[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bacula-devel] "buffer overflow detected" error on fedora distributions.


On Mon, 2008-01-28 at 19:43 -0500, Dan Langille wrote:
> Michael Lausch wrote:
> > The error is due to the new (well ~ core 5) buffer overflow checking
> > implemented by gcc and glibc. _FORTIFY_SOURCE=2  activates it. what
> > happens can be read in detail at
> > http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html. but basically
> > the error is a buffer overflow check in parse.c in the bacula library.
> 
> parse.c?  I can't find any parse.c in bacula.

sorry, typo it is src/lib/parse_conf.c
> 

[deleted]

> As previously mentioned, if this is a Fedora specific issue, how can the 
> Bacula project help?

fix the bug? or at least accept patches which fix this bug?
And it's not a fedora issue, it's a  redhat (and therefore CentOS)
issue. See
http://people.redhat.com/jmorris/slides/dw-RedhatSecurity.pdf 

To fix this bug/wart the res_all definition has to be changed to #
extern CURES *res_all;
from 
extern CURES res_all;
and of course fix memeory allocation/deallocation and change access to
struct members from "res_all.x" to "res_all->x".



> 
> In short, we're willing to help, but at present, we have absolutely no idea 
> what you're talking about.  :)

i'm talkling about the error messages like:
http://www.nabble.com/bug-:-Bacula-2.2.7-on-Fedora-8-crashing-with-buffer-overflow!-p14699739.html
http://www.nabble.com/Re:-bacula-2.2.8-rpm-release-(Kaboom!-on-Fedora-8)-p15123573.html
http://www.mail-archive.com/bacula-users@xxxxxxxxxxxxxxxxxxxxx/msg28829.html





-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Bacula-devel mailing list
Bacula-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/bacula-devel


This mailing list archive is a service of Copilotco.