On Tuesday 29 January 2008 08.12:45 Michael Lausch wrote: > On Mon, 2008-01-28 at 19:43 -0500, Dan Langille wrote: > > Michael Lausch wrote: > > > The error is due to the new (well ~ core 5) buffer overflow checking > > > implemented by gcc and glibc. _FORTIFY_SOURCE=2 activates it. what > > > happens can be read in detail at > > > http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html. but basically > > > the error is a buffer overflow check in parse.c in the bacula library. > > > > parse.c? I can't find any parse.c in bacula. > > sorry, typo it is src/lib/parse_conf.c > > > [deleted] > > > As previously mentioned, if this is a Fedora specific issue, how can the > > Bacula project help? > > fix the bug? or at least accept patches which fix this bug? > And it's not a fedora issue, it's a redhat (and therefore CentOS) > issue. See > http://people.redhat.com/jmorris/slides/dw-RedhatSecurity.pdf
I would recommend that you file a bug report against RedHat. Their code is broken. I am using memset() which works on a given number of bytes, and they should not be mucking around aborting a program just because *they* think the size is incorrect. The one thing you might try before sending a bug report is to change the memset from: memset(&res_all, 0, res_all_size); to memset((char *)&res_all, 0, res_all_size); I could see that one could make an argument for detecting an overrun in the first case, but in the second case, if they abort the program, then it is just plain wrong. Best regards, Kern PS: if you turn on FORTIFY_SOURCE I suspect that you will run into a number of other unexpected problems. FORTIFY_SOURCE is not something we use in testing, thus you take your chances ... > > To fix this bug/wart the res_all definition has to be changed to # > extern CURES *res_all; > from > extern CURES res_all; > and of course fix memeory allocation/deallocation and change access to > struct members from "res_all.x" to "res_all->x". > > > In short, we're willing to help, but at present, we have absolutely no > > idea what you're talking about. :) > > i'm talkling about the error messages like: > http://www.nabble.com/bug-:-Bacula-2.2.7-on-Fedora-8-crashing-with-buffer-o >verflow!-p14699739.html > http://www.nabble.com/Re:-bacula-2.2.8-rpm-release-(Kaboom!-on-Fedora-8)-p1 >5123573.html > http://www.mail-archive.com/[EMAIL PROTECTED]/msg28829.htm >l > > > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2008. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Bacula-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/bacula-devel ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Bacula-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-devel
