[pkg-firebird-general] firebird 2.1 compiled without stack protector, so UDF dlopen failed

marius adrian popa mapopa at gmail.com
Fri May 8 13:04:50 UTC 2009 

On Fri, May 8, 2009 at 8:30 AM, marius adrian popa <mapopa at gmail.com> wrote:
> On Fri, May 8, 2009 at 5:53 AM, Damyan Ivanov <dmn at debian.org> wrote:
>> -=| marius adrian popa, Fri, May 08, 2009 at 05:43:37AM -0400 |=-
>>> On Fri, May 8, 2009 at 5:38 AM, Damyan Ivanov <dmn at debian.org> wrote:
>>> > -=| marius adrian popa, Fri, May 08, 2009 at 01:33:44AM +0300 |=-
>>> >> On Thu, May 7, 2009 at 10:23 PM, Damyan Ivanov <dmn at debian.org> wrote:
>>> >> > No -fno-stack-protector there.
>>> >>
>>> >> " It turns out that Ubuntu and Debian differ in their implementation
>>> >> in terms of using stack protection when building software. Debian’s
>>> >> default is “Do not use stack protection.” Ubuntu’s maintainers decided
>>> >> that stack protection was better even if things wouldn’t be completely
>>> >> compatible with Debian."
>>> >
>>> > So how come this user's firebird is compiled without stack protection?
>>>
>>> the firebird packages is not compiled with stack
>>
>> Why? You just said that Ubuntu uses stack protector by default. So the
>> Ubuntu package shall use it, no?
>
> now comes to weird stuff i have tested the examples from
> http://wiki.debian.org/Hardening
> and by default gcc  is doing stack protection so if you see no
> arguments for stack protections that maybe it seems
> that firebird is compiled with stack protection ? I will ask how to
> detect if is by default or not firebird builded with stack protection
> and how to detect it
>
> gcc -O2  trivial.c  -o trivial
> /trivial $(perl -e 'print "A"x100')
> Your first argument was:
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> *** stack smashing detected ***: ./trivial terminated
> gcc -fno-stack-protector  trivial.c  -o trivial
> ./trivial $(perl -e 'print "A"x100')
> Your first argument was:
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
> Segmentation fault
>
>
>>
>>> just the users UDF is compiled by default
>>>
>>> it's just needs to be mentioned to UDF users on ubuntu and other stack
>>> protected os-es
>>
>> Mentioned where?
> maybe in documentation
So the problem seems to be in his so that is not compiled with stack protection

I have the final answer
from 8.10 and 9.04 ubuntu g++ compiler enables stack protection by default
I have asked on #ubuntu-motu channel  and you can see that on my
Ubuntu Jaunty machine
firebird is compiled with stack protection enabled

<mariuz> anyone here expert with stack protection ?
<mariuz> hello
<mariuz> how do i know if a c++ package is compiled with stack
protection ? or is on for all packages :mysql , firebird ...
<jpds> mariuz: kees ^^
<jpds> mariuz: Or you can: objdump -CR /usr/bin/program | grep chk
<mariuz> ok , i try to find if is stack protection on firebird2.1
related packages
<mariuz> for flamerobin is on objdump -CR /usr/bin/flamerobin | grep chk
<jpds> There should be something like: "__stack_chk_fai" I think
<mariuz> objdump -CR /usr/lib/firebird/2.1/bin/fbserver | grep chk , I
got it 083da28c R_386_JUMP_SLOT   __stack_chk_fail
<mariuz> thanks so it's on

<jpds> mariuz: https://wiki.ubuntu.com/CompilerFlags#-fstack-protector

>>
>> --
>> dam
>>
>> _______________________________________________
>> pkg-firebird-general mailing list
>> pkg-firebird-general at lists.alioth.debian.org
>> http://lists.alioth.debian.org/mailman/listinfo/pkg-firebird-general
>

More information about the pkg-firebird-general mailing list