Karsten Hopp wrote:
> Am 04.08.2009 14:59, schrieb Dominique Pellé: > > Bram Moolenaar wrote: > > > > > >> Karsten Hopp wrote: > >> > >> > >>> We've rebuilt all Fedora-12 packages and vim was one of the programs > >>> that failed to > >>> run with enhanced glibc fortify features: > >>> > >>> vi > >>> *** buffer overflow detected ***: vim terminated > >>> ======= Backtrace: ========= > >>> /lib64/libc.so.6(__fortify_fail+0x37)[0x7f780f90df47] > >>> /lib64/libc.so.6[0x7f780f90bee0] > >>> vim(eval_init+0x6f)[0x45a5cf] > >>> vim(main+0x82)[0x4ac952] > >>> /lib64/libc.so.6(__libc_start_main+0xfd)[0x7f780f835aed] > >>> vim[0x422069] > >>> > >>> > >>> > >>> https://bugzilla.redhat.com/show_bug.cgi?id=514717 has all the details > >>> and 2 suggested fixes. > >>> > >> What Vim does is completely fine. So your library is broken. I > >> understand that it's intentionally broken to find buffer overflows. > >> > >> Now, we could work around the broken library. The diff shows one > >> solution. But this would actually be needed in many more places, it > >> just fixes the one found on startup. When running Vim there are more. > >> Takes a long time to find them all. > >> > >> A proper fix would be: > >> - Add configure check for the broken library. > >> - When the library is broken use another function instead of STRCPY() to > >> avoid using the broken strcpy(). It's slower but should work. > >> > >> A better solution would be to tell the library not to have this check > >> for what it guessed the destination size would be. Is there an option > >> or #define for this? > >> > > > > > > There is such a compilation option: -D_FORTIFY_SOURCE=0 > > > > Patch 7.2.044 already fixed crash which happened because of > > the Fortify feature. It was fixed by compiling Vim with > > -D_FORTIFY_SOURCE=1. Some versions of gcc compile > > by default with -D_FORTIFY_SOURCE=2 (that's the case for > > Ubuntu at least). -D_FORTIFY_SOURCE=2 can in some cases > > cause valid programs to crash, which is the case for Vim. > > As far as I understand, -D_FORTIFY_SOURCE=1 still has > > some checks but they are relaxed a bit from -D_FORTIFY_SOURCE=2. > > Compiling with -D_FORTIFY_SOURCE=1 should not break > > Vim. I never see any problem with Vim using -D_FORTIFY_SOURCE=1. > > But if you want to completely disable the Fortify feature, you can compile > > with -D_FORTIFY_SOURCE=0 (or -U_FORTIFY_SOURCE) > > > > This is the Patch in which introduces -D_FORTIFY_SOURCE=1: > > > > =============== > > Patch 7.2.044 > > Problem: Crash because of STRCPY() being over protective of the > > destination > > size. (Dominique Pelle) > > Solution: Add -D_FORTIFY_SOURCE=1 to CFLAGS. Use an intermediate variable > > for the pointer to avoid a warning. > > Files: src/auto/configure, src/configure.in, src/eval.c > > =============== > > > > Is Fedora compiling Vim with -D_FORTIFY_SOURCE=1 or > > -D_FORTIFY_SOURCE=2? > > > > In the absense of -D_FORTIFY_SOURCE compilation option, > > gcc might using -D_FORTIFY_SOURCE=2 by default (as it is the > > case on Ubuntu) which is known to break vim and was fixed > > in patch 7.2.044. > > > > The configure script checks whether to add -D_FORTIFY_SOURCE=1 > > to the compilation options. Perhaps this is not happing on Fedora? > > > > Can you give the compilation log to see what compilation options > > were used? > > > > -- Dominique > > > > > Hello, > > The build log is available at > http://kojipkgs.fedoraproject.org/packages/vim/7.2.245/1.fc12/data/logs/i686/build.log > > and we were using -D_FORTIFY_SOURCE=2 to compile vim as you've already > suspected. > > This compile option comes from the RPM compile options and seems to take > precedence over your fortify changes from patch 44 as we now have > '-D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=1' on the gcc commandline. Ah, so the configure script is working, but not as expected. Where is the -D_FORTIFY_SOURCE=2 flag coming from? Is it in $CFLAGS? If so then configure could filter it out. -- hundred-and-one symptoms of being an internet addict: 145. You e-mail your boss, informing him you'll be late. /// Bram Moolenaar -- b...@moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ download, build and distribute -- http://www.A-A-P.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org /// --~--~---------~--~----~------------~-------~--~----~ You received this message from the "vim_dev" maillist. For more information, visit http://www.vim.org/maillist.php -~----------~----~----~----~------~----~------~--~---
