50789 – dev-lisp/mzscheme-205: fails with stack smashing attack

Bug 50789 - dev-lisp/mzscheme-205: fails with stack smashing attack

Summary: dev-lisp/mzscheme-205: fails with stack smashing attack

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Hardened (show other bugs)
Hardware:	All All

Importance:	High major (vote)
Assignee:	Hardened Gentoo

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	59507
	Show dependency tree

Reported:	2004-05-11 13:10 UTC by Philipp Kern
Modified:	2006-06-04 09:07 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
portage emerge logfile (2173-mzscheme-205.log,36.87 KB, text/plain) 2004-05-11 13:10 UTC, Philipp Kern	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Philipp Kern 2004-05-11 13:10:13 UTC

echo /usr/lib
/usr/lib
make[2]: Leaving directory `/mnt/hda6/var/tmp/portage/mzscheme-205/work/plt/src'
make[1]: Leaving directory `/mnt/hda6/var/tmp/portage/mzscheme-205/work/plt/src'
make finish-stub
make[1]: Entering directory `/mnt/hda6/var/tmp/portage/mzscheme-205/work/plt/src'
if [ normal-install = "normal-install" ] ; then cd /var/tmp/portage/mzscheme-205/image//usr; ./install ; fi
mzscheme: stack smashing attack in function read()
make[1]: *** [copy-finish] Error 139
make[1]: Leaving directory `/mnt/hda6/var/tmp/portage/mzscheme-205/work/plt/src'
make: *** [install] Error 2

!!! ERROR: dev-lisp/mzscheme-205 failed.
!!! Function einstall, Line 388, Exitcode 2
!!! einstall failed


!!! ERROR: dev-lisp/mzscheme-205 failed.
!!! Function src_install, Line 33, Exitcode 1
!!! installation failed


Portage 2.0.50-r6 (default-x86-1.4, gcc-3.3.3, glibc-2.3.3_pre20040420-r0, 2.4.22-gentoo-r7)
=================================================================
System uname: 2.4.22-gentoo-r7 i686 Pentium III (Katmai)
Gentoo Base System version 1.4.11
distcc 2.14 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
ccache version 2.3 [enabled]
Autoconf: sys-devel/autoconf-2.59-r3
Automake: sys-devel/automake-1.8.3
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CFLAGS="-O3 -march=pentium3 -fprefetch-loop-arrays -funroll-loops -pipe -fomit-frame-pointer -frerun-loop-opt -falign-functions=4 -fforce-mem -ffast-math -finline-functions -foptimize-sibling-calls -mmmx -fstack-protector"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/afs/C /etc/afs/afsws /etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O3 -march=pentium3 -fprefetch-loop-arrays -funroll-loops -pipe -fomit-frame-pointer -frerun-loop-opt -falign-functions=4 -fforce-mem -ffast-math -finline-functions -foptimize-sibling-calls -mmmx -fstack-protector -Wno-deprecated"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs ccache sandbox"
GENTOO_MIRRORS="http://ftp6.uni-erlangen.de/pub/mirrors/gentoo http://ftp.uni-erlangen.de/pub/mirrors/gentoo http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ http://ftp.easynet.nl/mirror/gentoo/"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.de.gentoo.org/gentoo-portage"
USE="acl apache2 berkdb crypt exiscan-acl gd gdbm gif gtk2 imap imlib innodb ipv6 jpeg libwww maildir mbox memlimit mysql ncurses nls oss pam pdflib perl png python readline ruby slang sse ssl tcpd tetex x86 xml2 xmms zlib"

Comment 1 Philipp Kern 2004-05-11 13:10:53 UTC

Created attachment 31208 [details]
portage emerge logfile

Comment 2 solar (RETIRED) gentoo-dev

2004-05-11 13:38:56 UTC

well you found an overflow. I don't know lisp for dirt and thus have no idea how to fix this.

Comment 3 Matthew Kennedy (RETIRED) gentoo-dev

2004-05-11 16:49:24 UTC

It turns out that mzscheme is quite sensitive to optimization flags.  Even for a fairly sane set, it can cause ill-formed code/segfaults etc.  I would recommend reducing your CFLAGS, but I'm going to unset CFLAGS in the ebuild itself and let mzscheme decide what is OK.