SSP bugs

Ned Ludd solar at gentoo.org
Sat Mar 20 01:06:36 PST 2004


On Fri, 2004-03-19 at 12:09, Robert Connolly wrote:
> On March 19, 2004 11:47 am, Jonas Norlander wrote:
> > > If this segfaults or not, please report back. This might be a bug with a
> > > specific SSP version, or with GCC3.
> >
> > It segfaults for me. Here is my spec.
> >
> > Kernel 2.4.25 with grsecurity 1.9.14
> > g++ (GCC) 3.3.2 (Propolice Only 3.3-5)
> > glibc 2.3.2 with Propolice patch
> >
> > [jonas at venus ~/tmp]$ ./vector
> > Segmentation fault
> > Mar 19 17:15:35 venus kernel: grsec: From 192.168.7.1: signal 11 sent to
> > (vector:6851) UID(1001) EUID(1001), parent (bash:5200) UID(1001) EUID(1001)
> > Mar 19 17:15:35 venus kernel: grsec: From 192.168.7.1: attempted resource
> > overstep by requesting 4096 for RLIMIT_CORE against limit 0 by
> > (vector:6851) UID(1001) EUID(1001), parent (bash:5200) UID(1001) EUID(1001)
> 

> The kill is coming from grsec.

grsec does not really kill pids that's just his signal logging doing
it's job (11 segfault) then the second is the resource logging, ie
ulimit -c 0 was set vs something like ulimit -c unlimited.

>  Do you get the same results with 
> -fno-stack-protector ?
-- 
Ned Ludd <solar at gentoo.org>
Gentoo Linux Developer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20040320/1a14e1d4/attachment.sig>


More information about the hlfs-dev mailing list