Closed cyphar closed 1 year ago
Here's the key info from the coredump:
Core was generated by `rtorrent'.
Program terminated with signal SIGABRT, Aborted.
#0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
44 return INTERNAL_SYSCALL_ERROR_P (ret) ? INTERNAL_SYSCALL_ERRNO (ret) : 0;
[Current thread is 1 (Thread 0x7f78c8364d00 (LWP 2112))]
Missing separate debuginfos, use: zypper install libsasl2-3-debuginfo-2.1.28-1.5.x86_64
(gdb) bt
#0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44
#1 0x00007f78c90fa743 in __pthread_kill_internal (signo=6, threadid=<optimized out>) at pthread_kill.c:78
#2 0x00007f78c90a76f6 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#3 0x00007f78c9090814 in __GI_abort () at abort.c:79
#4 0x00007f78c90ed79e in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7f78c9233524 "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:155
#5 0x00007f78c919287a in __GI___fortify_fail (msg=msg@entry=0x7f78c92334ca "buffer overflow detected") at fortify_fail.c:26
#6 0x00007f78c9190e36 in __GI___chk_fail () at chk_fail.c:28
#7 0x00007f78c91909f5 in ___snprintf_chk (s=<optimized out>, maxlen=maxlen@entry=255, flag=flag@entry=2, slen=<optimized out>, format=format@entry=0x55e8f96e815d ":+%i\n")
at snprintf_chk.c:29
#8 0x000055e8f9673192 in snprintf (__fmt=0x55e8f96e815d ":+%i\n", __n=255, __s=<optimized out>) at /usr/include/bits/stdio2.h:71
#9 utils::Lockfile::try_lock (this=0x55e8faa6f090) at utils/lockfile.cc:101
#10 core::DownloadStore::enable (lock=<optimized out>, this=0x55e8faa6f070) at core/download_store.cc:74
#11 Control::initialize (this=0x55e8faa6a780) at /usr/src/debug/rtorrent-0.9.8-5.5.x86_64/src/control.cc:115
#12 0x000055e8f963f43b in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/rtorrent-0.9.8-5.5.x86_64/src/main.cc:469
I suspect this is caused by FORTIFY_SOURCE=2
.
Note that this is actually with _FORTIFY_SOURCE=3
(not 2).
There appears to have been some change on openSUSE (likely some new hardening flags for builds, or some glibc hardening) such that incorrect buffer handling results in a segfault even if the buffer is never overflowed.
Signed-off-by: Aleksa Sarai cyphar@cyphar.com