[pkg-firebird-general] firebird 2.1 compiled without stack protector, so UDF dlopen failed

marius adrian popa mapopa at gmail.com
Fri May 8 14:09:10 UTC 2009 

On Fri, May 8, 2009 at 9:04 AM, marius adrian popa <mapopa at gmail.com> wrote:
> On Fri, May 8, 2009 at 8:30 AM, marius adrian popa <mapopa at gmail.com> wrote:
>> On Fri, May 8, 2009 at 5:53 AM, Damyan Ivanov <dmn at debian.org> wrote:
>>> -=| marius adrian popa, Fri, May 08, 2009 at 05:43:37AM -0400 |=-
>>>> On Fri, May 8, 2009 at 5:38 AM, Damyan Ivanov <dmn at debian.org> wrote:
>>>> > -=| marius adrian popa, Fri, May 08, 2009 at 01:33:44AM +0300 |=-
>>>> >> On Thu, May 7, 2009 at 10:23 PM, Damyan Ivanov <dmn at debian.org> wrote:
>>>> >> > No -fno-stack-protector there.
>>>> >>
>>>> >> " It turns out that Ubuntu and Debian differ in their implementation
>>>> >> in terms of using stack protection when building software. Debian’s
>>>> >> default is “Do not use stack protection.” Ubuntu’s maintainers decided
>>>> >> that stack protection was better even if things wouldn’t be completely
>>>> >> compatible with Debian."
>>>> >
>>>> > So how come this user's firebird is compiled without stack protection?
>>>>
>>>> the firebird packages is not compiled with stack
>>>
>>> Why? You just said that Ubuntu uses stack protector by default. So the
>>> Ubuntu package shall use it, no?
>>
>> now comes to weird stuff i have tested the examples from
>> http://wiki.debian.org/Hardening
>> and by default gcc  is doing stack protection so if you see no
>> arguments for stack protections that maybe it seems
>> that firebird is compiled with stack protection ? I will ask how to
>> detect if is by default or not firebird builded with stack protection
>> and how to detect it
>>
>> gcc -O2  trivial.c  -o trivial
>> /trivial $(perl -e 'print "A"x100')
>> Your first argument was:
>> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
>> *** stack smashing detected ***: ./trivial terminated
>> gcc -fno-stack-protector  trivial.c  -o trivial
>> ./trivial $(perl -e 'print "A"x100')
>> Your first argument was:
>> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
>> Segmentation fault
>>
>>
>>>
>>>> just the users UDF is compiled by default
>>>>
>>>> it's just needs to be mentioned to UDF users on ubuntu and other stack
>>>> protected os-es
>>>
>>> Mentioned where?
>> maybe in documentation
> So the problem seems to be in his so that is not compiled with stack protection
>
> I have the final answer
> from 8.10 and 9.04 ubuntu g++ compiler enables stack protection by default
> I have asked on #ubuntu-motu channel  and you can see that on my
> Ubuntu Jaunty machine
> firebird is compiled with stack protection enabled
>
> <mariuz> anyone here expert with stack protection ?
> <mariuz> hello
> <mariuz> how do i know if a c++ package is compiled with stack
> protection ? or is on for all packages :mysql , firebird ...
> <jpds> mariuz: kees ^^
> <jpds> mariuz: Or you can: objdump -CR /usr/bin/program | grep chk
> <mariuz> ok , i try to find if is stack protection on firebird2.1
> related packages
> <mariuz> for flamerobin is on objdump -CR /usr/bin/flamerobin | grep chk
> <jpds> There should be something like: "__stack_chk_fai" I think
> <mariuz> objdump -CR /usr/lib/firebird/2.1/bin/fbserver | grep chk , I
> got it 083da28c R_386_JUMP_SLOT   __stack_chk_fail
> <mariuz> thanks so it's on
>
> <jpds> mariuz: https://wiki.ubuntu.com/CompilerFlags#-fstack-protector

and the firebird2.1-classic server is not compiled with stack protection
https://bugs.edge.launchpad.net/ubuntu/+source/firebird2.1/+bug/363694/comments/5

but the other tools from the bin are compiled with it enabled
maybe that is the cause of the bug mentioned at the beginning of the thread

 objdump -CR /usr/lib/firebird/2.1/bin/fb_lock_mgr | grep chk
08082140 R_386_JUMP_SLOT   __stack_chk_fail
>
>>>
>>> --
>>> dam
>>>
>>> _______________________________________________
>>> pkg-firebird-general mailing list
>>> pkg-firebird-general at lists.alioth.debian.org
>>> http://lists.alioth.debian.org/mailman/listinfo/pkg-firebird-general
>>
>

More information about the pkg-firebird-general mailing list