[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6474) test004 (hdb) crashes when slapd is compiled with -D_FORTIFY_SOURCE=2

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6474) test004 (hdb) crashes when slapd is compiled with -D_FORTIFY_SOURCE=2
From: hyc@symas.com
Date: Tue, 13 Apr 2010 20:54:01 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

h.b.furuseth@usit.uio.no wrote:
>> There is no real buffer overflow here AFAICS but the real problem is,
>> that the destination of the strcpy() is defined as char[1] in this
>> case (it's the nrdn member of a struct diskNode). The additional
>> runtime check when compiling with -D_FORTIFY_SOURCE=2 sees that the
>> destination data will not fit in there and aborts.
>
> This is similar to the struct hack, except nrdn is not the last struct
> member.  IIRC it actually is invalid to use nrdn as an accessor for the
> following struct members (from the compiler's point of view).
>
> Another case of "not quite the Struct Hack" broke last year: ITS#6303.
> If _FORTIFY_SOURCE is warning us that gcc might break this code, the
> memcpy patch might merely shut up the warning without fixing the
> problem.  In that case, the simplest change would be to do away with
> struct diskNode - or keep it for reference but not actually use it.
>
> I'm reopening the ITS for someone else to decide if they care, I have
> other things on my mind currently.
>
Nope, we don't care. The purpose and usage of diskNode is thoroughly 
documented in the comments and all of the uses are correct. Marking this Test 
again.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: Re: (ITS#6474) test004 (hdb) crashes when slapd is compiled with -D_FORTIFY_SOURCE=2
Next by Date: (ITS#6519) syncprov sends bogus cookie on accesslog purge
Index(es):
- Chronological
- Thread