1 |
On Wed, 07 Jun 2006 11:18:06 -0400, Kevin F. Quinn |
2 |
<kevquinn-aBrp7R+bbdUdnm+yROfE0A@××××××××××××.org> wrote: |
3 |
|
4 |
THANK YOU for quickly replying to this newbie question! |
5 |
|
6 |
> First thing to do is to run kdesktop_lock from a terminal, and see |
7 |
> whether the error is the same. |
8 |
|
9 |
Got this: |
10 |
|
11 |
kdesktop_lock: stack smashing attack in function virtual void |
12 |
QWidget::create(WId, bool, bool)() |
13 |
Aborted |
14 |
|
15 |
|
16 |
> Also do: |
17 |
> |
18 |
> readelf -d $(which kdesktop_lock) |
19 |
> |
20 |
> and see which QT version it links to - if the rpath |
21 |
> includes /usr/qt/3/lib then it's linking to QT3 not QT4. |
22 |
> |
23 |
|
24 |
Got this: |
25 |
|
26 |
~ $ readelf -d $(which kdesktop_lock) |
27 |
|
28 |
Dynamic section at offset 0x2d7d8 contains 66 entries: |
29 |
Tag Type Name/Value |
30 |
0x00000001 (NEEDED) Shared library: [libXau.so.6] |
31 |
0x00000001 (NEEDED) Shared library: [libgcc_s.so.1] |
32 |
0x00000001 (NEEDED) Shared library: [libkio.so.4] |
33 |
0x00000001 (NEEDED) Shared library: [libkdeui.so.4] |
34 |
0x00000001 (NEEDED) Shared library: [libkdesu.so.4] |
35 |
0x00000001 (NEEDED) Shared library: |
36 |
[libkwalletclient.so.1] |
37 |
0x00000001 (NEEDED) Shared library: [libkdecore.so.4] |
38 |
0x00000001 (NEEDED) Shared library: [libDCOP.so.4] |
39 |
0x00000001 (NEEDED) Shared library: [libresolv.so.2] |
40 |
0x00000001 (NEEDED) Shared library: [libutil.so.1] |
41 |
0x00000001 (NEEDED) Shared library: |
42 |
[libart_lgpl_2.so.2] |
43 |
0x00000001 (NEEDED) Shared library: [libidn.so.11] |
44 |
0x00000001 (NEEDED) Shared library: [libkdefx.so.4] |
45 |
0x00000001 (NEEDED) Shared library: [libqt-mt.so.3] |
46 |
0x00000001 (NEEDED) Shared library: [libmng.so.1] |
47 |
0x00000001 (NEEDED) Shared library: [liblcms.so.1] |
48 |
0x00000001 (NEEDED) Shared library: [libjpeg.so.62] |
49 |
0x00000001 (NEEDED) Shared library: [libXrandr.so.2] |
50 |
0x00000001 (NEEDED) Shared library: [libXcursor.so.1] |
51 |
0x00000001 (NEEDED) Shared library: [libXft.so.2] |
52 |
0x00000001 (NEEDED) Shared library: |
53 |
[libfontconfig.so.1] |
54 |
0x00000001 (NEEDED) Shared library: [libfreetype.so.6] |
55 |
0x00000001 (NEEDED) Shared library: [libexpat.so.0] |
56 |
0x00000001 (NEEDED) Shared library: [libpng.so.3] |
57 |
0x00000001 (NEEDED) Shared library: [libXrender.so.1] |
58 |
0x00000001 (NEEDED) Shared library: [libz.so.1] |
59 |
0x00000001 (NEEDED) Shared library: [libfam.so.0] |
60 |
0x00000001 (NEEDED) Shared library: [libstdc++.so.6] |
61 |
0x00000001 (NEEDED) Shared library: |
62 |
[libXxf86misc.so.1] |
63 |
0x00000001 (NEEDED) Shared library: [libGLU.so.1] |
64 |
0x00000001 (NEEDED) Shared library: [libGL.so.1] |
65 |
0x00000001 (NEEDED) Shared library: [libSM.so.6] |
66 |
0x00000001 (NEEDED) Shared library: [libICE.so.6] |
67 |
0x00000001 (NEEDED) Shared library: [libXmu.so.6] |
68 |
0x00000001 (NEEDED) Shared library: [libXt.so.6] |
69 |
0x00000001 (NEEDED) Shared library: [libXext.so.6] |
70 |
0x00000001 (NEEDED) Shared library: [libXi.so.6] |
71 |
0x00000001 (NEEDED) Shared library: [libdl.so.2] |
72 |
0x00000001 (NEEDED) Shared library: [libpthread.so.0] |
73 |
0x00000001 (NEEDED) Shared library: [libX11.so.6] |
74 |
0x00000001 (NEEDED) Shared library: [libm.so.6] |
75 |
0x00000001 (NEEDED) Shared library: [libc.so.6] |
76 |
0x0000000f (RPATH) Library rpath: |
77 |
[/usr/kde/3.5/lib:/usr/qt/3/lib:/usr/lib/gcc/i686-pc-linux-gnu/3.4.6:/usr/lib/opengl/xorg-x11/lib:/usr/lib] |
78 |
0x0000001d (RUNPATH) Library runpath: |
79 |
[/usr/kde/3.5/lib:/usr/qt/3/lib:/usr/lib/gcc/i686-pc-linux-gnu/3.4.6:/usr/lib/opengl/xorg-x11/lib:/usr/lib] |
80 |
0x0000000c (INIT) 0xa400 |
81 |
0x0000000d (FINI) 0x29ba0 |
82 |
0x00000004 (HASH) 0x188 |
83 |
0x00000005 (STRTAB) 0x39e8 |
84 |
0x00000006 (SYMTAB) 0x1358 |
85 |
0x0000000a (STRSZ) 17950 (bytes) |
86 |
0x0000000b (SYMENT) 16 (bytes) |
87 |
0x00000015 (DEBUG) 0x0 |
88 |
0x00000003 (PLTGOT) 0x2ea08 |
89 |
0x00000002 (PLTRELSZ) 2760 (bytes) |
90 |
0x00000014 (PLTREL) REL |
91 |
0x00000017 (JMPREL) 0x9938 |
92 |
0x00000011 (REL) 0x8588 |
93 |
0x00000012 (RELSZ) 5040 (bytes) |
94 |
0x00000013 (RELENT) 8 (bytes) |
95 |
0x0000001e (FLAGS) BIND_NOW |
96 |
0x6ffffffb (FLAGS_1) Flags: NOW |
97 |
0x6ffffffe (VERNEED) 0x84d8 |
98 |
0x6fffffff (VERNEEDNUM) 3 |
99 |
0x6ffffff0 (VERSYM) 0x8006 |
100 |
0x6ffffffa (RELCOUNT) 171 |
101 |
0x00000000 (NULL) 0x0 |
102 |
|
103 |
|
104 |
So IIUC, |
105 |
|
106 |
1. It is indeed using the qt 3 directory; which means 3.3.6.r-1 libraries, |
107 |
and your patch will then still work!? I -guess- that I copy the "edit" |
108 |
notes from your bugzilla patch, insert it into a file named |
109 |
"qt-3.3.6-r1-dirty-ssp.patch"; put that into |
110 |
/usr/portage/x11-libs/qt/files, and then reemerge qt!? (I just noticed |
111 |
that my first attempt at this was deleted - I guess by portage - do I have |
112 |
to put the name of this patch into some sort of manifest?) |
113 |
|
114 |
2. If I have the 4.1.2 qt version, why are the 3x libraries still around? |
115 |
|
116 |
3. (IIRC, I recompiled KDE* after installing the new QT - yet KDE still |
117 |
uses 3.) |
118 |
|
119 |
> No... Are you sure it's using qt-4? qt major versions are slotted and |
120 |
> from qt3 to qt4 the library names have changed. |
121 |
|
122 |
4. What does "slotted" mean, please? (webopedia and google didn't help |
123 |
:-( ) |
124 |
|
125 |
> Report any findings on the same bug. |
126 |
> |
127 |
>> TIA (newbie) |
128 |
> |
129 |
> |
130 |
|
131 |
Thanks AGAIN!!! newbie |
132 |
-- |
133 |
gentoo-hardened@g.o mailing list |