Your message dated Thu, 28 Mar 2013 14:48:41 +0000
with message-id <[email protected]>
and subject line Bug#704025: fixed in olsrd 0.6.3-5.1
has caused the Debian Bug report #704025,
regarding olsrd does not connect with others on amd64
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
704025: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704025
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: olsrd
Version: 0.6.2-2
Severity: grave
Tags: patch pending upstream fixed-upstream wheezy
The net_output() function indirectly uses the stack variables dst and dst6
outside of the scope they're declared in, this might leads to olsr_sendto()
being called with a corrupted destination sockaddr_in.
This failure condition can be observed in the log, olsrd will continuosly
print "sendto(v4): Invalid Argument" or a similar message. On ARM it has been
reported to result in "Unsupported Address Family".
This bug became apparant on a custon OpenWrt x86_64 uClibc target using the
Linaro GCC 4.7-2012.04 compiler, it has been reported for an unspecified ARM
target as well.
The offending code seems to be unchanged since 2008 and it does not cause
issues on 32bit systems and/or with older (Linaro) GCC versions, but the
compiler used in our tests seems to perform more aggressive optimizations
leading to a stack corruption.
full thread and discussion here:
https://lists.olsr.org/pipermail/olsr-dev/2013-March/006718.html
(self signed cert SHA1:
6D 93 1C 9C C3 7C 67 7A 44 A8 C7 B0 2F E7 44 C7 48 D6 27 49)
fix is already included upstream in v0.6.4:
http://olsr.org/git/?p=olsrd.git;a=commitdiff;h=f4d250ad4fad5fcfe5b5feaac3f3e121adef3fba
I marked it 'grave' because it makes olsrd non-functional on platforms like
amd64.
From f4d250ad4fad5fcfe5b5feaac3f3e121adef3fba Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <[email protected]>
Date: Fri, 22 Jun 2012 03:17:59 +0200
Subject: [PATCH] olsrd: fix stack corruption in net_output()
The net_output() function indirectly uses the stack variables dst and dst6
outside of the scope they're declared in, this might leads to olsr_sendto()
being called with a corrupted destination sockaddr_in.
This failure condition can be observed in the log, olsrd will continuosly
print "sendto(v4): Invalid Argument" or a similar message. On ARM it has been
reported to result in "Unsupported Address Family".
This bug became apparant on a custon OpenWrt x86_64 uClibc target using the
Linaro GCC 4.7-2012.04 compiler, it has been reported for an unspecified ARM
target as well.
The offending code seems to be unchanged since 2008 and it does not cause
issues on 32bit systems and/or with older (Linaro) GCC versions, but the
compiler used in our tests seems to perform more aggressive optimizations
leading to a stack corruption.
---
src/net_olsr.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/net_olsr.c b/src/net_olsr.c
index 7d85f4f..66e103d 100644
--- a/src/net_olsr.c
+++ b/src/net_olsr.c
@@ -336,6 +336,8 @@ net_output(struct interface *ifp)
{
struct sockaddr_in *sin = NULL;
struct sockaddr_in6 *sin6 = NULL;
+ struct sockaddr_in dst;
+ struct sockaddr_in6 dst6;
struct ptf *tmp_ptf_list;
union olsr_packet *outmsg;
int retval;
@@ -354,7 +356,6 @@ net_output(struct interface *ifp)
outmsg->v4.olsr_packlen = htons(ifp->netbuf.pending);
if (olsr_cnf->ip_version == AF_INET) {
- struct sockaddr_in dst;
/* IP version 4 */
sin = (struct sockaddr_in *)&ifp->int_broadaddr;
@@ -365,7 +366,6 @@ net_output(struct interface *ifp)
if (sin->sin_port == 0)
sin->sin_port = htons(olsr_cnf->olsrport);
} else {
- struct sockaddr_in6 dst6;
/* IP version 6 */
sin6 = (struct sockaddr_in6 *)&ifp->int6_multaddr;
/* Copy sin */
--
1.7.9.5
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: olsrd
Source-Version: 0.6.3-5.1
We believe that the bug you reported is fixed in the latest version of
olsrd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
John Paul Adrian Glaubitz <[email protected]> (supplier of updated
olsrd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 28 Mar 2013 15:13:27 +0100
Source: olsrd
Binary: olsrd olsrd-plugins olsrd-gui
Architecture: source amd64
Version: 0.6.3-5.1
Distribution: unstable
Urgency: low
Maintainer: Roland Stigge <[email protected]>
Changed-By: John Paul Adrian Glaubitz <[email protected]>
Description:
olsrd - optimized link-state routing daemon (unik-olsrd)
olsrd-gui - GTK GUI to control and get info about olsrd
olsrd-plugins - various plugins to enhance olsrd
Closes: 704025
Changes:
olsrd (0.6.3-5.1) unstable; urgency=low
.
* Non-maintainer upload.
* Include upstream patch to fix stack corruption in
net output (Closes: #704025).
Checksums-Sha1:
bf1b9412f0c2dee915a3c54890d2d0bf104f3611 2005 olsrd_0.6.3-5.1.dsc
d949a46904e2c2ff694e8350cc5bbffb26d5011b 5447995 olsrd_0.6.3.orig.tar.bz2
27050dfe4076d7647cbf872a06ff853309aadcb2 30975 olsrd_0.6.3-5.1.debian.tar.gz
66e52f516fcadd35e600b8f8645f590a2f07996d 250700 olsrd_0.6.3-5.1_amd64.deb
e8e8fbfc5661f20a809afc9cf0f8e4c6aae8e244 214500
olsrd-plugins_0.6.3-5.1_amd64.deb
fc82e3e109e93dfe33cd09efe10b9c9db6763a74 95006 olsrd-gui_0.6.3-5.1_amd64.deb
Checksums-Sha256:
30f48ab6573e5e506c95d9dde49ab45315eab8f086200fe54e52da380b26663c 2005
olsrd_0.6.3-5.1.dsc
ef31bb604859737437019e282650b8292515b7a4789b432aae6c42393ab7b9ca 5447995
olsrd_0.6.3.orig.tar.bz2
fae06512e167187fa03e19d7ffa8647c5817993e2f9231e7fc957c60d4b4887c 30975
olsrd_0.6.3-5.1.debian.tar.gz
b654a636d878fff65bcdf03e5d5e5ea22c2a2e22f1195ff839884e191531b2f7 250700
olsrd_0.6.3-5.1_amd64.deb
7892d21ea99e570201eed9b1dc48f51b568229d294626e1a09a05a6c41dc3c94 214500
olsrd-plugins_0.6.3-5.1_amd64.deb
025004be6c67c37d2edbbb5bd02c5042d747a848a4b98ce8cd8d4835108b780e 95006
olsrd-gui_0.6.3-5.1_amd64.deb
Files:
85f4182659ffb17d5e646bf5f352113f 2005 net extra olsrd_0.6.3-5.1.dsc
b28ed2e3dc6c529ab690f1c805ad32a2 5447995 net extra olsrd_0.6.3.orig.tar.bz2
d7e1949981deb5c1483def7a07d3cedf 30975 net extra olsrd_0.6.3-5.1.debian.tar.gz
6460dc88c3cb95f84b9441a99d5a42e1 250700 net extra olsrd_0.6.3-5.1_amd64.deb
14baf3944739d948760a0055c3682f3d 214500 net extra
olsrd-plugins_0.6.3-5.1_amd64.deb
7862b920ebc28ebaadff8566bbd02375 95006 net extra olsrd-gui_0.6.3-5.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJRVFL6AAoJEHQmOzf1tfkT/YIQAL/Fdsvr0keXBD6k6aYw+o19
4vNQ/lYzg1cucBwK3P45zzLsqwluxpYymUVW6eiiEfJXcYOKZ8rjSSF91gbWQx6Z
204cj5+APuuzTBnvPekvg3Oe+FvtYC3HGp9ZR6lleigm+uacytryhfqz8FzsN3v9
NaEYDb9COAcxe4N6hkbXACC/HXD/LCbacCGGfAX0onoKKvGOvqf2itJmRG6wBFTr
Gv5AOieh3Z4hZanm0KLcjve3hZteH6DIAOoTq00jMM3FZVXBuWAsEvjU0AXeMO6l
IAyOdOpOTBXvp1Tcz9fdDt3mJe2XObi3NZJdh6SbofKoVOgWZq2SGei2gQP2My9H
SqIrD1g2lhYtkioRoZGE6MVxZjRDsgaXr5J+VRvEaaJYywyo8a9YtBvCSQVPHs8z
bwmBhuuLBlDwcP5JhoulHEO7o/FICjsXNsqMk3tdQcKn0KR7/WDmBMoIZy2mMWqk
xfloleiACtfJdggsqmXwi773Bb/yVxOXYdIotNCTL9PiqE3HRv7prJ7laqVUF07p
oqcRnQBKPf036a7EzvQvQcbsg3IE2X1B3OqjyDLFS0gcX5Edq/qk3ybHeXimh5hf
Nkj5VBJmpEQ0YoKCF5fSuovoq8UDN98YkapRMyFBNH5W7Bd+g33KihMwvlm7+ps9
wBQ/AXYH3SPnup7gLXTF
=ddWs
-----END PGP SIGNATURE-----
--- End Message ---
