Am 04.08.2009 14:59, schrieb Dominique Pellé: > Bram Moolenaar wrote: > > >> Karsten Hopp wrote: >> >> >>> We've rebuilt all Fedora-12 packages and vim was one of the programs >>> that failed to >>> run with enhanced glibc fortify features: >>> >>> vi >>> *** buffer overflow detected ***: vim terminated >>> ======= Backtrace: ========= >>> /lib64/libc.so.6(__fortify_fail+0x37)[0x7f780f90df47] >>> /lib64/libc.so.6[0x7f780f90bee0] >>> vim(eval_init+0x6f)[0x45a5cf] >>> vim(main+0x82)[0x4ac952] >>> /lib64/libc.so.6(__libc_start_main+0xfd)[0x7f780f835aed] >>> vim[0x422069] >>> >>> >>> >>> https://bugzilla.redhat.com/show_bug.cgi?id=514717 has all the details >>> and 2 suggested fixes. >>> >> What Vim does is completely fine. So your library is broken. I >> understand that it's intentionally broken to find buffer overflows. >> >> Now, we could work around the broken library. The diff shows one >> solution. But this would actually be needed in many more places, it >> just fixes the one found on startup. When running Vim there are more. >> Takes a long time to find them all. >> >> A proper fix would be: >> - Add configure check for the broken library. >> - When the library is broken use another function instead of STRCPY() to >> avoid using the broken strcpy(). It's slower but should work. >> >> A better solution would be to tell the library not to have this check >> for what it guessed the destination size would be. Is there an option >> or #define for this? >> > > > There is such a compilation option: -D_FORTIFY_SOURCE=0 > > Patch 7.2.044 already fixed crash which happened because of > the Fortify feature. It was fixed by compiling Vim with > -D_FORTIFY_SOURCE=1. Some versions of gcc compile > by default with -D_FORTIFY_SOURCE=2 (that's the case for > Ubuntu at least). -D_FORTIFY_SOURCE=2 can in some cases > cause valid programs to crash, which is the case for Vim. > As far as I understand, -D_FORTIFY_SOURCE=1 still has > some checks but they are relaxed a bit from -D_FORTIFY_SOURCE=2. > Compiling with -D_FORTIFY_SOURCE=1 should not break > Vim. I never see any problem with Vim using -D_FORTIFY_SOURCE=1. > But if you want to completely disable the Fortify feature, you can compile > with -D_FORTIFY_SOURCE=0 (or -U_FORTIFY_SOURCE) > > This is the Patch in which introduces -D_FORTIFY_SOURCE=1: > > =============== > Patch 7.2.044 > Problem: Crash because of STRCPY() being over protective of the destination > size. (Dominique Pelle) > Solution: Add -D_FORTIFY_SOURCE=1 to CFLAGS. Use an intermediate variable > for the pointer to avoid a warning. > Files: src/auto/configure, src/configure.in, src/eval.c > =============== > > Is Fedora compiling Vim with -D_FORTIFY_SOURCE=1 or > -D_FORTIFY_SOURCE=2? > > In the absense of -D_FORTIFY_SOURCE compilation option, > gcc might using -D_FORTIFY_SOURCE=2 by default (as it is the > case on Ubuntu) which is known to break vim and was fixed > in patch 7.2.044. > > The configure script checks whether to add -D_FORTIFY_SOURCE=1 > to the compilation options. Perhaps this is not happing on Fedora? > > Can you give the compilation log to see what compilation options > were used? > > -- Dominique >
Hello, The build log is available at http://kojipkgs.fedoraproject.org/packages/vim/7.2.245/1.fc12/data/logs/i686/build.log and we were using -D_FORTIFY_SOURCE=2 to compile vim as you've already suspected. This compile option comes from the RPM compile options and seems to take precedence over your fortify changes from patch 44 as we now have '-D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=1' on the gcc commandline. Karsten --~--~---------~--~----~------------~-------~--~----~ You received this message from the "vim_dev" maillist. For more information, visit http://www.vim.org/maillist.php -~----------~----~----~----~------~----~------~--~---
