Hi Aurelien, On Sun, Feb 07, 2010 at 02:13:08PM +0100, Aurelien Jarno wrote: > > I would like to include the following patches that Ubuntu has carried for > > several releases now. (Note that submitted-leading-zero-stack-guard.diff > > will need to be adjusted slightly if stack-guard-quick-randomization.diff > > is not applied.) > > I have applied the two stack protection patches in the Debian package, > but not the two other ones. See my comments below.
Excellent, thanks! > > no-sprintf-pre-truncate.diff > > The sprintf function used when -D_FORTIFY_SOURCE=2 is used incorrectly > > pre-truncates the destination buffer; this changes the long-standing > > expectation of sprintf(foo,"%sbaz",foo) to work. See the patch for > > further discussion. > > As explained in the bug report, this code is not valid anyway. If we > want people to fix their code, we should not workaround the issue. Also > I am not able to evaluate the impact on the fix, and don't know if it > may introduce a security bug. Right, it's incorrect, but around 200 packages[1] use it and expect the prior behavior. I don't feel there is a security issue here, but I can respect not wanting to change it. 200 is a pretty small number of packages compared to the overall size of the archive. Perhaps I can re-scan the archive and actually do the mass bug filing. > > local-fwrite-no-attr-unused.diff > > Again, patch contains discussion, but basically, this disables a > > useless and noisy warning that -D_FORTIFY_SOURCE=2 triggers. > > I think people should either not use -D_FORTIFY_SOURCE=2 or fix their > code. This is a warning anyway. I agree an error can happens up to the > fclose() call, but it's not an excuse to not check possible errors at > the fwrite() level. The real bug is actually that fclose() is not marked > __wur, and that's probably what has to be fixed. Yeah, I would tend to agree. The main glitch was that there is no compiler option to turn off the warning. :( Thanks for reviewing the patches! -Kees [1] http://lists.debian.org/debian-devel/2008/12/msg01079.html -- Kees Cook @debian.org -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org