1 |
> sendto(6, "<2>ifdhandler: stack smashing attack in function |
2 |
> do_transact", 60, 0, |
3 |
> {sa_family=AF_UNIX, path="/dev/log"}, 110) = -1 EPROTOTYPE (Protocol |
4 |
> wrong type for socket) |
5 |
|
6 |
hmm, that's another bug somewhere... |
7 |
|
8 |
> however that functions looks fine to me. |
9 |
> compiled with -fno-stack-protector it works fine. |
10 |
|
11 |
what's your gcc version? the ssp port for 3.4.2 is known to have a bug |
12 |
that results in bad assembly and a buffer overrun (i.e., it's a false |
13 |
positive but still bad). you could verify (or just post) the disassembly |
14 |
of the do_transact function, take it from the 'objdump -d src/ifd/process.o' |
15 |
output. |
16 |
|
17 |
|
18 |
-- |
19 |
gentoo-hardened@g.o mailing list |