdrop under grsec kernel, I had to package.mask :
=net-irc/eggdrop-1.6.21
=dev-lang/tcl-8.5.10-r1

pax logs : 

Nov 23 09:42:30 gemelos kernel: PAX: terminating task: /opt/eggdrop/eggdrop-1.6.21(eggdrop):26813, uid/euid: 1019/1019, PC: 207b206e, SP: bbe1c1cc
Nov 23 09:42:30 gemelos kernel: PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 
Nov 23 09:42:30 gemelos kernel: PAX: bytes at SP-4: 00000001 ad86653d ad692410 bbe1c1e8 00000000 dfb03f00 00000803 00000001 1d2a4f19 dfb03f00 1d2cca38 00000400 00000000 1d2a5228 ad692410 bbe1c36c 00000000 00000000 bbe1c264 00001000 ad57f4ad 
Nov 23 09:42:30 gemelos kernel: grsec: From 88.190.26.215: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /opt/eggdrop/eggdrop-1.6.21[eggdrop:26813] uid/euid:1019/1019 gid/egid:100/100, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Nov 23 09:43:23 gemelos kernel: PAX: From 88.190.26.215: execution attempt in: (null), 00000000-00000000 00000000
Nov 23 09:43:23 gemelos kernel: PAX: terminating task: /opt/eggdrop/eggdrop-1.6.21(eggdrop):26873, uid/euid: 1019/1019, PC: 656d2070, SP: bb1da8dc
Nov 23 09:43:23 gemelos kernel: PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 
Nov 23 09:43:23 gemelos kernel: PAX: bytes at SP-4: 00000001 b228b53d b20b7410 bb1da8f8 00000000 6fd70600 00000803 00000001 156cbf19 6fd70600 156f3a38 00000400 00000000 156cc228 b20b7410 bb1daa7c 00000000 00000000 bb1da974 00001000 b1fa44ad 
Nov 23 09:43:23 gemelos kernel: grsec: From 88.190.26.215: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /opt/eggdrop/eggdrop-1.6.21[eggdrop:26873] uid/euid:1019/1019 gid/egid:100/100, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Nov 23 09:43:51 gemelos kernel: PAX: From 88.190.26.215: execution attempt in: (null), 00000000-00000000 00000000
Nov 23 09:43:51 gemelos kernel: PAX: terminating task: /opt/eggdrop/eggdrop-1.6.21(eggdrop):26906, uid/euid: 1019/1019, PC: 656d2070, SP: b0050b9c
Nov 23 09:43:51 gemelos kernel: PAX: bytes at PC: ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ??
Comment 2 William Waisse 2012-11-23 09:05:16 UTC 
also if I try to build the eggdrop 1.6.19 with the latest tcl I get : 
cd ~/.eggdrop/paola/ ; ./eggdrop eggdrop.conf

Eggdrop v1.6.19+Gentoo (C) 1997 Robey Pointer (C) 2008 Eggheads
*** glibc detected *** ./eggdrop: free(): invalid next size (fast): 0x1104aea8 ***
======= Backtrace: =========
/lib/libc.so.6(+0x7405f)[0xa51f005f]
./eggdrop(+0x36c5c)[0x10fe7c5c]
[0x67692b3a]
======= Memory map: ========
10fb1000-11013000 r-xp 00000000 08:03 162641     /opt/eggdrop/eggdrop-1.6.19
11013000-11014000 r--p 00061000 08:03 162641     /opt/eggdrop/eggdrop-1.6.19
11014000-11017000 rw-p 00062000 08:03 162641     /opt/eggdrop/eggdrop-1.6.19
11017000-11062000 rw-p 00000000 00:00 0          [heap]
a4f85000-a4f9e000 r-xp 00000000 08:03 266291     /lib/libgcc_s.so.1
a4f9e000-a4f9f000 r--p 00018000 08:03 266291     /lib/libgcc_s.so.1
a4f9f000-a4fa0000 rw-p 00019000 08:03 266291     /lib/libgcc_s.so.1
a4fa0000-a4faa000 r-xp 00000000 08:03 266555     /lib/libnss_files-2.15.so
a4faa000-a4fab000 r--p 00009000 08:03 266555     /lib/libnss_files-2.15.so
a4fab000-a4fac000 rw-p 0000a000 08:03 266555     /lib/libnss_files-2.15.so
a4fac000-a4fb5000 r-xp 00000000 08:03 268124     /lib/libnss_nis-2.15.so
a4fb5000-a4fb6000 r--p 00008000 08:03 268124     /lib/libnss_nis-2.15.so
a4fb6000-a4fb7000 rw-p 00009000 08:03 268124     /lib/libnss_nis-2.15.so
a4fc3000-a4fc5000 rw-p 00000000 00:00 0 
a4fc5000-a5107000 r-xp 00000000 08:06 136918     /usr/lib/libxml2.so.2.8.0
a5107000-a510b000 r--p 00142000 08:06 136918     /usr/lib/libxml2.so.2.8.0
a510b000-a510c000 rw-p 00146000 08:06 136918     /usr/lib/libxml2.so.2.8.0
a510c000-a510d000 rw-p 00000000 00:00 0 
a510d000-a5122000 r-xp 00000000 08:03 266557     /lib/libz.so.1.2.7
a5122000-a5123000 r--p 00014000 08:03 266557     /lib/libz.so.1.2.7
a5123000-a5124000 rw-p 00015000 08:03 266557     /lib/libz.so.1.2.7
a5124000-a5178000 r-xp 00000000 08:06 140892     /usr/lib/libisc.so.90.1.1
a5178000-a5179000 ---p 00054000 08:06 140892     /usr/lib/libisc.so.90.1.1
a5179000-a517a000 r--p 00054000 08:06 140892     /usr/lib/libisc.so.90.1.1
a517a000-a517b000 rw-p 00055000 08:06 140892     /usr/lib/libisc.so.90.1.1
a517b000-a517c000 rw-p 00000000 00:00 0 
a517c000-a5301000 r-xp 00000000 08:03 268115     /lib/libc-2.15.so
a5301000-a5302000 ---p 00185000 08:03 268115     /lib/libc-2.15.so
a5302000-a5304000 r--p 00185000 08:03 268115     /lib/libc-2.15.so
a5304000-a5305000 rw-p 00187000 08:03 268115     /lib/libc-2.15.so
a5305000-a5308000 rw-p 00000000 00:00 0
a5308000-a5486000 r-xp 00000000 08:06 131528     /usr/lib/libcrypto.so.1.0.0
a5486000-a5495000 r--p 0017d000 08:06 131528     /usr/lib/libcrypto.so.1.0.0
a5495000-a549a000 rw-p 0018c000 08:06 131528     /usr/lib/libcrypto.so.1.0.0
a549a000-a549e000 rw-p 00000000 00:00 0
a549e000-a54f0000 r-xp 00000000 08:06 132136     /usr/lib/libssl.so.1.0.0
a54f0000-a54f2000 r--p 00052000 08:06 132136     /usr/lib/libssl.so.1.0.0
a54f2000-a54f5000 rw-p 00054000 08:06 132136     /usr/lib/libssl.so.1.0.0
a54f5000-a5508000 r-xp 00000000 08:03 266588     /lib/libnsl-2.15.so
a5508000-a5509000 r--p 00012000 08:03 266588     /lib/libnsl-2.15.so
a5509000-a550a000 rw-p 00013000 08:03 266588     /lib/libnsl-2.15.so
a550a000-a550c000 rw-p 00000000 00:00 0
a550c000-a56ad000 r-xp 00000000 08:06 140919     /usr/lib/libdns.so.93.1.1
a56ad000-a56af000 r--p 001a1000 08:06 140919     /usr/lib/libdns.so.93.1.1
a56af000-a56b2000 rw-p 001a3000 08:06 140919     /usr/lib/libdns.so.93.1.1
a56b2000-a56b3000 rw-p 00000000 00:00 0
a56b3000-a56b5000 r-xp 00000000 08:03 268119     /lib/libdl-2.15.so
a56b5000-a56b6000 r--p 00001000 08:03 268119     /lib/libdl-2.15.so
a56b6000-a56b7000 rw-p 00002000 08:03 268119     /lib/libdl-2.15.so
a56b7000-a56cd000 r-xp 00000000 08:03 268110     /lib/libpthread-2.15.so
a56cd000-a56ce000 r--p 00015000 08:03 268110     /lib/libpthread-2.15.so
a56ce000-a56cf000 rw-p 00016000 08:03 268110     /lib/libpthread-2.15.so
a56cf000-a56d1000 rw-p 00000000 00:00 0
a56d1000-a56f6000 r-xp 00000000 08:03 268108     /lib/libm-2.15.so
a56f6000-a56f7000 r--p 00024000 08:03 268108     /lib/libm-2.15.so
a56f7000-a56f8000 rw-p 00025000 08:03 268108     /lib/libm-2.15.so
a56f8000-a5808000 r-xp 00000000 08:06 134353     /usr/lib/libtcl8.5.so
a5808000-a580b000 r--p 0010f000 08:06 134353     /usr/lib/libtcl8.5.so
a580b000-a580f000 rw-p 00112000 08:06 134353     /usr/lib/libtcl8.5.so
a5811000-a5812000 rw-p 00000000 00:00 0
a5812000-a5818000 r-xp 00000000 08:03 268105     /lib/libnss_compat-2.15.so
a5818000-a5819000 r--p 00006000 08:03 268105     /lib/libnss_compat-2.15.so
a5819000-a581a000 rw-p 00007000 08:03 268105     /lib/libnss_compat-2.15.so
a581a000-a581c000 rw-p 00000000 00:00 0
a581c000-a581d000 r-xp 00000000 00:00 0          [vdso]
a581d000-a583b000 r-xp 00000000 08:03 268106     /lib/ld-2.15.so
a583b000-a583c000 r--p 0001d000 08:03 268106     /lib/ld-2.15.so
a583c000-a583d000 rw-p 0001e000 08:03 268106     /lib/ld-2.15.so
b63dd000-b63fe000 rw-p 00000000 00:00 0          [stack]


 so, again, with grsec, only way to get a working tcl is to package.mask : 
=net-irc/eggdrop-1.6.21
=dev-lang/tcl-8.5.10-r1
Comment 3 Louis Sautier (sbraz) gentoo-dev 2018-10-26 08:36:49 UTC 
This version is really old and has been removed, please let me know if it is still relevant today.
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=758962f595fd876bef0d00e5ba392c1b925aa0c8
Author: Louis Sautier <sbraz@gentoo.org>
Date:   Fri Oct 26 10:32:23 2018 +0200

    net-irc/eggdrop: remove ancient version

    Signed-off-by: Louis Sautier <sbraz@gentoo.org>
    Package-Manager: Portage-2.3.51, Repoman-2.3.11