Your message dated Thu, 28 Mar 2013 13:47:59 +0000
with message-id <[email protected]>
and subject line Bug#704025: fixed in olsrd 0.6.2-2.1
has caused the Debian Bug report #704025,
regarding olsrd does not connect with others on amd64
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
704025: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704025
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: olsrd
Version: 0.6.2-2
Severity: grave
Tags: patch pending upstream fixed-upstream wheezy
The net_output() function indirectly uses the stack variables dst and dst6
outside of the scope they're declared in, this might leads to olsr_sendto()
being called with a corrupted destination sockaddr_in.
This failure condition can be observed in the log, olsrd will continuosly
print "sendto(v4): Invalid Argument" or a similar message. On ARM it has been
reported to result in "Unsupported Address Family".
This bug became apparant on a custon OpenWrt x86_64 uClibc target using the
Linaro GCC 4.7-2012.04 compiler, it has been reported for an unspecified ARM
target as well.
The offending code seems to be unchanged since 2008 and it does not cause
issues on 32bit systems and/or with older (Linaro) GCC versions, but the
compiler used in our tests seems to perform more aggressive optimizations
leading to a stack corruption.
full thread and discussion here:
https://lists.olsr.org/pipermail/olsr-dev/2013-March/006718.html
(self signed cert SHA1:
6D 93 1C 9C C3 7C 67 7A 44 A8 C7 B0 2F E7 44 C7 48 D6 27 49)
fix is already included upstream in v0.6.4:
http://olsr.org/git/?p=olsrd.git;a=commitdiff;h=f4d250ad4fad5fcfe5b5feaac3f3e121adef3fba
I marked it 'grave' because it makes olsrd non-functional on platforms like
amd64.
From f4d250ad4fad5fcfe5b5feaac3f3e121adef3fba Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <[email protected]>
Date: Fri, 22 Jun 2012 03:17:59 +0200
Subject: [PATCH] olsrd: fix stack corruption in net_output()
The net_output() function indirectly uses the stack variables dst and dst6
outside of the scope they're declared in, this might leads to olsr_sendto()
being called with a corrupted destination sockaddr_in.
This failure condition can be observed in the log, olsrd will continuosly
print "sendto(v4): Invalid Argument" or a similar message. On ARM it has been
reported to result in "Unsupported Address Family".
This bug became apparant on a custon OpenWrt x86_64 uClibc target using the
Linaro GCC 4.7-2012.04 compiler, it has been reported for an unspecified ARM
target as well.
The offending code seems to be unchanged since 2008 and it does not cause
issues on 32bit systems and/or with older (Linaro) GCC versions, but the
compiler used in our tests seems to perform more aggressive optimizations
leading to a stack corruption.
---
src/net_olsr.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/net_olsr.c b/src/net_olsr.c
index 7d85f4f..66e103d 100644
--- a/src/net_olsr.c
+++ b/src/net_olsr.c
@@ -336,6 +336,8 @@ net_output(struct interface *ifp)
{
struct sockaddr_in *sin = NULL;
struct sockaddr_in6 *sin6 = NULL;
+ struct sockaddr_in dst;
+ struct sockaddr_in6 dst6;
struct ptf *tmp_ptf_list;
union olsr_packet *outmsg;
int retval;
@@ -354,7 +356,6 @@ net_output(struct interface *ifp)
outmsg->v4.olsr_packlen = htons(ifp->netbuf.pending);
if (olsr_cnf->ip_version == AF_INET) {
- struct sockaddr_in dst;
/* IP version 4 */
sin = (struct sockaddr_in *)&ifp->int_broadaddr;
@@ -365,7 +366,6 @@ net_output(struct interface *ifp)
if (sin->sin_port == 0)
sin->sin_port = htons(olsr_cnf->olsrport);
} else {
- struct sockaddr_in6 dst6;
/* IP version 6 */
sin6 = (struct sockaddr_in6 *)&ifp->int6_multaddr;
/* Copy sin */
--
1.7.9.5
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: olsrd
Source-Version: 0.6.2-2.1
We believe that the bug you reported is fixed in the latest version of
olsrd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
John Paul Adrian Glaubitz <[email protected]> (supplier of updated
olsrd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 28 Mar 2013 04:29:10 +0100
Source: olsrd
Binary: olsrd olsrd-plugins olsrd-gui
Architecture: source amd64
Version: 0.6.2-2.1
Distribution: testing-proposed-updates
Urgency: low
Maintainer: Roland Stigge <[email protected]>
Changed-By: John Paul Adrian Glaubitz <[email protected]>
Description:
olsrd - optimized link-state routing daemon (unik-olsrd)
olsrd-gui - GTK GUI to control and get info about olsrd
olsrd-plugins - various plugins to enhance olsrd
Closes: 704025
Changes:
olsrd (0.6.2-2.1) testing-proposed-updates; urgency=low
.
* Non-maintainer upload.
* Include upstream patch to fix stack corruption in
net output (Closes: #704025).
Checksums-Sha1:
b5cb8179384f74d7602a1ed6f7a6860a811cfb49 1936 olsrd_0.6.2-2.1.dsc
2e7b74b7b88dd1f4e1b0870289a3abb980a6b4dc 794738 olsrd_0.6.2.orig.tar.gz
8b807645af9d330747de66bad1291460a34035ea 19385 olsrd_0.6.2-2.1.debian.tar.gz
2e27d7940510d7b5df26e49ef590d167f01e18dd 235566 olsrd_0.6.2-2.1_amd64.deb
0bdf224b6c4bf598bcc68b980b563122af92a3ef 264654
olsrd-plugins_0.6.2-2.1_amd64.deb
4ebfef69dbea801004d5215415022dcd5aa86ed6 82272 olsrd-gui_0.6.2-2.1_amd64.deb
Checksums-Sha256:
ef11aa1ef9f1abc370a63e4ebbca84d42fffb752e62decb68ab61d689cea9b8e 1936
olsrd_0.6.2-2.1.dsc
e372603d937d1a45ab1849c1a7b3d4090cd56e0c20ac194c35776c22f09cb8d3 794738
olsrd_0.6.2.orig.tar.gz
953595f2c2b1688998a6ea1ad152df41b33fcc8c07a569117b5cea35752e2eae 19385
olsrd_0.6.2-2.1.debian.tar.gz
7cd48d409f552fc1a07b006231e09fa21ff15a3122dc1f9042d498f2843253da 235566
olsrd_0.6.2-2.1_amd64.deb
45efe37973959d88936f6a5ff092e6e13f42d99a2e0014af0968a12a9d2c33e8 264654
olsrd-plugins_0.6.2-2.1_amd64.deb
14ffacbd9876b106df1b95deb0c758ca65b9a5a249fc58e73c24978503eab1a9 82272
olsrd-gui_0.6.2-2.1_amd64.deb
Files:
406b9bc518a6d0942fb8583ea05feb02 1936 net extra olsrd_0.6.2-2.1.dsc
d856738f6c77f60c0ffa8efd38674ed6 794738 net extra olsrd_0.6.2.orig.tar.gz
b129e77792c5a5342fc04d8b76e49343 19385 net extra olsrd_0.6.2-2.1.debian.tar.gz
8d50915cbe1165a42681785337e1ca9a 235566 net extra olsrd_0.6.2-2.1_amd64.deb
e82987878ca48bfa2cbe540bfea84249 264654 net extra
olsrd-plugins_0.6.2-2.1_amd64.deb
6f5f547d4ed3220bb53ede20a401ef70 82272 net extra olsrd-gui_0.6.2-2.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJRU7pKAAoJEHQmOzf1tfkTB0EP/jZbiqEBw2qdAtnQFZkRcxKu
mGF2BPtn6GO+7gf7rtsRc0618PBGzA0f+Uhyh9UzrwLvxnf151GXui0WC5uGStsG
trqgk228OUSgkUZEK/C+hDjvtS4R2zg9yY/yNN+WArPCX/TYfCz5lkhmMBSLFjWJ
XKU3MeII060lEiGoccxCgELWTmKQpqYWNVN7NZaAHM88kpXKbf5/lQ3WF6E0VWnP
2PE+xYwkgnpyI72+K6TXYHDfNz7ke01zPpvG3RUwBVoNHY3kMAvxVVPSn8QO2OF/
DK5t0YWS3d7y1DKL2Mfy113M8/JiB0+WuW3eMFUf3rz+cqMeENnfuujKl+1nBaz9
2EqPXSetWBJaxfd3aoNcGrupX3a5DUQqw30IfTkHiTbYW4JEDACCs1IrX1ghu9Yj
GS5L5tKl8AOzj0MG+xb9xo3UXLiylGnIWTBxPl3XWCfdf3voPzizSafBIlqV3d69
cIj77/MsfN6LL77iqRDdg0CoSXnQ2P4QnVoBPUO1knU739P0KV95JPcqYiZxzZCm
dc1nXmptliwO78riQPMFmif30LhUBt/3ki20I3gF2mqkROTtL31GPZ6PbMFzOHCn
8ipT/in960oyHM8s+OTP1gDmL2dG0P/NfjCoMNVAmpcaSL5qD3imZbcvrPTyMM15
tZtkSahFPnTMrd+oECfE
=TRJ+
-----END PGP SIGNATURE-----
--- End Message ---
