Bug 167985
Summary: | *** buffer overflow detected ***: /usr/libexec/gnome-vfs-daemon terminated | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | sangu <sangu.fedora> | ||||||||
Component: | hal | Assignee: | David Zeuthen <davidz> | ||||||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | medium | ||||||||||
Version: | rawhide | CC: | johnp, mclasen, rodd, tjarls | ||||||||
Target Milestone: | --- | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | i386 | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2005-09-27 23:10:01 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Attachments: |
|
Description
sangu
2005-09-10 01:54:47 UTC
I'm getting the same error. _gnome_vfs_hal_mounts_modify_volume is being called for /var/lib/nfs/rpc_pipefs: (gdb) print *vol->priv $5 = {id = 2, volume_type = GNOME_VFS_VOLUME_TYPE_MOUNTPOINT, device_type = GNOME_VFS_DEVICE_TYPE_HARDDRIVE, drive = 0x0, activation_uri = 0x9a84540 "file:///var/lib/nfs/rpc_pipefs", filesystem_type = 0x9a8b688 "rpc_pipefs", display_name = 0x9a8b6b8 "rpc_pipefs", icon = 0x9a845b8 "gnome-dev-harddisk", is_user_visible = 0, is_read_only = 0, is_mounted = 1, device_path = 0x9a8b678 "sunrpc", unix_device = 19, hal_udi = 0x0, hal_drive_udi = 0x0, gconf_id = 0x0} I'm seeing similar problems too. I can reproduce this - I happened after an upgrade of D-BUS so I'm adding johnp as Cc With "I happened after an upgrade of D-BUS" I meant to say "it probably happened after an upgrade to D-BUS 0.50.0". Sorry for the confusion. Hmmm, I just looked and I'm using dbus-0.50 too, which was upgraded around the 9th of Sept, with is around the time I started noticing something was wrong (but was fighting kernel problems) and around the same time that this bug was posted. david can you downgrade to 0.36.1 and see if it fixes the issues. They only thing that could have caused this is Olivier Andrieu object tree optimizations but I want to isolate the cause first before I single that piece of code out. If you are still seing this issue with the downgraded packages then it is something else. I tried to recompile dbus and gnome-vfs2. dbus-0.50.x recompiled without problem, but gnome-vfs2 wouldn't. see: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168743 I don't know if it's relevant, but I thought it worth the enquiry I do not experience the problem anymore after downgrading to dbus 0.33 from the FC4 updates. Rodd, that looks unrelated and a problem with SMB. Charles, 0.33 doesn't really help me pinpoint where the problem is but thanks. It might help if the error still shows up in 0.36.1. I'll post the RPM's for 0.36.1 later in the day. Please go to http://people.redhat.com/johnp/files/dbus/ to get the 0.36.1 rpms and tell me if the problem is fixed. I've downgraded to the 0.36.1 rpms and the problem still exists. [rodd@localhost ~]$ /usr/libexec/gnome-vfs-daemon *** buffer overflow detected ***: /usr/libexec/gnome-vfs-daemon terminated ======= Backtrace: ========= /lib/libc.so.6(__chk_fail+0x41)[0xb89735] /lib/libc.so.6[0xb89cad] /usr/libexec/gnome-vfs-daemon(_gnome_vfs_hal_mounts_modify_volume+0x1be)[0x805a314] /usr/libexec/gnome-vfs-daemon[0x8056757] /usr/libexec/gnome-vfs-daemon[0x80572b4] /usr/lib/libgobject-2.0.so.0(g_type_create_instance+0x4d2)[0xda4881] /usr/lib/libgobject-2.0.so.0[0xd8b570] /usr/lib/libgobject-2.0.so.0(g_object_newv+0x1d6)[0xd8c1c9] /usr/lib/libgobject-2.0.so.0(g_object_new_valist+0x22b)[0xd8cd74] /usr/lib/libgobject-2.0.so.0(g_object_new+0x3c)[0xd8cf1c] /usr/lib/libgnomevfs-2.so.0(_gnome_vfs_get_volume_monitor_internal+0xfa)[0x8ecbdb] /usr/lib/libgnomevfs-2.so.0(gnome_vfs_get_volume_monitor+0x1e)[0x8ecc24] /usr/libexec/gnome-vfs-daemon(main+0xd3)[0x805076e] /lib/libc.so.6(__libc_start_main+0xdf)[0xac04ff] /usr/libexec/gnome-vfs-daemon[0x804f781] ======= Memory map: ======== 00111000-00118000 r-xp 00000000 03:09 2015239 /usr/lib/gnome-vfs-2.0/modules/libfile.so 00118000-00119000 rwxp 00006000 03:09 2015239 /usr/lib/gnome-vfs-2.0/modules/libfile.so 0019a000-001a8000 r-xp 00000000 03:09 324174 /lib/libpthread-2.3.90.so 001a8000-001a9000 r-xp 0000d000 03:09 324174 /lib/libpthread-2.3.90.so 001a9000-001aa000 rwxp 0000e000 03:09 324174 /lib/libpthread-2.3.90.so 001aa000-001ac000 rwxp 001aa000 00:00 0 0021e000-00237000 r-xp 00000000 03:09 324170 /lib/ld-2.3.90.so 00237000-00238000 r-xp 00018000 03:09 324170 /lib/ld-2.3.90.so 00238000-00239000 rwxp 00019000 03:09 324170 /lib/ld-2.3.90.so 0023b000-00242000 r-xp 00000000 03:09 1820786 /usr/lib/libpopt.so.0.0.0 00242000-00243000 rwxp 00007000 03:09 1820786 /usr/lib/libpopt.so.0.0.0 00245000-00247000 r-xp 00000000 03:09 324195 /lib/libcom_err.so.2.1 00247000-00248000 rwxp 00001000 03:09 324195 /lib/libcom_err.so.2.1 0024a000-00259000 r-xp 00000000 03:09 324193 /lib/libresolv-2.3.90.so 00259000-0025a000 r-xp 0000e000 03:09 324193 /lib/libresolv-2.3.90.so 0025a000-0025b000 rwxp 0000f000 03:09 324193 /lib/libresolv-2.3.90.so 0025b000-0025d000 rwxp 0025b000 00:00 0 0025f000-002d0000 r-xp 00000000 03:09 1820400 /usr/lib/libkrb5.so.3.2 002d0000-002d2000 rwxp 00071000 03:09 1820400 /usr/lib/libkrb5.so.3.2 002d4000-002d7000 r-xp 00000000 03:09 1820249 /usr/lib/libkrb5support.so.0.0 002d7000-002d8000 rwxp 00002000 03:09 1820249 /usr/lib/libkrb5support.so.0.0 002da000-002fd000 r-xp 00000000 03:09 1820322 /usr/lib/libk5crypto.so.3.0 002fd000-002fe000 rwxp 00023000 03:09 1820322 /usr/lib/libk5crypto.so.3.0 00300000-00317000 r-xp 00000000 03:09 1820782 /usr/lib/libgssapi_krb5.so.2.2 00317000-00319000 rwxp 00016000 03:09 1820782 /usr/lib/libgssapi_krb5.so.2.2 0031b000-00415000 r-xp 00000000 03:09 324199 /lib/libcrypto.so.0.9.7f 00415000-00427000 rwxp 000fa000 03:09 324199 /lib/libcrypto.so.0.9.7f 00427000-0042a000 rwxp 00427000 00:00 0 0042c000-00462000 r-xp 00000000 03:09 324200 /lib/libssl.so.0.9.7f 00462000-00465000 rwxp 00036000 03:09 324200 /lib/libssl.so.0.9.7f 00467000-0046b000 r-xp 00000000 03:09 1821755 /usr/lib/libgthread-2.0.so.0.800.1 0046b000-0046c000 rwxp 00003000 03:09 1821755 /usr/lib/libgthread-2.0.so.0.800.1 0046e000-00476000 r-xp 00000000 03:09 324183 /lib/librt-2.3.90.so 00476000-00477000 r-xp 00007000 03:09 324183 /lib/librt-2.3.90.so 00477000-00478000 rwxp 00008000 03:09 324183 /lib/librt-2.3.90.so 00478000-00482000 rwxp 00478000 00:00 0 00484000-0048b000 r-xp 00000000 03:09 1821283 /usr/lib/libhal-storage.so.1.0.0 0048b000-0048c000 rwxp 00007000 03:09 1821283 /usr/lib/libhal-storage.so.1.0.0 004c0000-0050c000 r-xp 00000000 03:09 1821756 /usr/lib/libORBit-2.so.0.0.0 0050c000-00518000 rwxp 0004b000 03:09 1821756 /usr/lib/libORBit-2.so.0.0.0 005e7000-005f9000 r-xp 00000000 03:09 1821769 /usr/lib/libbonobo-activation.so.4.0.0 005f9000-005fc000 rwxp 00011000 03:09 1821769 /usr/lib/libbonobo-activation.so.4.0.0 005fe000-00602000 r-xp 00000000 03:09 1821767 /usr/lib/libORBitCosNaming-2.so.0.0.0 00602000-00603000 rwxp 00004000 03:09 1821767 /usr/lib/libORBitCosNaming-2.so.0.0.0 00605000-0061a000 r-xp 00000000 03:09 1821809 /usr/lib/libhowl.so.0.0.0 0061a000-0061c000 rwxp 00014000 03:09 1821809 /usr/lib/libhowl.so.0.0.0 0061c000-0072e000 rwxp 0061c000 00:00 0 00730000-00762000 r-xp 00000000 03:09 1821758 /usr/lib/libgconf-2.so.4.1.0 00762000-00765000 rwxp 00031000 03:09 1821758 /usr/lib/libgconf-2.so.4.1.0 00767000-007bd000 r-xp 00000000 03:09 1821801 /usr/lib/libbonobo-2.so.0.0.0 007bd000-007c7000 rwxp 00056000 03:09 1821801 /usr/lib/libbonobo-2.so.0.0.0 00886000-0088c000 r-xp 00000000 03:09 1824192 /usr/lib/libfam.so.0.0.0 0088c000-0088d000 rwxp 00006000 03:09 1824192 /usr/lib/libfam.so.0.0.0 00890000-00898000 r-xp 00000000 03:09 1826459 /usr/lib/libhal.so.1.0.0 00898000-00899000 rwxp 00008000 03:09 1826459 /usr/lib/libhal.so.1.0.0 008ae000-00911000 r-xp 00000000 03:09 1821858 /usr/lib/libgnomevfs-2.so.0.1200.0 00911000-00916000 rwxp 00062000 03:09 1821858 /usr/lib/libgnomevfs-2.so.0.1200.0 009aa000-009bc000 r-xp 00000000 03:09 324191 /lib/libnsl-2.3.90.so 009bc000-009bd000 r-xp 00011000 03:09 324191 /lib/libnsl-2.3.90.so 009bd000-009be000 rwxp 00012000 03:09 324191 /lib/libnsl-2.3.90.so 009be000-009c0000 rwxp 009be000 00:00 0 009c2000-00a31000 r-xp 00000000 03:09 1825188 /usr/lib/libdbus-1.so.1.0.0 00a31000-00a32000 rwxp 0006f000 03:09 1825188 /usr/lib/libdbus-1.so.1.0.0 00a7a000-00a7b000 r-xp 00a7a000 00:00 0 [vdso] 00aab000-00bd0000 r-xp 00000000 03:09 324172 /lib/libc-2.3.90.so 00bd0000-00bd2000 r-xp 00125000 03:09 324172 /lib/libc-2.3.90.so 00bd2000-00bd4000 rwxp 00127000 03:09 324172 /lib/libc-2.3.90.so 00bd4000-00bd6000 rwxp 00bd4000 00:00 0 00bd8000-00bfb000 r-xp 00000000 03:09 324180 /lib/libm-2.3.90.so 00bfb000-00bfc000 r-xp 00022000 03:09 324180 /lib/libm-2.3.90.so 00bfc000-00bfd000 rwxp 00023000 03:09 324180 /lib/libm-2.3.90.so 00bff000-00c01000 r-xp 00000000 03:09 324185 /lib/libdl-2.3.90.so 00c01000-00c02000 r-xp 00001000 03:09 324185 /lib/libdl-2.3.90.so 00c02000-00c03000 rwxp 00002000 03:09 324185 /lib/libdl-2.3.90.so 00c05000-00c17000 r-xp 00000000 03:09 1819081 /usr/lib/libz.so.1.2.3 00c17000-00c18000 rwxp 00011000 03:09 1819081 /usr/lib/libz.so.1.2.3 00cf0000-00d7b000 r-xp 00000000 03:09 1819067 /usr/lib/libglib-2.0.so.0.800.100d7b000-00d7c000 rwxp 0008b000 03:09 1819067 /usr/lib/libglib-2.0.so.0.800.100d7e000-00db9000 r-xp 00000000 03:09 1819068 /usr/lib/libgobject-2.0.so.0.800.1 00db9000-00dba000 rwxp 0003b000 03:09 1819068 /usr/lib/libgobject-2.0.so.0.800.1 00dcd000-00dd0000 r-xp 00000000 03:09 1819072 /usr/lib/libgmodule-2.0.so.0.800.1 00dd0000-00dd1000 rwxp 00002000 03:09 1819072 /usr/lib/libgmodule-2.0.so.0.800.1 00fa9000-00fb2000 r-xp 00000000 03:09 324212 /lib/libnss_files-2.3.90.so 00fb2000-00fb3000 r-xp 00008000 03:09 324212 /lib/libnss_files-2.3.90.so 00fb3000-00fb4000 rwxp 00009000 03:09 324212 /lib/libnss_files-2.3.90.so 04b2e000-04b4d000 r-xp 00000000 03:09 1825216 /usr/lib/libdbus-glib-1.so.1.0.0 04b4d000-04b4e000 rwxp 0001f000 03:09 1825216 /usr/lib/libdbus-glib-1.so.1.0.0 056d6000-057f4000 r-xp 00000000 03:09 1816749 /usr/lib/libxml2.so.2.6.22 057f4000-057fc000 rwxp 0011e000 03:09 1816749 /usr/lib/libxml2.so.2.6.22 057fc000-057fd000 rwxp 057fc000 00:00 0 057ff000-05808000 r-xp 00000000 03:09 324182 /lib/libgcc_s-4.0.1-20050919.so.1 05808000-05809000 rwxp 00009000 03:09 324182 /lib/libgcc_s-4.0.1-20050919.so.1 08041000-08061000 r-xp 00000000 03:09 1819770 /usr/libexec/gnome-vfs-daemon 08061000-08064000 rw-p 0001f000 03:09 1819770 /usr/libexec/gnome-vfs-daemon 09ce7000-09d08000 rw-p 09ce7000 00:00 0 [heap] b7d65000-b7f65000 r--p 00000000 03:09 1296648 /usr/lib/locale/locale-archive b7f65000-b7f6d000 rw-p b7f65000 00:00 0 b7f7d000-b7f7e000 rw-p b7f7d000 00:00 0 bfb69000-bfb7e000 rw-p bfb69000 00:00 0 [stack] Aborted [rodd@localhost ~]$ Ah, bugger. The above output is wrong, but downgrading didn't help. I've just realised that I did the test last night after downgrading the rpms, and then I've posted this output this morning after doing an update. try this instead [rodd@localhost tmp]$ sudo rpm -Uvh dbus-0.36.1-1.i386.rpm dbus-devel-0.36.1-1.i386.rpm dbus-glib-0.36.1-1.i386.rpm dbus-x11-0.36.1-1.i386.rpm dbus-python-0.36.1-1.i386.rpm --force Password: Preparing... ########################################### [100%] 1:dbus ########################################### [ 20%] 2:dbus-glib ########################################### [ 40%] 3:dbus-devel ########################################### [ 60%] 4:dbus-x11 ########################################### [ 80%] 5:dbus-python ########################################### [100%] [rodd@localhost tmp]$ /usr/libexec/gnome-vfs-daemon *** buffer overflow detected ***: /usr/libexec/gnome-vfs-daemon terminated ======= Backtrace: ========= /lib/libc.so.6(__chk_fail+0x41)[0xb89735] /lib/libc.so.6[0xb89cad] /usr/libexec/gnome-vfs-daemon(_gnome_vfs_hal_mounts_modify_volume+0x1be)[0x805a314] /usr/libexec/gnome-vfs-daemon[0x8056757] /usr/libexec/gnome-vfs-daemon[0x80572b4] /usr/lib/libgobject-2.0.so.0(g_type_create_instance+0x4d2)[0xda4881] /usr/lib/libgobject-2.0.so.0[0xd8b570] /usr/lib/libgobject-2.0.so.0(g_object_newv+0x1d6)[0xd8c1c9] /usr/lib/libgobject-2.0.so.0(g_object_new_valist+0x22b)[0xd8cd74] /usr/lib/libgobject-2.0.so.0(g_object_new+0x3c)[0xd8cf1c] /usr/lib/libgnomevfs-2.so.0(_gnome_vfs_get_volume_monitor_internal+0xfa)[0x8ecbdb] /usr/lib/libgnomevfs-2.so.0(gnome_vfs_get_volume_monitor+0x1e)[0x8ecc24] /usr/libexec/gnome-vfs-daemon(main+0xd3)[0x805076e] /lib/libc.so.6(__libc_start_main+0xdf)[0xac04ff] /usr/libexec/gnome-vfs-daemon[0x804f781] ======= Memory map: ======== 00111000-00180000 r-xp 00000000 03:09 1824757 /usr/lib/libdbus-1.so.1.0.0 00180000-00181000 rwxp 0006f000 03:09 1824757 /usr/lib/libdbus-1.so.1.0.0 00181000-001f2000 r-xp 00000000 03:09 1820400 /usr/lib/libkrb5.so.3.2 001f2000-001f4000 rwxp 00071000 03:09 1820400 /usr/lib/libkrb5.so.3.2 001f4000-00202000 r-xp 00000000 03:09 324174 /lib/libpthread-2.3.90.so 00202000-00203000 r-xp 0000d000 03:09 324174 /lib/libpthread-2.3.90.so 00203000-00204000 rwxp 0000e000 03:09 324174 /lib/libpthread-2.3.90.so 00204000-00206000 rwxp 00204000 00:00 0 0021e000-00237000 r-xp 00000000 03:09 324170 /lib/ld-2.3.90.so 00237000-00238000 r-xp 00018000 03:09 324170 /lib/ld-2.3.90.so 00238000-00239000 rwxp 00019000 03:09 324170 /lib/ld-2.3.90.so 0023b000-00242000 r-xp 00000000 03:09 1820786 /usr/lib/libpopt.so.0.0.0 00242000-00243000 rwxp 00007000 03:09 1820786 /usr/lib/libpopt.so.0.0.0 00245000-00247000 r-xp 00000000 03:09 324195 /lib/libcom_err.so.2.1 00247000-00248000 rwxp 00001000 03:09 324195 /lib/libcom_err.so.2.1 0024a000-00259000 r-xp 00000000 03:09 324193 /lib/libresolv-2.3.90.so 00259000-0025a000 r-xp 0000e000 03:09 324193 /lib/libresolv-2.3.90.so 0025a000-0025b000 rwxp 0000f000 03:09 324193 /lib/libresolv-2.3.90.so 0025b000-0025d000 rwxp 0025b000 00:00 0 002aa000-002ab000 r-xp 002aa000 00:00 0 [vdso] 002d4000-002d7000 r-xp 00000000 03:09 1820249 /usr/lib/libkrb5support.so.0.0 002d7000-002d8000 rwxp 00002000 03:09 1820249 /usr/lib/libkrb5support.so.0.0 002da000-002fd000 r-xp 00000000 03:09 1820322 /usr/lib/libk5crypto.so.3.0 002fd000-002fe000 rwxp 00023000 03:09 1820322 /usr/lib/libk5crypto.so.3.0 00300000-00317000 r-xp 00000000 03:09 1820782 /usr/lib/libgssapi_krb5.so.2.2 00317000-00319000 rwxp 00016000 03:09 1820782 /usr/lib/libgssapi_krb5.so.2.2 0031b000-00415000 r-xp 00000000 03:09 324199 /lib/libcrypto.so.0.9.7f 00415000-00427000 rwxp 000fa000 03:09 324199 /lib/libcrypto.so.0.9.7f 00427000-0042a000 rwxp 00427000 00:00 0 0042c000-00462000 r-xp 00000000 03:09 324200 /lib/libssl.so.0.9.7f 00462000-00465000 rwxp 00036000 03:09 324200 /lib/libssl.so.0.9.7f 00467000-0046b000 r-xp 00000000 03:09 1821755 /usr/lib/libgthread-2.0.so.0.800.1 0046b000-0046c000 rwxp 00003000 03:09 1821755 /usr/lib/libgthread-2.0.so.0.800.1 0046e000-00476000 r-xp 00000000 03:09 324183 /lib/librt-2.3.90.so 00476000-00477000 r-xp 00007000 03:09 324183 /lib/librt-2.3.90.so 00477000-00478000 rwxp 00008000 03:09 324183 /lib/librt-2.3.90.so 00478000-00482000 rwxp 00478000 00:00 0 00484000-0048b000 r-xp 00000000 03:09 1821283 /usr/lib/libhal-storage.so.1.0.0 0048b000-0048c000 rwxp 00007000 03:09 1821283 /usr/lib/libhal-storage.so.1.0.0 004c0000-0050c000 r-xp 00000000 03:09 1821756 /usr/lib/libORBit-2.so.0.0.0 0050c000-00518000 rwxp 0004b000 03:09 1821756 /usr/lib/libORBit-2.so.0.0.0 00561000-00580000 r-xp 00000000 03:09 453925 /usr/lib/libdbus-glib-1.so.1.0.0 00580000-00581000 rwxp 0001f000 03:09 453925 /usr/lib/libdbus-glib-1.so.1.0.0 005e7000-005f9000 r-xp 00000000 03:09 1821769 /usr/lib/libbonobo-activation.so.4.0.0 005f9000-005fc000 rwxp 00011000 03:09 1821769 /usr/lib/libbonobo-activation.so.4.0.0 005fe000-00602000 r-xp 00000000 03:09 1821767 /usr/lib/libORBitCosNaming-2.so.0.0.0 00602000-00603000 rwxp 00004000 03:09 1821767 /usr/lib/libORBitCosNaming-2.so.0.0.0 00605000-0061a000 r-xp 00000000 03:09 1821809 /usr/lib/libhowl.so.0.0.0 0061a000-0061c000 rwxp 00014000 03:09 1821809 /usr/lib/libhowl.so.0.0.0 0061c000-0072e000 rwxp 0061c000 00:00 0 00730000-00762000 r-xp 00000000 03:09 1821758 /usr/lib/libgconf-2.so.4.1.0 00762000-00765000 rwxp 00031000 03:09 1821758 /usr/lib/libgconf-2.so.4.1.0 00767000-007bd000 r-xp 00000000 03:09 1821801 /usr/lib/libbonobo-2.so.0.0.0 007bd000-007c7000 rwxp 00056000 03:09 1821801 /usr/lib/libbonobo-2.so.0.0.0 00886000-0088c000 r-xp 00000000 03:09 1824192 /usr/lib/libfam.so.0.0.0 0088c000-0088d000 rwxp 00006000 03:09 1824192 /usr/lib/libfam.so.0.0.0 00890000-00898000 r-xp 00000000 03:09 1826459 /usr/lib/libhal.so.1.0.0 00898000-00899000 rwxp 00008000 03:09 1826459 /usr/lib/libhal.so.1.0.0 008ae000-00911000 r-xp 00000000 03:09 1821858 /usr/lib/libgnomevfs-2.so.0.1200.0 00911000-00916000 rwxp 00062000 03:09 1821858 /usr/lib/libgnomevfs-2.so.0.1200.0 009aa000-009bc000 r-xp 00000000 03:09 324191 /lib/libnsl-2.3.90.so 009bc000-009bd000 r-xp 00011000 03:09 324191 /lib/libnsl-2.3.90.so 009bd000-009be000 rwxp 00012000 03:09 324191 /lib/libnsl-2.3.90.so 009be000-009c0000 rwxp 009be000 00:00 0 00aab000-00bd0000 r-xp 00000000 03:09 324172 /lib/libc-2.3.90.so 00bd0000-00bd2000 r-xp 00125000 03:09 324172 /lib/libc-2.3.90.so 00bd2000-00bd4000 rwxp 00127000 03:09 324172 /lib/libc-2.3.90.so 00bd4000-00bd6000 rwxp 00bd4000 00:00 0 00bd8000-00bfb000 r-xp 00000000 03:09 324180 /lib/libm-2.3.90.so 00bfb000-00bfc000 r-xp 00022000 03:09 324180 /lib/libm-2.3.90.so 00bfc000-00bfd000 rwxp 00023000 03:09 324180 /lib/libm-2.3.90.so 00bff000-00c01000 r-xp 00000000 03:09 324185 /lib/libdl-2.3.90.so 00c01000-00c02000 r-xp 00001000 03:09 324185 /lib/libdl-2.3.90.so 00c02000-00c03000 rwxp 00002000 03:09 324185 /lib/libdl-2.3.90.so 00c05000-00c17000 r-xp 00000000 03:09 1819081 /usr/lib/libz.so.1.2.3 00c17000-00c18000 rwxp 00011000 03:09 1819081 /usr/lib/libz.so.1.2.3 00cf0000-00d7b000 r-xp 00000000 03:09 1819067 /usr/lib/libglib-2.0.so.0.800.100d7b000-00d7c000 rwxp 0008b000 03:09 1819067 /usr/lib/libglib-2.0.so.0.800.100d7e000-00db9000 r-xp 00000000 03:09 1819068 /usr/lib/libgobject-2.0.so.0.800.1 00db9000-00dba000 rwxp 0003b000 03:09 1819068 /usr/lib/libgobject-2.0.so.0.800.1 00dcd000-00dd0000 r-xp 00000000 03:09 1819072 /usr/lib/libgmodule-2.0.so.0.800.1 00dd0000-00dd1000 rwxp 00002000 03:09 1819072 /usr/lib/libgmodule-2.0.so.0.800.1 00e97000-00e9e000 r-xp 00000000 03:09 2015239 /usr/lib/gnome-vfs-2.0/modules/libfile.so 00e9e000-00e9f000 rwxp 00006000 03:09 2015239 /usr/lib/gnome-vfs-2.0/modules/libfile.so 00f17000-00f20000 r-xp 00000000 03:09 324212 /lib/libnss_files-2.3.90.so 00f20000-00f21000 r-xp 00008000 03:09 324212 /lib/libnss_files-2.3.90.so 00f21000-00f22000 rwxp 00009000 03:09 324212 /lib/libnss_files-2.3.90.so 056d6000-057f4000 r-xp 00000000 03:09 1816749 /usr/lib/libxml2.so.2.6.22 057f4000-057fc000 rwxp 0011e000 03:09 1816749 /usr/lib/libxml2.so.2.6.22 057fc000-057fd000 rwxp 057fc000 00:00 0 057ff000-05808000 r-xp 00000000 03:09 324182 /lib/libgcc_s-4.0.1-20050919.so.1 05808000-05809000 rwxp 00009000 03:09 324182 /lib/libgcc_s-4.0.1-20050919.so.1 08041000-08061000 r-xp 00000000 03:09 1819770 /usr/libexec/gnome-vfs-daemon 08061000-08064000 rw-p 0001f000 03:09 1819770 /usr/libexec/gnome-vfs-daemon 09437000-09458000 rw-p 09437000 00:00 0 [heap] b7d15000-b7f15000 r--p 00000000 03:09 1296648 /usr/lib/locale/locale-archive b7f15000-b7f1d000 rw-p b7f15000 00:00 0 b7f2d000-b7f2e000 rw-p b7f2d000 00:00 0 bfc19000-bfc2e000 rw-p bfc19000 00:00 0 [stack] Aborted [rodd@localhost tmp]$ Did you reboot after the upgrade? It might have still been using the old libraries. ok, this is a gnome-vfs problem not d-bus. It is a potential buffer overflow that _FORTIFY_SOURCE caught. path [PATH_MAX] = "/dev/"; char *target = path + 5; ret = readlink (volume->priv->device_path, target, PATH_MAX - 1); This requires root to exploit so it is a non issue. Patch is attached. Created attachment 119096 [details]
Fixes the length of the buffer sent into readlink
This only effects RawHide and upstream gnome-vfs-2.12 After patching attachment 119096 [details] , building gnome-vfs 2.12.0 in dbus-0.50-1.
But this problem still happens (both dbus 0.36.1-1 and 0.50-1.)
backtrace
#0 0x0026f402 in __kernel_vsyscall ()
#1 0x00912908 in raise () from /lib/libc.so.6
#2 0x00914078 in abort () from /lib/libc.so.6
#3 0x00947a7a in __libc_message () from /lib/libc.so.6
#4 0x009c8735 in __chk_fail () from /lib/libc.so.6
#5 0x009c8cad in __readlink_chk () from /lib/libc.so.6
#6 0x0805a354 in _gnome_vfs_hal_mounts_modify_volume (
volume_monitor_daemon=0x8dc7da8, volume=0x8dd7958)
at /usr/include/bits/unistd.h:98
#7 0x08056797 in update_mtab_volumes (volume_monitor_daemon=0x8dc7da8)
at gnome-vfs-volume-monitor-daemon.c:1048
#8 0x080572f4 in gnome_vfs_volume_monitor_daemon_init (
volume_monitor_daemon=0x8dc7da8) at gnome-vfs-volume-monitor-daemon.c:190
#9 0x0052d881 in IA__g_type_create_instance (type=148660672) at gtype.c:1596
#10 0x00514570 in g_object_constructor (type=148660672,
n_construct_properties=0, construct_params=0x0) at gobject.c:1011
#11 0x005151c9 in IA__g_object_newv (object_type=148660672, n_parameters=0,
parameters=0x0) at gobject.c:908
#12 0x00515d74 in IA__g_object_new_valist (object_type=148660672,
first_property_name=0x0, var_args=Variable "var_args" is not available.
) at gobject.c:951
#13 0x00515f1c in IA__g_object_new (object_type=148660672,
first_property_name=0x0) at gobject.c:789
#14 0x0081abdb in _gnome_vfs_get_volume_monitor_internal (create=1)
---Type <return> to continue, or q <return> to quit---
at gnome-vfs-volume-monitor.c:251
#15 0x0081ac24 in gnome_vfs_get_volume_monitor ()
at gnome-vfs-volume-monitor.c:278
#16 0x080507ae in main (argc=1, argv=0xbfaa87f4) at gnome-vfs-daemon.c:611
There is a second occurence of the same bug in the same file. I have amended the original patch to fixe the second occurence as well. Created attachment 119127 [details]
Amended patch
This has all been fixed in CVS in a slightly different way. The patch should be picked up from there. How long until we can expect to see this rolled into rawhide for yuming up? Created attachment 119336 [details]
Backported patch from CVS
Building now. Should be in the next compose. |