R14B01: buffer overflow detected during compilation with -D_FORTIFY_SOURCE=2 (x86_64)

Nico Kruber kruber@REDACTED
Tue Dec 14 11:57:24 CET 2010 

Most distributions nowadays adds the -D_FORTIFY_SOURCE=2 flag during package compilation. I tried updating my erlang package (openSUSE 11.3, x86_64) from R14B to R14B01 and received the following error (also see the attached build.log.fortsource2 - compressed due to its file size):

*** buffer overflow detected ***: /usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail+0x37)[0x2b64930b0067]
/lib64/libc.so.6(+0xe4e10)[0x2b64930ade10]
/usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp[0x584047]
/usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp(erts_write_to_port+0x97f)[0x4946ef]
/usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp[0x50fcb9]
/usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp(process_main+0x2eba)[0x53b36a]
/usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp[0x4a1772]
/usr/src/packages/BUILD/otp_src_R14B01/bin/x86_64-unknown-linux-gnu/beam.smp[0x5aee94]
/lib64/libpthread.so.0(+0x6a4f)[0x2b6492ba8a4f]
/lib64/libc.so.6(clone+0x6d)[0x2b649309982d]


Setting  -D_FORTIFY_SOURCE=1 allows erlang to be build but the buffer overflow is probably still there and dangerous...
R14B did not show this behaviour.

Additionally, could you correct the dependencies in the makefiles in order to allow make -j2 and higher?


Regards
Nico Kruber
-------------- next part --------------
A non-text attachment was scrubbed...
Name: build.log.fortsource2.gz
Type: application/x-gzip
Size: 19577 bytes
Desc: not available
URL: <http://erlang.org/pipermail/erlang-bugs/attachments/20101214/d82d58d7/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://erlang.org/pipermail/erlang-bugs/attachments/20101214/d82d58d7/attachment-0001.bin>

More information about the erlang-bugs mailing list