| 1 |
Elias Diem <lists@×××××××××.ch> writes: |
| 2 |
|
| 3 |
> Hi lee |
| 4 |
> |
| 5 |
> On 2015-12-29, lee wrote: |
| 6 |
> |
| 7 |
>> Elias Diem <lists@×××××××××.ch> writes: |
| 8 |
>> |
| 9 |
>> > Hi |
| 10 |
>> > |
| 11 |
>> > I just got the following while running Vim's testsuite. |
| 12 |
>> > |
| 13 |
>> > <output> |
| 14 |
>> > *** buffer overflow detected ***: vim terminated; report to <http://bugs.gentoo.org/> |
| 15 |
>> > Makefile:151: recipe for target 'af.ck' failed |
| 16 |
>> > make[2]: *** [af.ck] Killed |
| 17 |
>> > </output> |
| 18 |
>> > |
| 19 |
>> > The compiler gave me the following warning. |
| 20 |
>> > |
| 21 |
>> > [...] |
| 22 |
>> > /usr/include/bits/string3.h:110:3: warning: call to __builtin___strcpy_chk will always overflow destination buffer |
| 23 |
>> > return __builtin___strcpy_chk (__dest, __src, __bos (__dest)); |
| 24 |
>> > |
| 25 |
>> > [...] |
| 26 |
>> > |
| 27 |
>> > Should I file a bug? |
| 28 |
>> |
| 29 |
>> The test was successful because the buffer overflow was detected? |
| 30 |
> |
| 31 |
> I think I don't quite understand your question. |
| 32 |
> |
| 33 |
> `make test` failed. Therefore I'd say the test was not |
| 34 |
> successful. |
| 35 |
> |
| 36 |
> I run a hardened profile. I guess that's why the overflow |
| 37 |
> was detected and vim terminated. |
| 38 |
|
| 39 |
When you perform a strcpy() and overflow the destination buffer, you are |
| 40 |
supposed to experience a segmentation fault. It shouldn't matter |
| 41 |
whether you run a hardened profile or not for detecting these. |
| 42 |
|
| 43 |
I imagine it was discovered that a segmentation fault did occur, and |
| 44 |
that it inevitably would occur --- since gcc tells you that one will |
| 45 |
occur when using __builtin___strcpy_chk() --- and the application was |
| 46 |
terminated. Otherwise, the test would have been unsuccessful. |
| 47 |
|
| 48 |
Whether this is a bug or not depends on what you're supposed to expect, |
| 49 |
which I don't know. If someone would run the test suite on a |
| 50 |
non-hardened profile and got the same warning from gcc, but vim wouldn't |
| 51 |
be terminated when the segmentation fault occurs, then I'd be worried. |
Archives