On Thu, 2008-10-16 at 22:52 +0200, Daniel Gollub wrote: > plain text document attachment (fix-buffer_overflow-inode01.patch) > Array size of path_list_string gets exceeded and cause an buffer overflow, > when building with -D_FORTIFY_SOURCE=2 > > ======= Backtrace: ========= > /lib64/libc.so.6(__chk_fail+0x2f)[0x2b3f94ec831f] > /lib64/libc.so.6[0x2b3f94ec73c3] > /root/ltp/ltp-full-20080916/testcases/kernel/fs/inode/inode01[0x4020e3] > /lib64/libc.so.6(__libc_start_main+0xf4)[0x2b3f94e13184] > /root/ltp/ltp-full-20080916/testcases/kernel/fs/inode/inode01[0x401609] > ======= Memory map: ======== > [...] > > > Program received signal SIGABRT, Aborted. > 0x00002b3f94e25bb5 in raise () from /lib64/libc.so.6 > (gdb) bt > #0 0x00002b3f94e25bb5 in raise () from /lib64/libc.so.6 > #1 0x00002b3f94e26fb0 in abort () from /lib64/libc.so.6 > #2 0x00002b3f94e5c32b in __libc_message () from /lib64/libc.so.6 > #3 0x00002b3f94ec831f in __chk_fail () from /lib64/libc.so.6 > #4 0x00002b3f94ec73c3 in __strcat_chk () from /lib64/libc.so.6 > #5 0x00000000004020e3 in main () at inode01.c:169 > (gdb) up > [...] > #5 0x00000000004020e3 in main () at inode01.c:169 > 169 strcat(path_list_string, "path_list"); > > > Array size of path_list_string needs to be increased to handle PIDs which > exceed 4-digits. > > Signed-off-by: Daniel Gollub <[EMAIL PROTECTED]> > > --- > testcases/kernel/fs/inode/inode01.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > Index: ltp-full-20080916/testcases/kernel/fs/inode/inode01.c > =================================================================== > --- ltp-full-20080916.orig/testcases/kernel/fs/inode/inode01.c > +++ ltp-full-20080916/testcases/kernel/fs/inode/inode01.c > @@ -109,7 +109,7 @@ int main() > int gen_ret_val, ch_ret_val, level; > int ret_val; > int generate(), check(); > - char path_list_string[18]; > + char path_list_string[PATH_STRING_LENGTH + 1];
Correctly said. Merged. Regards-- Subrata > int status; > int len; > int term(); > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > Ltp-list mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/ltp-list ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Ltp-list mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ltp-list
