Buffer overflow detected at runtime in the default hardened Nixpkgs

[AndersonTorres]

Hello! I was upgrading edgar to the most recent commit, and after a successful build, it ran for a time, however when the space bar is pressed in the tutorial the program crashes,

[anderson@hendrix:/tmp/play]$ ./result/bin/edgar Locale is en_US Numeric is C atof(2.75) is 2.750000 Loaded up PAK file with 7509 entries Uncompressing music/Lazy Day v0_9.ogg Writing to /home/anderson/.parallelrealities/edgar/pakdata Uncompressed to /home/anderson/.parallelrealities/edgar/pakdata Loading '/home/anderson/.parallelrealities/edgar/pakdata' Production Version Uncompressing music/Lazy Day v0_9.ogg Writing to /home/anderson/.parallelrealities/edgar/pakdata Uncompressed to /home/anderson/.parallelrealities/edgar/pakdata Loading '/home/anderson/.parallelrealities/edgar/pakdata' buffer overflow detected : terminated Aborted (core dumped)

When the hardening flags are disabled, the game runs fine.

[riksweeney]

Do you know what the hardening flags are?

[AndersonTorres]

They are described here. For the sake of completeness, I will test them manually one by one and update this post accordingly.

• [ ] format
• [ ] stackprotector
• [x] fortify
• [ ] pic
• [ ] strictoverflow
• [ ] relro
• [ ] bindnow

The culprit is fortify. It adds -O2 -D_FORTIFY_SOURCE=2 to the GCC commandline flags. I have found a blogpost about that.

[riksweeney]

Thanks. Unfortunately I cannot reproduce this error with gcc 11 so I will have to leave this issue open.