Control: tags 920467 + upstream patch
Dear Maintainer,
tried to have a look at the stack smashing.
It happens inside a call to g_stat/stat64.
The reason is as far as I see that in nconfig.c the type
GStatBuf has just a size of 88 bytes, therefore no
more memory is reserved. Inside nstat or g_stat/stat64
the type has a size of 96 bytes, that I assume would be
the right one.
By changing the include order in nconfig.c like in attached
patch I could finish the package build and run the test.
Kind regards,
Bernhard
Thread 1 "ngraph" hit Watchpoint 3: *0xbffff44c
Old value = 156167168
New value = 656566
0xb7fd4d51 in __kernel_vsyscall ()
1: x/i $pc
=> 0xb7fd4d51 <__kernel_vsyscall+9>: pop %ebp
(gdb) bt
#0 0xb7fd4d51 in __kernel_vsyscall ()
#1 0xb7bae4d5 in ___xstat64 (vers=3, name=0x5088c0
"/etc/ngraph-gtk/Ngraph.ini", buf=0xbffff3f4) at
../sysdeps/unix/sysv/linux/xstat64.c:35
#2 0xb7df609c in stat64 (__statbuf=0xbffff3f4, __path=0x5088c0
"/etc/ngraph-gtk/Ngraph.ini") at /usr/include/i386-linux-gnu/sys/stat.h:455
#3 nstat (filename=0x558600 "/etc/ngraph-gtk/Ngraph.ini", buf=0xbffff3f4) at
ioutil.c:819
#4 0xb7de90c1 in openconfig (section=0xb7eda7cd "[Ngraph]") at nconfig.c:141
#5 0xb7ebde7e in load_config (history_size=<synthetic pointer>,
allocconsole=<synthetic pointer>, inst=0x58f560, sys=0x51bc20) at init.c:971
#6 n_initialize (argc=0xbffff5d0, argv=0xbffff56c) at init.c:971
#7 0xb7e5b65c in ngraph_initialize (argc=0xbffff5d0, argv=0xbffff56c) at
ngraph_api.c:715
#8 0x0040116c in main (argc=<optimized out>, argv=<optimized out>) at
main.c:122
(gdb)
#2 0xb7df609c in stat64 (__statbuf=0xbffff3f4, __path=0x5088c0
"/etc/ngraph-gtk/Ngraph.ini") at /usr/include/i386-linux-gnu/sys/stat.h:455
warning: Source file is more recent than executable.
455 return __xstat (_STAT_VER, __path, __statbuf);
(gdb) print sizeof(*__statbuf)
$9 = 96
(gdb) up
#3 nstat (filename=0x558600 "/etc/ngraph-gtk/Ngraph.ini", buf=0xbffff3f4) at
ioutil.c:819
819 r = g_stat(tmp, buf);
(gdb) print sizeof(*buf)
$11 = 96
Description: Fix include order to avoid stack smashing
Bug-Debian: https://bugs.debian.org/920467
Forwarded: no
Last-Update: 2019-01-26
--- ngraph-gtk-6.08.00.orig/src/nconfig.c
+++ ngraph-gtk-6.08.00/src/nconfig.c
@@ -21,6 +21,8 @@
*
*/
+#include "common.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
@@ -28,8 +30,6 @@
#include <errno.h>
#include <glib.h>
-#include "common.h"
-
#include "object.h"
#include "nstring.h"
#include "ioutil.h"
# Buster i386 qemu VM 2019-01-26
apt update
apt dist-upgrade
apt install systemd-coredump xvfb xauth mc gdb ngraph-gtk ngraph-gtk-dbgsym
libngraph0-dbgsym
apt install dpkg-dev devscripts
apt build-dep ngraph-gtk
mkdir source/ngraph-gtk/orig -p
cd source/ngraph-gtk/orig
apt source ngraph-gtk
cd
cd source/ngraph-gtk/orig/ngraph-gtk-6.08.00
debian/tests/run-test
##############
benutzer@debian:~/source/ngraph-gtk/orig/ngraph-gtk-6.08.00$
debian/tests/run-test
*** stack smashing detected ***: <unknown> terminated
Aborted (core dumped)
root@debian:~# coredumpctl list
TIME PID UID GID SIG COREFILE EXE
Sat 2019-01-26 10:32:29 CET 16668 1000 1000 6 present /usr/bin/ngraph
root@debian:~# coredumpctl gdb 16668
PID: 16668 (ngraph-test)
UID: 1000 (benutzer)
GID: 1000 (benutzer)
Signal: 6 (ABRT)
Timestamp: Sat 2019-01-26 10:32:28 CET (2min 26s ago)
Command Line: /usr/bin/ngraph -i debian/tests/ngraph-test
Executable: /usr/bin/ngraph
Control Group: /user.slice/user-1000.slice/session-3.scope
Unit: session-3.scope
Slice: user-1000.slice
Session: 3
Owner UID: 1000 (benutzer)
Boot ID: 2891b09545794870a2a1bae01cecb105
Machine ID: 45f49504b47f4e5690bc479adf67aa5b
Hostname: debian
Storage:
/var/lib/systemd/coredump/core.ngraph-test.1000.2891b09545794870a2a1bae01cecb105.16668.1548495148000000.lz4
Message: Process 16668 (ngraph-test) of user 1000 dumped core.
Stack trace of thread 16668:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7a352d2 raise (libc.so.6)
#2 0x00000000b7a1f2b6 abort (libc.so.6)
#3 0x00000000b7a76c1c n/a (libc.so.6)
#4 0x00000000b7b10b6e n/a (libc.so.6)
#5 0x00000000b7b10b1b __stack_chk_fail (libc.so.6)
#6 0x00000000b7e0e624 n/a (libngraph.so.0)
#7 0x00000000b7d2821c n/a (libngraph.so.0)
#8 0x00000000b7dfce7e n/a (libngraph.so.0)
#9 0x00000000b7d9a65c ngraph_initialize (libngraph.so.0)
#10 0x000000000041516c main (ngraph)
#11 0x00000000b7a20b41 __libc_start_main (libc.so.6)
#12 0x00000000004153e1 _start (ngraph)
Stack trace of thread 16670:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16677:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16671:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16679:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16669:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16672:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16676:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16674:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16678:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16682:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16675:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16681:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16680:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
Stack trace of thread 16673:
#0 0x00000000b7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1 0x00000000b7bf13c2 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#2 0x00000000b22811ad n/a (swrast_dri.so)
#3 0x00000000b7beafd2 start_thread (libpthread.so.0)
#4 0x00000000b7b00146 __clone (libc.so.6)
GNU gdb (Debian 8.2-1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "i686-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/ngraph...Reading symbols from
/usr/lib/debug/.build-id/57/ce2ad0298358c33e0dc12ac84dff5a773c737a.debug...done.
done.
warning: core file may not match specified executable file.
[New LWP 16668]
[New LWP 16670]
[New LWP 16677]
[New LWP 16671]
[New LWP 16679]
[New LWP 16669]
[New LWP 16672]
[New LWP 16676]
[New LWP 16674]
[New LWP 16678]
[New LWP 16682]
[New LWP 16675]
[New LWP 16681]
[New LWP 16680]
[New LWP 16673]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/bin/ngraph -i debian/tests/ngraph-test'.
Program terminated with signal SIGABRT, Aborted.
#0 0xb7f13d51 in __kernel_vsyscall ()
[Current thread is 1 (Thread 0xb3891f00 (LWP 16668))]
(gdb) set width 0
(gdb) set pagination off
(gdb) bt
#0 0xb7f13d51 in __kernel_vsyscall ()
#1 0xb7a352d2 in __libc_signal_restore_set (set=0xbfe137dc) at
../sysdeps/unix/sysv/linux/internal-signals.h:84
#2 __GI_raise (sig=6) at ../sysdeps/unix/sysv/linux/raise.c:48
#3 0xb7a1f2b6 in __GI_abort () at abort.c:79
#4 0xb7a76c1c in __libc_message (action=do_abort, fmt=<optimized out>) at
../sysdeps/posix/libc_fatal.c:181
#5 0xb7b10b6e in __GI___fortify_fail_abort (need_backtrace=false,
msg=0xb7b871e3 "stack smashing detected") at fortify_fail.c:28
#6 0xb7b10b1b in __stack_chk_fail () at stack_chk_fail.c:29
#7 0xb7e0e624 in __stack_chk_fail_local () from
/usr/lib/i386-linux-gnu/libngraph.so.0
#8 0xb7d2821c in openconfig (section=0xb7e197cd "[Ngraph]") at nconfig.c:147
#9 0xb7dfce7e in load_config (history_size=<synthetic pointer>,
allocconsole=<synthetic pointer>, inst=0x224b850, sys=0x21eee00) at init.c:971
#10 n_initialize (argc=0xbfe13e20, argv=0xbfe13dbc) at init.c:971
#11 0xb7d9a65c in ngraph_initialize (argc=0xbfe13e20, argv=0xbfe13dbc) at
ngraph_api.c:715
#12 0x0041516c in main (argc=<optimized out>, argv=<optimized out>) at
main.c:122
################
cd source/ngraph-gtk/orig/ngraph-gtk-6.08.00
sed -i 's@debian/tests/ngraph-test@/usr/bin/gdb -q --args /usr/bin/ngraph -i
debian/tests/ngraph-test@' debian/tests/run-test
debian/tests/run-test
set width 0
set pagination off
directory /home/benutzer/source/ngraph-gtk/orig/ngraph-gtk-6.08.00/src
display/i $pc
b main
run
b openconfig
cont
nexti
...
x/1xd $esp+0xd8
set can-use-hw-watchpoints 0
watch *0xbffff44c
cont
bt
benutzer@debian:~/source/ngraph-gtk/orig/ngraph-gtk-6.08.00$
debian/tests/run-test
Reading symbols from /usr/bin/ngraph...Reading symbols from
/usr/lib/debug/.build-id/57/ce2ad0298358c33e0dc12ac84dff5a773c737a.debug...done.
done.
(gdb) set width 0
(gdb) set pagination off
(gdb) directory /home/benutzer/source/ngraph-gtk/orig/ngraph-gtk-6.08.00/src
Source directories searched:
/home/benutzer/source/ngraph-gtk/orig/ngraph-gtk-6.08.00/src:$cdir:$cwd
(gdb) display/i $pc
1: x/i $pc
<error: No registers.>
(gdb) b main
Breakpoint 1 at 0x1130: file main.c, line 117.
(gdb) run
Starting program: /usr/bin/ngraph -i debian/tests/ngraph-test
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
Breakpoint 1, main (argc=3, argv=0xbffff664) at main.c:117
117 {
1: x/i $pc
=> 0x401130 <main>: lea 0x4(%esp),%ecx
(gdb) b openconfig
Breakpoint 2 at 0xb7de8fc0: file nconfig.c, line 121.
(gdb) cont
Continuing.
[New Thread 0xaecb6b40 (LWP 17211)]
[New Thread 0xae4b5b40 (LWP 17212)]
[New Thread 0xadaffb40 (LWP 17213)]
[New Thread 0xad0ffb40 (LWP 17214)]
[New Thread 0xac6ffb40 (LWP 17215)]
[New Thread 0xabaffb40 (LWP 17216)]
[New Thread 0xab2feb40 (LWP 17217)]
[New Thread 0xaa8fdb40 (LWP 17218)]
[New Thread 0xa9efcb40 (LWP 17219)]
[New Thread 0xa94fbb40 (LWP 17220)]
[New Thread 0xa8afab40 (LWP 17221)]
[New Thread 0xa80ffb40 (LWP 17222)]
[New Thread 0xa78feb40 (LWP 17223)]
[New Thread 0xa6cffb40 (LWP 17224)]
[Detaching after fork from child process 17225]
Thread 1 "ngraph" hit Breakpoint 2, openconfig (section=0xb7eda7cd "[Ngraph]")
at nconfig.c:121
121 {
1: x/i $pc
=> 0xb7de8fc0 <openconfig>: push %ebp
(gdb) nexti
0xb7de8fc1 121 {
1: x/i $pc
=> 0xb7de8fc1 <openconfig+1>: push %edi
(gdb)
0xb7de8fc2 121 {
1: x/i $pc
=> 0xb7de8fc2 <openconfig+2>: push %esi
(gdb)
0xb7de8fc3 121 {
1: x/i $pc
=> 0xb7de8fc3 <openconfig+3>: push %ebx
(gdb)
0xb7de8fc4 121 {
1: x/i $pc
=> 0xb7de8fc4 <openconfig+4>: call 0xb7de7f20 <__x86.get_pc_thunk.bx>
(gdb)
0xb7de8fc9 121 {
1: x/i $pc
=> 0xb7de8fc9 <openconfig+9>: add $0x1a3f93,%ebx
(gdb)
0xb7de8fcf 121 {
1: x/i $pc
=> 0xb7de8fcf <openconfig+15>: sub $0xe8,%esp
(gdb)
0xb7de8fd5 121 {
1: x/i $pc
=> 0xb7de8fd5 <openconfig+21>: mov %gs:0x14,%eax
(gdb)
0xb7de8fdb 121 {
1: x/i $pc
=> 0xb7de8fdb <openconfig+27>: mov %eax,0xd8(%esp)
(gdb)
0xb7de8fe2 121 {
1: x/i $pc
=> 0xb7de8fe2 <openconfig+34>: xor %eax,%eax
(gdb) x/1xd $esp+0xd8
0xbffff44c: 156167168
(gdb) set can-use-hw-watchpoints 0
(gdb) watch *0xbffff44c
Watchpoint 3: *0xbffff44c
(gdb) cont
Continuing.
Thread 1 "ngraph" hit Watchpoint 3: *0xbffff44c
Old value = 156167168
New value = 656566
0xb7fd4d51 in __kernel_vsyscall ()
1: x/i $pc
=> 0xb7fd4d51 <__kernel_vsyscall+9>: pop %ebp
(gdb) bt
#0 0xb7fd4d51 in __kernel_vsyscall ()
#1 0xb7bae4d5 in ___xstat64 (vers=3, name=0x5088c0
"/etc/ngraph-gtk/Ngraph.ini", buf=0xbffff3f4) at
../sysdeps/unix/sysv/linux/xstat64.c:35
#2 0xb7df609c in stat64 (__statbuf=0xbffff3f4, __path=0x5088c0
"/etc/ngraph-gtk/Ngraph.ini") at /usr/include/i386-linux-gnu/sys/stat.h:455
#3 nstat (filename=0x558600 "/etc/ngraph-gtk/Ngraph.ini", buf=0xbffff3f4) at
ioutil.c:819
#4 0xb7de90c1 in openconfig (section=0xb7eda7cd "[Ngraph]") at nconfig.c:141
#5 0xb7ebde7e in load_config (history_size=<synthetic pointer>,
allocconsole=<synthetic pointer>, inst=0x58f560, sys=0x51bc20) at init.c:971
#6 n_initialize (argc=0xbffff5d0, argv=0xbffff56c) at init.c:971
#7 0xb7e5b65c in ngraph_initialize (argc=0xbffff5d0, argv=0xbffff56c) at
ngraph_api.c:715
#8 0x0040116c in main (argc=<optimized out>, argv=<optimized out>) at
main.c:122
(gdb) up
#1 0xb7bae4d5 in ___xstat64 (vers=3, name=0x5088c0
"/etc/ngraph-gtk/Ngraph.ini", buf=0xbffff3f4) at
../sysdeps/unix/sysv/linux/xstat64.c:35
35 ../sysdeps/unix/sysv/linux/xstat64.c: Datei oder Verzeichnis nicht
gefunden.
(gdb)
#2 0xb7df609c in stat64 (__statbuf=0xbffff3f4, __path=0x5088c0
"/etc/ngraph-gtk/Ngraph.ini") at /usr/include/i386-linux-gnu/sys/stat.h:455
warning: Source file is more recent than executable.
455 return __xstat (_STAT_VER, __path, __statbuf);
(gdb) print sizeof(*__statbuf)
$9 = 96
(gdb) up
#3 nstat (filename=0x558600 "/etc/ngraph-gtk/Ngraph.ini", buf=0xbffff3f4) at
ioutil.c:819
819 r = g_stat(tmp, buf);
(gdb) print sizeof(*buf)
$11 = 96
(gdb)
#4 0xb7de90c1 in openconfig (section=0xb7eda7cd "[Ngraph]") at nconfig.c:141
141 if (nstat(libconf,&libstat)!=0) {
(gdb) print sizeof(libstat)
$6 = 88
(gdb) list
451
452 __extern_inline int
453 __NTH (stat (const char *__path, struct stat *__statbuf))
454 {
455 return __xstat (_STAT_VER, __path, __statbuf); <<<<<<<<<<<<
456 }
457
(gdb) list nstat
806 nstat(const gchar *filename, GStatBuf *buf)
807 {
808 int r;
809 char *tmp;
810
811 if (filename == NULL || buf == NULL)
812 return -1;
813
814 tmp = get_localized_filename(filename);
815 if (tmp == NULL) {
816 return -1;
817 }
818
819 r = g_stat(tmp, buf); <<<<<<<<<<<
820 g_free(tmp);
821
822 return r;
823 }
(gdb) list openconfig
119 FILE *
120 openconfig(char *section)
121 {
122 struct objlist *sys;
123 char *libdir,*s,*homedir,*homeconf,*libconf,*buf;
124 FILE *fp;
125 GStatBuf homestat,libstat;
126
127 if ((sys=getobject("system"))==NULL) return NULL;
128 if (getobj(sys,"home_dir",0,0,NULL,&homedir)==-1) return NULL;
129 if (getobj(sys,"conf_dir",0,0,NULL,&libdir)==-1) return NULL;
130 homeconf=libconf=NULL;
131 if (findfilename(homedir,CONFSEP,CONF)) {
132 if ((homeconf=getfilename(homedir,CONFSEP,CONF))!=NULL) {
133 if (nstat(homeconf,&homestat)!=0) {
134 g_free(homeconf);
135 homeconf=NULL;
136 }
137 }
138 }
139 if (findfilename(libdir,CONFSEP,CONF)) {
140 if ((libconf=getfilename(libdir,CONFSEP,CONF))!=NULL) {
141 if (nstat(libconf,&libstat)!=0) {
<<<<<<<<<<<<<
142 g_free(libconf);
143 libconf=NULL;
144 }
145 }
146 }
147 if (homeconf) {
148 #if 0
149 if (libconf==NULL) {
150 s=homeconf;
151 } else if (homestat.st_mtime>=libstat.st_mtime) {
152 s=homeconf;
153 g_free(libconf);
154 } else {
155 s=libconf;
156 g_free(homeconf);
157 }
158 #else
159 s=homeconf;
160 g_free(libconf);
161 #endif
162 } else if (libconf) {
163 s=libconf;
164 } else {
165 return NULL;
166 }
167 if ((fp=nfopen(s,"rt"))==NULL) {
168 g_free(s);
169 return NULL;
170 }
171 g_free(s);
172 while (fgetline(fp,&buf)==0) {
173 if (strcmp0(buf,section)==0) {
174 g_free(buf);
175 return fp;
176 }
177 g_free(buf);
178 }
179 fclose(fp);
180 return NULL;
181 }
182
(gdb) print nstat
$10 = {int (const gchar *, GStatBuf *)} 0xb7df6060 <nstat>
(gdb) info share
From To Syms Read Shared Object Library
0xb7de7ee0 0xb7ecf624 Yes /usr/lib/i386-linux-gnu/libngraph.so.0
(gdb) info target
0xb7de7ee0 - 0xb7ecf624 is .text in
/usr/lib/i386-linux-gnu/libngraph.so.0
#############
cd source/ngraph-gtk
cp orig try1 -a
cd try1/ngraph-gtk-6.08.00
dpkg-buildpackage
...
../../../src/ngraph -i ./../objlist.nsc >> object.html
Unable to init server: Verbindung ist gescheitert: Verbindungsaufbau abgelehnt
*** stack smashing detected ***: <unknown> terminated
/bin/bash: Zeile 1: 28576 Abgebrochen (Speicherabzug geschrieben)
../../../src/ngraph -i ./../objlist.nsc >> object.html
(gdb) q
root@debian:~# coredumpctl list
TIME PID UID GID SIG COREFILE EXE
Sat 2019-01-26 10:32:29 CET 16668 1000 1000 6 present /usr/bin/ngraph
Sat 2019-01-26 11:08:43 CET 29464 1000 1000 6 present
/home/benutzer/source/ngraph-gtk/try1/ngraph-gtk-6.08.00/src/.libs/ngraph
root@debian:~# coredumpctl gdb 29464
...
(gdb) bt
#0 0xb7efcd51 in __kernel_vsyscall ()
#1 0xb7a1b2d2 in __libc_signal_restore_set (set=0xbfca81fc) at
../sysdeps/unix/sysv/linux/internal-signals.h:84
#2 0xb7a1b2d2 in __GI_raise (sig=6) at ../sysdeps/unix/sysv/linux/raise.c:48
#3 0xb7a052b6 in __GI_abort () at abort.c:79
#4 0xb7a5cc1c in __libc_message (action=do_abort, fmt=<optimized out>) at
../sysdeps/posix/libc_fatal.c:181
#5 0xb7af6b6e in __GI___fortify_fail_abort (need_backtrace=false,
msg=0xb7b6d1e3 "stack smashing detected") at fortify_fail.c:28
#6 0xb7af6b1b in __stack_chk_fail () at stack_chk_fail.c:29
#7 0xb7dff624 in _fini () at
/home/benutzer/source/ngraph-gtk/try1/ngraph-gtk-6.08.00/src/.libs/libngraph.so.0
#8 0xb7d1921c in openconfig (section=0xb7e0a7cd "[Ngraph]") at nconfig.c:148
#9 0xb7dede7e in load_config (history_size=<synthetic pointer>,
allocconsole=<synthetic pointer>, inst=0x7f9ad0, sys=0x7f6f20) at init.c:971
#10 0xb7dede7e in n_initialize (argc=0xbfca8840, argv=0xbfca87dc) at init.c:971
#11 0xb7d8b65c in ngraph_initialize (argc=0xbfca8840, argv=0xbfca87dc) at
ngraph_api.c:715
#12 0x0044116c in main (argc=<optimized out>, argv=<optimized out>) at
main.c:122
##################
cd source/ngraph-gtk/try1/ngraph-gtk-6.08.00/doc/html/img
gdb -q --args
/home/benutzer/source/ngraph-gtk/try1/ngraph-gtk-6.08.00/src/.libs/ngraph -i
./../objlist.nsc
set width 0
set pagination off
display/i $pc
b main
run
b openconfig
cont
nexti
...
x/1xd $esp+0xd8
set can-use-hw-watchpoints 0
watch *0xbffff40c
cont
bt
gdb -q --args
/home/benutzer/source/ngraph-gtk/try1/ngraph-gtk-6.08.00/src/.libs/ngraph -i
./../objlist.nsc
set width 0
set pagination off
display/i $pc
b main
run
b nconfig.c:141
cont
(gdb) print *buf
$4 = {st_dev = 13256694460672426096, __pad1 = 0, __st_ino = 0, st_mode = 0,
st_nlink = 0, st_uid = 4422640, st_gid = 3086617604, st_rdev = 3085770591,
__pad2 = 44544, st_size = -5190225067959836679, st_blksize = -1210023927,
st_blocks = -5190225067959083172, st_atim = {tv_sec = -1208443444, tv_nsec =
-1209203288}, st_mtim = {tv_sec = -1209642031, tv_nsec = -1209196954}, st_ctim
= {tv_sec = 0, tv_nsec = -1209184695}, st_ino = 107059654144}
(gdb) print sizeof(*buf)
$5 = 96
(gdb) print libstat
$6 = {st_dev = 13256694460672426096, __pad1 = 0, st_ino = 0, st_mode = 0,
st_nlink = 0, st_uid = 4422640, st_gid = 3086617604, st_rdev = 3085770591,
__pad2 = 44544, st_size = -1209196551, st_blksize = -1208443444, st_blocks =
-1210023927, st_atim = {tv_sec = -1208443044, tv_nsec = -1208443444}, st_mtim =
{tv_sec = -1208443444, tv_nsec = -1209203288}, st_ctim = {tv_sec = -1209642031,
tv_nsec = -1209196954}, __glibc_reserved4 = 0, __glibc_reserved5 = 3085782601}
(gdb) print sizeof(libstat)
$7 = 88
###############
benutzer@debian:~/source/ngraph-gtk/try2/ngraph-gtk-6.08.00$ cat
debian/patches/01_fix-include-order-to-avoid-stack-smashing.patch
Description: Fix include order to avoid stack smashing
Bug-Debian: https://bugs.debian.org/920467
Forwarded: no
Last-Update: 2019-01-26
--- ngraph-gtk-6.08.00.orig/src/nconfig.c
+++ ngraph-gtk-6.08.00/src/nconfig.c
@@ -21,6 +21,8 @@
*
*/
+#include "common.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
@@ -28,8 +30,6 @@
#include <errno.h>
#include <glib.h>
-#include "common.h"
-
#include "object.h"
#include "nstring.h"
#include "ioutil.h"
benutzer@debian:~/source/ngraph-gtk/try2/ngraph-gtk-6.08.00$
dpkg-buildpackage -b
dpkg -i
/home/benutzer/source/ngraph-gtk/try2/{libngraph0,libngraph0-dbgsym,ngraph-gtk,ngraph-gtk-addins,ngraph-gtk-addins-base,ngraph-gtk-dbgsym,ngraph-gtk-doc}_6.08.00-1_*.deb
benutzer@debian:~/source/ngraph-gtk/orig/ngraph-gtk-6.08.00$
debian/tests/run-test
OK. (strip)
OK. (upcase)
OK. (downcase)
OK. (reverse)
OK. (slice)
OK. (slice)
OK. (index)
OK. (index)
OK. (rindex)
OK. (rindex)
OK. (match)
OK. (match)
