Hey,
If you compile this testcase with gcc parameter "-D_FORTIFY_SOURCE=2"
it results in:
*** buffer overflow detected ***:
/usr/lib64/ltp/testcases/bin/openposix/conformance/interfaces/sem_getvalue/5-1.test
terminated
======= Backtrace: =========
/lib64/libc.so.6(__chk_fail+0x2f)[0x2b76feaee19f]
/lib64/libc.so.6[0x2b76feaed6d9]
/lib64/libc.so.6(_IO_default_xsputn+0x8e)[0x2b76fea86d3e]
/lib64/libc.so.6(_IO_vfprintf+0x1487)[0x2b76fea5f177]
/lib64/libc.so.6(__vsprintf_chk+0x9d)[0x2b76feaed77d]
/lib64/libc.so.6(__sprintf_chk+0x80)[0x2b76feaed6c0]
/usr/lib64/ltp/testcases/bin/openposix/conformance/interfaces/sem_getvalue/5-1.test[0x400874]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x2b76fea3a154]
/usr/lib64/ltp/testcases/bin/openposix/conformance/interfaces/sem_getvalue/5-1.test[0x4007a9]
This is caused due a too short char array, patch attached.
Can add the parameter "-D_FORTIFY_SOURCE=2" as a standard for compiling
ltp-testcases?
_FORTIFY_SOURCE is a Glibc feature which adds memory and string function
protection. There is no home site for this feature, but it is described well
on this page: http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
Regards,
--
Patrick Kirsch - Quality Assurance Department
SUSE Linux Products GmbH GF: Markus Rex, HRB 16746 (AG Nuernberg)
--- 5-1.c.orig 2007-09-17 16:55:03.000000000 +0200
+++ 5-1.c 2007-09-17 16:54:38.000000000 +0200
@@ -27,7 +27,7 @@
int main() {
- char semname[20];
+ char semname[28];
sem_t *mysemp;
int val;
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Ltp-list mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ltp-list
