SSP bugs

Jonas Norlander jonas.norlander at ovikonline.com
Fri Mar 19 08:47:45 PST 2004


On Thu, Mar 18, 2004 at 03:50:42PM -0500, Robert Connolly wrote:
> There's an odd "maybe" bug for SSP. At seen on 
> http://bugs.gentoo.org/show_bug.cgi?id=44931
> If you have SSP installed please give this a try.
> 
> cat > vector.cc << "EOF"
> #include <vector>
> #include <algorithm>
> 
> int main()
> {
>          std::vector<long> i;
>          i.push_back(4);
>          i.push_back(3);
>          i.push_back(2);
>          i.push_back(1);
>          std::sort(i.begin(), i.end());
> }
> EOF
> 
> g++ vector.cc -o vector -fstack-protector-all
> ./vector
> 
> If this segfaults or not, please report back. This might be a bug with a 
> specific SSP version, or with GCC3.

It segfaults for me. Here is my spec.

Kernel 2.4.25 with grsecurity 1.9.14
g++ (GCC) 3.3.2 (Propolice Only 3.3-5) 
glibc 2.3.2 with Propolice patch

[jonas at venus ~/tmp]$ ./vector
Segmentation fault
Mar 19 17:15:35 venus kernel: grsec: From 192.168.7.1: signal 11 sent to (vector:6851)
 UID(1001) EUID(1001), parent (bash:5200) UID(1001) EUID(1001)
Mar 19 17:15:35 venus kernel: grsec: From 192.168.7.1: attempted resource overstep by
 requesting 4096 for RLIMIT_CORE against limit 0 by (vector:6851) UID(1001) EUID(1001),
 parent (bash:5200) UID(1001) EUID(1001)




More information about the hlfs-dev mailing list