[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#6474) test004 (hdb) crashes when slapd is compiled with -D_FORTIFY_SOURCE=2
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#6474) test004 (hdb) crashes when slapd is compiled with -D_FORTIFY_SOURCE=2
- From: hyc@symas.com
- Date: Tue, 13 Apr 2010 20:54:01 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
h.b.furuseth@usit.uio.no wrote:
>> There is no real buffer overflow here AFAICS but the real problem is,
>> that the destination of the strcpy() is defined as char[1] in this
>> case (it's the nrdn member of a struct diskNode). The additional
>> runtime check when compiling with -D_FORTIFY_SOURCE=2 sees that the
>> destination data will not fit in there and aborts.
>
> This is similar to the struct hack, except nrdn is not the last struct
> member. IIRC it actually is invalid to use nrdn as an accessor for the
> following struct members (from the compiler's point of view).
>
> Another case of "not quite the Struct Hack" broke last year: ITS#6303.
> If _FORTIFY_SOURCE is warning us that gcc might break this code, the
> memcpy patch might merely shut up the warning without fixing the
> problem. In that case, the simplest change would be to do away with
> struct diskNode - or keep it for reference but not actually use it.
>
> I'm reopening the ITS for someone else to decide if they care, I have
> other things on my mind currently.
>
Nope, we don't care. The purpose and usage of diskNode is thoroughly
documented in the comments and all of the uses are correct. Marking this Test
again.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/