Bug 141759 - automount *** buffer overflow detected ***
automount *** buffer overflow detected ***
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: util-linux (Show other bugs)
rawhide
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Elliot Lee
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-12-03 11:41 EST by Thomas J. Baker
Modified: 2007-11-30 17:10 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-12-09 11:47:38 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Thomas J. Baker 2004-12-03 11:41:49 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041111 Firefox/1.0

Description of problem:
Since the Nov 30 rawhide updates, nfs mounting has failed:

[root@katratzi tjb]# mount wintermute:/home /xxx
*** buffer overflow detected ***
Aborted
[root@katratzi tjb]

automounts also fail:

Dec  2 16:15:52 katratzi automount[4056]: >> *** buffer overflow
detected ***
Dec  2 16:16:13 katratzi automount[4103]: >> *** buffer overflow
detected ***
Dec  2 16:16:13 katratzi automount[4105]: >> *** buffer overflow
detected ***
Dec  2 16:16:16 katratzi automount[4131]: >> *** buffer overflow
detected ***
Dec  2 16:18:41 katratzi automount[4252]: >> *** buffer overflow
detected ***

At first I thought this was related to selinux because I had
corresponding audits about portmap but that has since been fixed. (See
bug #141483)



Version-Release number of selected component (if applicable):
kernel-smp-2.6.9-1.1009_FC4, nfs-utils-1.0.6-43, autofs-4.1.3-41

How reproducible:
Always

Steps to Reproduce:
1. try to mount any nfs directory
2.
3.
    

Actual Results:  buffer overflow detected

Expected Results:  remote filesystem is mounted

Additional info:
Comment 1 Thomas J. Baker 2004-12-04 06:53:51 EST
This got switched to autofs but it also fails with the regular mount command. I
think that if it's not a kernel problem, it's a mount problem then, not autofs.
Should it be switched to util-linux?
Comment 2 Arjan van de Ven 2004-12-04 10:10:30 EST
probably should.

Can you do us a favor? Run "ulimit -c" first ( so that coredumps get enabled ),
then make the mount crash, and then run "gdb /bin/mount core"
inside gdb, type "bt" to get a backtrace, this is the information we need.
(and with "quite" you can exit gdb again)
Comment 3 Arjan van de Ven 2004-12-04 10:30:44 EST
ok this LOOKS like a dupe of 141733
Comment 4 Thomas J. Baker 2004-12-04 11:02:29 EST
[root@katratzi ~]# script
Script started, file is typescript
[root@katratzi ~]# ulimit -c 1000000
[root@katratzi ~]# mount wintermute:/home /xxx
*** buffer overflow detected ***
Aborted (core dumped)
[root@katratzi ~]# gdb /bin/mount core.21026
GNU gdb Red Hat Linux (6.1post-1.20040607.61rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...(no debugging symbols
found)...Using host libthread_db library "/lib/tls/libthread_db.so.1".

Core was generated by `mount wintermute:/home /xxx'.
Program terminated with signal 6, Aborted.
Reading symbols from /lib/tls/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/libnss_files.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib/libnss_nis.so.2...(no debugging symbols
found)...done.Loaded symbols for /lib/libnss_nis.so.2
Reading symbols from /lib/libnsl.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib/libnsl.so.1
#0  0x00b137a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
(gdb) bt
#0  0x00b137a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
#1  0x00b53955 in raise () from /lib/tls/libc.so.6
#2  0x00b55319 in abort () from /lib/tls/libc.so.6
#3  0x00b86f2a in __libc_message () from /lib/tls/libc.so.6
#4  0x00b86f64 in __libc_fatal () from /lib/tls/libc.so.6
#5  0x00c05e50 in __chk_fail () from /lib/tls/libc.so.6
#6  0x00c056d8 in _IO_str_chk_overflow () from /lib/tls/libc.so.6
#7  0x00b8aaff in _IO_default_xsputn_internal () from /lib/tls/libc.so.6
#8  0x00b694ff in vfprintf () from /lib/tls/libc.so.6
#9  0x00c0578b in __vsprintf_chk () from /lib/tls/libc.so.6
#10 0x00c056cd in __sprintf_chk () from /lib/tls/libc.so.6
#11 0x08053d73 in error ()
#12 0x0804aca0 in ?? ()
#13 0x088dcc50 in ?? ()
#14 0x088dcc68 in ?? ()
#15 0xfee34d78 in ?? ()
#16 0xfee34d7c in ?? ()
#17 0xfee34d4c in ?? ()
#18 0xfee34d50 in ?? ()
#19 0x00000000 in ?? ()
(gdb) quit
[root@katratzi ~]# exit
Script done, file is typescript
Comment 5 Thomas J. Baker 2004-12-04 11:04:03 EST
Looks like that last trace is pretty useless. Which debuginfo rpms should I
install to make it more useful? util-unix at least?
Comment 6 Thomas J. Baker 2004-12-09 10:11:04 EST
Latest util-unix seems to fix this bug.
Comment 7 Jeff Moyer 2004-12-09 10:24:57 EST
Okay, reassigning to util-linux.  Owner there can decide how to close the bug.
Comment 8 Elliot Lee 2004-12-09 11:47:38 EST
If it's gone in the latest util-linux then all is well.

Note You need to log in before you can comment on or make changes to this bug.