R14B01: buffer overflow detected during compilation with -D_FORTIFY_SOURCE=2 (x86_64)
Locked
 
|
Most distributions nowadays adds the -D_FORTIFY_SOURCE=2 flag during package compilation. I tried updating my erlang package (openSUSE 11.3, x86_64) from R14B to R14B01 and received the following error (also see the attached build.log.fortsource2 - compressed due to its file size):
*** buffer overflow detected ***: /usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp terminated ======= Backtrace: ========= /lib64/libc.so.6(__fortify_fail+0x37)[0x2b64930b0067] /lib64/libc.so.6(+0xe4e10)[0x2b64930ade10] /usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp[0x584047] /usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp(erts_write_to_port+0x97f)[0x4946ef] /usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp[0x50fcb9] /usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp(process_main+0x2eba)[0x53b36a] /usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp[0x4a1772] /usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp[0x5aee94] /lib64/libpthread.so.0(+0x6a4f)[0x2b6492ba8a4f] /lib64/libc.so.6(clone+0x6d)[0x2b649309982d] Setting -D_FORTIFY_SOURCE=1 allows erlang to be build but the buffer overflow is probably still there and dangerous... R14B did not show this behaviour. Additionally, could you correct the dependencies in the makefiles in order to allow make -j2 and higher? Regards Nico Kruber |
build.log.fortsource2.gz (26K)
|
Hi,
Nico Kruber <[hidden email]>: > Setting -D_FORTIFY_SOURCE=1 allows erlang to be build but the buffer > overflow is probably still there and dangerous... R14B did not show > this behaviour. Maybe this hides a security problems? > Additionally, could you correct the dependencies in the makefiles in > order to allow make -j2 and higher? Is this safe now? Gentoo builds with -j1 for ages because of problems reported with Erlang 11. V-Li -- Christian Faulhammer, Gentoo Lisp project <URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode <URL:http://gentoo.faulhammer.org/> |
|
|
On Tuesday 14 December 2010 13:17:43 Christian Faulhammer wrote:
> Hi, > > Nico Kruber <[hidden email]>: > > Setting -D_FORTIFY_SOURCE=1 allows erlang to be build but the buffer > > overflow is probably still there and dangerous... R14B did not show > > this behaviour. > > Maybe this hides a security problems? that's what I suspected, too (it merely hides the error) > > Additionally, could you correct the dependencies in the makefiles in > > order to allow make -j2 and higher? > > Is this safe now? Gentoo builds with -j1 for ages because of problems > reported with Erlang 11. no - I tried with -j2 and it does not work yet :( |
|
|
In reply to this post by Nico Kruber
Hi,
Nico Kruber <[hidden email]>: > Most distributions nowadays adds the -D_FORTIFY_SOURCE=2 flag during > package compilation. I tried updating my erlang package (openSUSE > 11.3, x86_64) from R14B to R14B01 and received the following error > (also see the attached build.log.fortsource2 - compressed due to its > file size): [...] > Setting -D_FORTIFY_SOURCE=1 allows erlang to be build but the buffer > overflow is probably still there and dangerous... R14B did not show > this behaviour. As you can see, a lot of people are hitting this problem on Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=348559 Is there a fix available already somewhere? V-Li -- Christian Faulhammer, Gentoo Lisp project <URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode <URL:http://gentoo.faulhammer.org/> |
|
|
|
Hi,
Kenneth Lundin <[hidden email]>: > Has -D_FORTIFY_SOURCE been tried on R14B as well and did not show any > buffer overflow? There would have been reports (I maintain the package for Gentoo, where users build the package on their system)...and there were none. We use FORTIFY_SOURCE for some time now. > As I understand it -D_FORTIFY_SOURCE is a patch to GCC developed by > Redhat and =2 can also report buffer flow for code that is correct. It is included in the trunk version and used by many distributions nowadays, especially for the server/hardened systems. > If this buffer overflow indeed is a real bug then of course we want to > find it and correct it. Would be nice. V-Li -- Christian Faulhammer, Gentoo Lisp project <URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode <URL:http://gentoo.faulhammer.org/> |
|
|
On Tuesday 21 December 2010 11:56:31 Christian Faulhammer wrote:
> Kenneth Lundin <[hidden email]>: > > Has -D_FORTIFY_SOURCE been tried on R14B as well and did not show any > > buffer overflow? > > There would have been reports (I maintain the package for Gentoo, > where users build the package on their system)...and there were none. > We use FORTIFY_SOURCE for some time now. I can second this for openSUSE 11.3 - FORTIFY_SOURCE has been used before and R14B did not show this overflow (as mentioned in my first email) > > As I understand it -D_FORTIFY_SOURCE is a patch to GCC developed by > > Redhat and =2 can also report buffer flow for code that is correct. > > It is included in the trunk version and used by many distributions > nowadays, especially for the server/hardened systems. > > > If this buffer overflow indeed is a real bug then of course we want to > > find it and correct it. > > Would be nice. |
|
|
|
I also tried with a clean R14B01 (without distro-patches and without all the build service "overhead" from the log I provided, e.g. environment variables) - same result.
so I just used this (openSUSE 11.3, x86_64, dual-core CPU, GCC is 4.5.0_20100604-1.12): ./configure --with-ssl=/usr --enable-threads --enable-smp-support --enable-kernel-poll --enable-hipe --enable-shared-zlib make If you can access the openSUSE BuildService, you can exactly reproduce the environment I (normally) built my packages on: (you can install the osc command line client from a repository in http://software.opensuse.org/download/openSUSE:/Tools/ available for a lot of distributions) osc checkout home:tschuett erlang cd home\:tschuett/erlang osc build --ccache openSUSE_11.3 erlang.spec (--ccache is just for performance in case of re-compilation) It will download all rpms required to build the package and set up a chroot environment for it. You can remove the distribution specific patches as well as my workaround setting D_FORTIFY_SOURCE=1 in the .spec file. The error message is _always_ there and always in the same file. Nico On Wednesday 22 December 2010 14:37:38 Björn-Egil Dahlberg wrote: > Hi, > > I am trying to reproduce this error, but I am sad to say that I seem to > be missing something. Now, I am not a build environment expert but this > should be straight forward right? > > First off, this is otp_src_R14B01 with no distribution specific patches > applied? Seems unlikely, since both Gentoo and openSUSE hits this error. > > Now, I don't have any gentoo or opensuse x86_64 available, I have a > 32-bit gentoo which doesn't seem to produce this error (i didn't expect > it to), and plenty of SuSE sled/sles 10.1 - 2 x86_64, which doesn't have > the compiler. > > I do have some newer x86_64 Ubuntu's so I tried with gcc (Ubuntu > 4.4.3-4ubuntu5) 4.4.3. This compiler should have the fortify sources > patch (default since 9.10). -D_FORTIFY_SOURCE=2 shouldn't be needed > since -02 and higher implies this option. A small testprogram confirms > that -02 and memcpy check works anyways. > > But, No luck. > > I tried emulating what Nico did in his build script, like this, > > tar -zxvf otp_src_R14B01.tar.gz > > cd otp_src_R14B01 > > export ERL_TOP=`pwd` > > export 'CFLAGS=-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 > -fstack-protector -funwind-tables -fasynchronous-unwind-tables > -fno-strict-aliasing' > > export 'CXXFLAGS=-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 > -fstack-protector -funwind-tables -fasynchronous-unwind-tables > -fno-strict-aliasing' > > export FFLAGS='-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 > -fstack-protector -funwind-tables -fasynchronous-unwind-tables' > > ./configure --host=x86_64-unknown-linux-gnu > --build=x86_64-unknown-linux-gnu --with-ssl=/usr --enable-threads > --enable-smp-support --enable-kernel-poll --enable-hipe --enable-shared-zlib > > ulimit -c unlimited > > make > > No errors, all is great. > > > So something is wrong. Either in the assumptions or the setup. > Everything from stack-protectors, valgrind and other fortifications says > everything is fine. > > Is the error consistent? Does it appear everytime and on the same file? > hipe_rtl.erl? It should anyways. > > Could someone please give me some pointers on how to reproduce this? > > // Björn-Egil > Erlang/OTP > > > > On 2010-12-21 11:56, Christian Faulhammer wrote: > > Hi, > > > > Kenneth Lundin<[hidden email]>: > >> Has -D_FORTIFY_SOURCE been tried on R14B as well and did not show any > >> buffer overflow? > > > > There would have been reports (I maintain the package for Gentoo, > > where users build the package on their system)...and there were none. > > We use FORTIFY_SOURCE for some time now. > > > >> As I understand it -D_FORTIFY_SOURCE is a patch to GCC developed by > >> Redhat and =2 can also report buffer flow for code that is correct. > > > > It is included in the trunk version and used by many distributions > > nowadays, especially for the server/hardened systems. > > > >> If this buffer overflow indeed is a real bug then of course we want to > >> find it and correct it. > > > > Would be nice. > > > > V-Li |
|
|
In reply to this post by Björn-Egil Dahlberg
Hi,
Björn-Egil Dahlberg <[hidden email]>: > I am trying to reproduce this error, but I am sad to say that I seem > to be missing something. Now, I am not a build environment expert but > this should be straight forward right? It might be depending on GCC 4.5. 4.4 seems fine. V-Li -- Christian Faulhammer, Gentoo Lisp project <URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode <URL:http://gentoo.faulhammer.org/> |
|
|
|
In reply to this post by Nico Kruber
Hi,
Nico Kruber <[hidden email]>: > Most distributions nowadays adds the -D_FORTIFY_SOURCE=2 flag during > package compilation. I tried updating my erlang package (openSUSE > 11.3, x86_64) from R14B to R14B01 and received the following error > (also see the attached build.log.fortsource2 - compressed due to its > file size): This seems to be specific to 64bit arches as people could reproduce the problem with GCC 4.4. PLD Linux offers a fix (so they say, I still need reports from our users) in http://cvs.pld-linux.org/cgi-bin/cvsweb/packages/erlang/erlang-fortify.patch V-Li -- Christian Faulhammer, Gentoo Lisp project <URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode <URL:http://gentoo.faulhammer.org/> |
|
|
|
|
|
|
|
|
|
Hi,
<[hidden email]>: > The change that fixes this will be visible at github as soon as out > daily builds has accepted it, most probably before the end of the > week. At least talking about a bad fix made you create a better one. :) The fix from https://github.com/erlang/otp/commit/3b7fd1030711ad56fa45d18dc6e0f1d0beee2399 gets applied in Gentoo land, although this is my last action as maintainer due to work constraints. Dirkjan Ochtman (djc AT gentoo.org) takes over. Bye and thanks for being a really friendly upstream to all Erlang developers. V-Li -- Christian Faulhammer, Gentoo Lisp project <URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode <URL:http://gentoo.faulhammer.org/> |
Loading...
| Powered by Nabble | Edit this page |