Bug 449727

Summary: buffer overflow in boinc client when first attaching to project
Product: [Fedora] Fedora Reporter: Ellen Shull <ellenshull>
Component: boinc-clientAssignee: Milos Jakubicek <xjakub>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: 9   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-06-04 07:10:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ellen Shull 2008-06-03 07:36:59 UTC 
Description of problem:

boinc terminated due to buffer overflow

Version-Release number of selected component (if applicable):

[wes@pvr ~]$ rpm -qf `which boinc`
boinc-client-5.10.45-14.20080315svn.fc9.x86_64

All dependencies are current with f9 updates, but in case it's useful:
[wes@pvr ~]$ ldd `which boinc` | cut -f 3 -d " " | xargs rpm -qf | sort | uniq
cyrus-sasl-lib-2.1.22-13.fc9.x86_64
e2fsprogs-libs-1.40.8-3.fc9.x86_64
glibc-2.8-3.x86_64
keyutils-libs-1.2-3.fc9.x86_64
krb5-libs-1.6.3-10.fc9.x86_64
libcurl-7.18.1-1.fc9.x86_64
libgcc-4.3.0-8.x86_64
libidn-0.6.14-7.x86_64
libselinux-2.0.64-2.fc9.x86_64
libstdc++-4.3.0-8.x86_64
nspr-4.7.0.99.2-2.fc9.x86_64
nss-3.11.99.5-2.fc9.x86_64
openldap-2.4.8-3.fc9.x86_64
openssl-0.9.8g-9.fc9.x86_64
zlib-1.2.3-18.fc9.x86_64

How reproducible:

Only on first run.  Second+ runs, the bind to project has succeeded, but it then
fails repeatably in a different manner (see below)

This is my first attempt at using boinc, so I haven't done anything else.

Actual results:

(first run)
[wes@pvr ~]$ boinc --attach_project http://boinc.fzk.de/poem/
10198_d2b28b84195d982039e0ca60b442cf35
02-Jun-2008 23:59:16 [---] Starting BOINC client version 5.10.45 for x86_64-pc-
02-Jun-2008 23:59:16 [---] log flags: task, file_xfer, sched_ops
02-Jun-2008 23:59:16 [---] Libraries: libcurl/7.18.1 NSS/3.12 Beta 3 zlib/1.2.3
libidn/0.6.14
02-Jun-2008 23:59:16 [---] Data directory: /home/wes
02-Jun-2008 23:59:16 [---] Processor: 2 GenuineIntel Intel(R) Core(TM)2 CPU        
T7400  @ 2.16GHz [Family 6 Model 15 Stepping 6]
02-Jun-2008 23:59:16 [---] Processor features: fpu vme de pse tsc msr pae mce
cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss
ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good pni monitor
ds_cpl vmx est tm2 ssse3 cx16 xtpr lahf_lm
02-Jun-2008 23:59:16 [---] OS: Linux: 2.6.25.3-18.fc9.x86_64
02-Jun-2008 23:59:16 [---] Memory: 1.97 GB physical, 1.94 GB virtual
02-Jun-2008 23:59:16 [---] Disk: 685.63 GB total, 109.20 GB free
02-Jun-2008 23:59:16 [---] Local time is UTC -7 hours
02-Jun-2008 23:59:16 [http://boinc.fzk.de/poem/] URL: http://boinc.fzk.de/poem/;
Computer ID: not assigned yet; location: (none); project prefs: default
02-Jun-2008 23:59:16 [---] No general preferences found - using BOINC defaults
02-Jun-2008 23:59:16 [---] Preferences limit memory usage when active to
1006.54MB
02-Jun-2008 23:59:16 [---] Preferences limit memory usage when idle to 1811.78MB
02-Jun-2008 23:59:16 [---] Preferences limit disk usage to 9.31GB
02-Jun-2008 23:59:16 [---] Running CPU benchmarks
02-Jun-2008 23:59:21 [http://boinc.fzk.de/poem/] Master file download succeeded
*** buffer overflow detected ***: boinc terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail+0x37)[0x3ecb4fcda7]
/lib64/libc.so.6[0x3ecb4fabe0]
/lib64/libc.so.6[0x3ecb4f9f79]
/lib64/libc.so.6(_IO_default_xsputn+0x96)[0x3ecb476976]
/lib64/libc.so.6(_IO_vfprintf+0x3abf)[0x3ecb44a33f]
/lib64/libc.so.6(__vsprintf_chk+0x9d)[0x3ecb4fa01d]
/lib64/libc.so.6(__sprintf_chk+0x80)[0x3ecb4f9f60]
boinc[0x448101]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x426cf2]
boinc[0x43a6cd]
boinc[0x4268a0]
boinc[0x414fb8]
boinc[0x438431]
/lib64/libc.so.6(__libc_start_main+0xfa)[0x3ecb41e32a]
boinc(_ZNSt8ios_base4InitD1Ev+0x41)[0x404549]
======= Memory map: ========
00110000-00159000 r-xp 00000000 fd:00 37879824                          
/lib64/libssl.so.0.9.8g
00159000-00358000 ---p 00049000 fd:00 37879824                          
/lib64/libssl.so.0.9.8g
00358000-0035f000 rw-p 00048000 fd:00 37879824                          
/lib64/libssl.so.0.9.8g
00400000-00477000 r-xp 00000000 fd:00 73256488                          
/usr/bin/boinc_client
00676000-00677000 rw-p 00076000 fd:00 73256488                          
/usr/bin/boinc_client
00677000-00681000 rw-p 00677000 00:00 0
00681000-007c1000 r-xp 00000000 fd:00 37879814                          
/lib64/libcrypto.so.0.9.8g
007c1000-009c0000 ---p 00140000 fd:00 37879814                          
/lib64/libcrypto.so.0.9.8g
009c0000-009e1000 rw-p 0013f000 fd:00 37879814                          
/lib64/libcrypto.so.0.9.8g
009e1000-009e4000 rw-p 009e1000 00:00 0
00a35000-00a78000 rw-p 00a35000 00:00 0                                  [heap]
3eca200000-3eca21d000 r-xp 00000000 fd:00 37879810                      
/lib64/ld-2.8.so
3eca41c000-3eca41d000 r--p 0001c000 fd:00 37879810                      
/lib64/ld-2.8.so
3eca41d000-3eca41e000 rw-p 0001d000 fd:00 37879810                      
/lib64/ld-2.8.so
3ecb400000-3ecb562000 r-xp 00000000 fd:00 37879843                      
/lib64/libc-2.8.so
3ecb562000-3ecb762000 ---p 00162000 fd:00 37879843                      
/lib64/libc-2.8.so
3ecb762000-3ecb766000 r--p 00162000 fd:00 37879843                      
/lib64/libc-2.8.so
3ecb766000-3ecb767000 rw-p 00166000 fd:00 37879843                      
/lib64/libc-2.8.so
3ecb767000-3ecb76c000 rw-p 3ecb767000 00:00 0
3ecb800000-3ecb884000 r-xp 00000000 fd:00 37879857                      
/lib64/libm-2.8.so
3ecb884000-3ecba83000 ---p 00084000 fd:00 37879857                      
/lib64/libm-2.8.so
3ecba83000-3ecba84000 r--p 00083000 fd:00 37879857                      
/lib64/libm-2.8.so
3ecba84000-3ecba85000 rw-p 00084000 fd:00 37879857                      
/lib64/libm-2.8.so
3ecbc00000-3ecbc02000 r-xp 00000000 fd:00 37879855                      
/lib64/libdl-2.8.so
3ecbc02000-3ecbe02000 ---p 00002000 fd:00 37879855                      
/lib64/libdl-2.8.so
3ecbe02000-3ecbe03000 r--p 00002000 fd:00 37879855                      
/lib64/libdl-2.8.so
3ecbe03000-3ecbe04000 rw-p 00003000 fd:00 37879855                      
/lib64/libdl-2.8.so
3ecc000000-3ecc016000 r-xp 00000000 fd:00 37879865                      
/lib64/libpthread-2.8.so
3ecc016000-3ecc215000 ---p 00016000 fd:00 37879865                      
/lib64/libpthread-2.8.so
3ecc215000-3ecc216000 r--p 00015000 fd:00 37879865                      
/lib64/libpthread-2.8.so
3ecc216000-3ecc217000 rw-p 00016000 fd:00 37879865                      
/lib64/libpthread-2.8.so
3ecc217000-3ecc21b000 rw-p 3ecc217000 00:00 0
3ecc400000-3ecc415000 r-xp 00000000 fd:00 37879859                      
/lib64/libz.so.1.2.3
3ecc415000-3ecc614000 ---p 00015000 fd:00 37879859                      
/lib64/libz.so.1.2.3
3ecc614000-3ecc615000 rw-p 00014000 fd:00 37879859                      
/lib64/libz.so.1.2.3
3ecc800000-3ecc81a000 r-xp 00000000 fd:00 37879876                      
/lib64/libselinux.so.1
3ecc8SIGABRT: abort called
Stack trace (36 frames):
boinc[0x446bcd]
/lib64/libpthread.so.0[0x3ecc00ed30]
/lib64/libc.so.6(gsignal+0x35)[0x3ecb432215]
/lib64/libc.so.6(abort+0x183)[0x3ecb433d83]
/lib64/libc.so.6[0x3ecb472858]
/lib64/libc.so.6(__fortify_fail+0x37)[0x3ecb4fcda7]
/lib64/libc.so.6[0x3ecb4fabe0]
/lib64/libc.so.6[0x3ecb4f9f79]
/lib64/libc.so.6(_IO_default_xsputn+0x96)[0x3ecb476976]
/lib64/libc.so.6(_IO_vfprintf+0x3abf)[0x3ecb44a33f]
/lib64/libc.so.6(__vsprintf_chk+0x9d)[0x3ecb4fa01d]
/lib64/libc.so.6(__sprintf_chk+0x80)[0x3ecb4f9f60]
boinc[0x448101]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x448124]
boinc[0x426cf2]
boinc[0x43a6cd]
boinc[0x4268a0]
boinc[0x414fb8]
boinc[0x438431]
/lib64/libc.so.6(__libc_start_main+0xfa)[0x3ecb41e32a]
boinc(_ZNSt8ios_base4InitD1Ev+0x41)[0x404549]

Exiting...

(second run)
[wes@pvr ~]$ boinc --attach_project http://boinc.fzk.de/poem/
10198_d2b28b84195d982039e0ca60b442cf35
03-Jun-2008 00:19:47 [---] Starting BOINC client version 5.10.45 for x86_64-pc-
03-Jun-2008 00:19:47 [---] log flags: task, file_xfer, sched_ops
03-Jun-2008 00:19:47 [---] Libraries: libcurl/7.18.1 NSS/3.12 Beta 3 zlib/1.2.3
libidn/0.6.14
03-Jun-2008 00:19:47 [---] Data directory: /home/wes
03-Jun-2008 00:19:47 [---] Processor: 2 GenuineIntel Intel(R) Core(TM)2 CPU        
T7400  @ 2.16GHz [Family 6 Model 15 Stepping 6]
03-Jun-2008 00:19:47 [---] Processor features: fpu vme de pse tsc msr pae mce
cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss
ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good pni monitor
ds_cpl vmx est tm2 ssse3 cx16 xtpr lahf_lm
03-Jun-2008 00:19:47 [---] OS: Linux: 2.6.25.3-18.fc9.x86_64
03-Jun-2008 00:19:47 [---] Memory: 1.97 GB physical, 1.94 GB virtual
03-Jun-2008 00:19:47 [---] Disk: 685.63 GB total, 109.33 GB free
03-Jun-2008 00:19:47 [---] Local time is UTC -7 hours
03-Jun-2008 00:19:47 [---] Already attached to http://boinc.fzk.de/poem/
03-Jun-2008 00:19:47 [http://boinc.fzk.de/poem/] URL: http://boinc.fzk.de/poem/;
Computer ID: not assigned yet; location: (none); project prefs: default
03-Jun-2008 00:19:47 [---] No general preferences found - using BOINC defaults
03-Jun-2008 00:19:47 [---] Preferences limit memory usage when active to
1006.54MB
03-Jun-2008 00:19:47 [---] Preferences limit memory usage when idle to 1811.78MB
03-Jun-2008 00:19:47 [---] Preferences limit disk usage to 9.31GB
03-Jun-2008 00:20:16 [---] [error] GUI RPC bind failed: 98
gstate.init() failed: -180

Thereafter if I just 'boinc' (since it says it's bound to the project
successfully), I get the same output as run #2 sans the "Already attached" line.

Additional info:

KDE4 desktop.  Upgraded from f8, old Xorg retained for evil nVidia binary
driver.  I could maybe see that being related to the secondary failure
(everything else runs peachy keen, though), but the first?
Comment 1 Milos Jakubicek 2008-06-04 07:10:11 UTC 
Please start BOINC by "service boinc-client start", otherwise it tries using
your current working directory as its working directory and usually fails. See
http://fedoraproject.org/wiki/MilosJakubicek/HowToUseBoinc for details.