| 1 |
Hi, |
| 2 |
|
| 3 |
if openct 0.6.0 is compiled with stack smashing protector |
| 4 |
it dies during normal operatoins: |
| 5 |
|
| 6 |
write(2, "ifdhandler: stack smashing attack in function do_transact", |
| 7 |
57) = 57 |
| 8 |
write(2, "()\n", 3) = 3 |
| 9 |
socket(PF_UNIX, SOCK_DGRAM, 0) = 6 |
| 10 |
sendto(6, "<2>ifdhandler: stack smashing attack in function |
| 11 |
do_transact", 60, 0, |
| 12 |
{sa_family=AF_UNIX, path="/dev/log"}, 110) = -1 EPROTOTYPE (Protocol |
| 13 |
wrong type |
| 14 |
for socket) |
| 15 |
rt_sigaction(SIGABRT, {SIG_DFL}, NULL, 8) = 0 |
| 16 |
getpid() = 22083 |
| 17 |
kill(22083, SIGABRT) = 0 |
| 18 |
--- SIGABRT (Aborted) @ 0 (0) --- |
| 19 |
Process 22083 detached |
| 20 |
|
| 21 |
however that functions looks fine to me. |
| 22 |
compiled with -fno-stack-protector it works fine. |
| 23 |
|
| 24 |
can you help me to find out, why the ssp comes to this |
| 25 |
(false) conclusion? I'd like to improve the code, so it |
| 26 |
works with ssp turned on. |
| 27 |
|
| 28 |
Thanks for your help. |
| 29 |
|
| 30 |
Regards, Andreas |
| 31 |
|
| 32 |
|
| 33 |
-- |
| 34 |
---------------------[ Ciphire Signature ]---------------------- |
| 35 |
From: aj@××××××.com signed email body (692 characters) |
| 36 |
Date: on 10 October 2004 at 11:37:32 GMT |
| 37 |
To: gentoo-hardened@g.o |
| 38 |
---------------------------------------------------------------- |
| 39 |
: The message above has been secured using Ciphire Mail. |
| 40 |
: Verify this signature and download your free encryption |
| 41 |
: software at www.ciphire.com. The three garbled lines |
| 42 |
: below are the sender's verifiable encoded signature. |
| 43 |
---------------------------------------------------------------- |
| 44 |
00fAAAAAEAAAD8HmlBtAIAAPcCAAIAAgACACCHa/ngSxkUSk0BqZg1E/jZM0oiUo |
| 45 |
umDKXfCITLPwvVKwEAbhWANE13J0b+WfjyXvCnTWr3hgWVEmUwFZNDh8Tz8U8ouk |
| 46 |
Pbf5I64QXTQNZNnvjopuqhl85z9G8NiYPy1hEY0w== |
| 47 |
------------------[ End Ciphire Signed Message ]---------------- |
| 48 |
|
| 49 |
|
| 50 |
-- |
| 51 |
gentoo-hardened@g.o mailing list |
Archives