Bug 169080 - (ncplogin) *** buffer overflow detected ***: ncplogin terminated
*** buffer overflow detected ***: ncplogin terminated
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: ncpfs (Show other bugs)
4
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Martin Stransky
David Lawrence
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-09-22 16:30 EDT by Douglas Chagas
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-11-16 09:06:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed patch (672 bytes, patch)
2005-10-04 10:33 EDT, Martin Stransky
no flags Details | Diff

  None (edit)
Description Douglas Chagas 2005-09-22 16:30:17 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; pt-BR; rv:1.7.10) Gecko/20050909 Fedora/1.0.6-1.2.fc4 Firefox/1.0.6

Description of problem:
I can run ncpmount normally, but when I run ncplogin -S CTP-RAID-NW4 -U 'douglas.CENTERTAP' -P 'rosana' ,
the systems show me a error. I've tried change the parameter, but it didn't work.

I used ipx_configure to set the eth0. Then the slist works fine. After that I tried ncplogin.

I tried to update the system, I reinstall the system, but the problem still happen.

The error is:

*** buffer overflow detected ***: ncplogin terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0xca3c45]
/lib/libc.so.6[0xca34d2]
ncplogin(main+0x655)[0x49ee09]
/lib/libc.so.6(__libc_start_main+0xdf)[0xbdad5f]
ncplogin[0x49e1d1]
======= Memory map: ========
00172000-00173000 r-xp 00172000 00:00 0
001a7000-001a8000 r-xp 00000000 fd:00 1236817 /usr/lib/gconv/ISO8859-1.so
001a8000-001aa000 rwxp 00000000 fd:00 1236817 /usr/lib/gconv/ISO8859-1.so
00345000-00349000 r-xp 00000000 fd:00 716017 /lib/libnss_dns-2.3.5.so
00349000-0034a000 r-xp 00003000 fd:00 716017 /lib/libnss_dns-2.3.5.so
0034a000-0034b000 rwxp 00004000 fd:00 716017 /lib/libnss_dns-2.3.5.so
00480000-00489000 r-xp 00000000 fd:00 717222 /lib/libgcc_s-4.0.1-20050727.so.1
00489000-0048a000 rwxp 00009000 fd:00 717222 /lib/libgcc_s-4.0.1-20050727.so.1
0049b000-004db000 r-xp 00000000 fd:00 1189562 /usr/bin/ncplogin
004db000-004de000 rwxp 0003f000 fd:00 1189562 /usr/bin/ncplogin
004de000-004e1000 rwxp 004de000 00:00 0
00b0a000-00b19000 r-xp 00000000 fd:00 717223 /lib/libresolv-2.3.5.so
00b19000-00b1a000 r-xp 0000e000 fd:00 717223 /lib/libresolv-2.3.5.so
00b1a000-00b1b000 rwxp 0000f000 fd:00 717223 /lib/libresolv-2.3.5.so
00b1b000-00b1d000 rwxp 00b1b000 00:00 0
00bc6000-00ce9000 r-xp 00000000 fd:00 717213 /lib/libc-2.3.5.so
00ce9000-00ceb000 r-xp 00123000 fd:00 717213 /lib/libc-2.3.5.so
00ceb000-00ced000 rwxp 00125000 fd:00 717213 /lib/libc-2.3.5.so
00ced000-00cef000 rwxp 00ced000 00:00 0
00f34000-00f4e000 r-xp 00000000 fd:00 716152 /lib/ld-2.3.5.so
00f4e000-00f4f000 r-xp 00019000 fd:00 716152 /lib/ld-2.3.5.so
00f4f000-00f50000 rwxp 0001a000 fd:00 716152 /lib/ld-2.3.5.so
00f63000-00f6c000 r-xp 00000000 fd:00 716020 /lib/libnss_files-2.3.5.so
00f6c000-00f6d000 r-xp 00008000 fd:00 716020 /lib/libnss_files-2.3.5.so
00f6d000-00f6e000 rwxp 00009000 fd:00 716020 /lib/libnss_files-2.3.5.so
08e53000-08e75000 rw-p 08e53000 00:00 0 [heap]
b7d07000-b7d0d000 r--s 00000000 fd:00 1236892 /usr/lib/gconv/gconv-modules.cache
b7d0d000-b7f0d000 r--p 00000000 fd:00 1178866 /usr/lib/locale/locale-archive
b7f0d000-b7f0f000 rw-p b7f0d000 00:00 0
bfd13000-bfd29000 rw-p bfd13000 00:00 0 [stack]
Abortado
[root@protheus05 ~]# 

Version-Release number of selected component (if applicable):
ncpfs-2.2.4-8

How reproducible:
Always

Steps to Reproduce:
1. Run ncplogin -S CTP-RAID-NW4 -U 'douglas.CENTERTAP' -P 'rosana' 
2.
3.
  

Actual Results:  *** buffer overflow detected ***: ncplogin terminated

Expected Results:  Succeful conection

Additional info:

I choose high level to this bug, because my network is only netware.
Comment 1 Martin Stransky 2005-09-23 12:59:40 EDT
Could you please check this package? 

http://people.redhat.com/stransky/ncpfs/ncpfs-2.2.4-10.src.rpm

It should fail with assertion...
Comment 2 Douglas Chagas 2005-09-23 14:12:42 EDT
A error happened when I try to compile. How can I use the file did you suggest?
I tried the wat following, but the problem still happen.

[root@protheus05 ncpfs-2.2.4]# ./configure
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking whether make sets $(MAKE)... yes
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking for a BSD-compatible install... /usr/bin/install -c
checking whether ln -s works... yes
checking for msgfmt... /usr/bin/msgfmt
checking for gmsgfmt... /usr/bin/msgfmt
checking for xgettext... /usr/bin/xgettext
checking for msgmerge... /usr/bin/msgmerge
checking for ranlib... ranlib
checking for strerror in -lcposix... no
checking how to run the C preprocessor... gcc -E
checking for egrep... grep -E
checking for ANSI C header files... yes
checking for an ANSI C-conforming const... yes
checking for inline... inline
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for off_t... yes
checking for size_t... yes
checking for working alloca.h... yes
checking for alloca... yes
checking for stdlib.h... (cached) yes
checking for unistd.h... (cached) yes
checking for getpagesize... yes
checking for working mmap... yes
checking whether we are using the GNU C Library 2.1 or newer... yes
checking whether integer division by zero raises SIGFPE... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unsigned long long... yes
checking for inttypes.h... yes
checking whether the inttypes.h PRIxNN macros are broken... no
checking for ld used by GCC... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for shared library run path origin... done
checking argz.h usability... yes
checking argz.h presence... yes
checking for argz.h... yes
checking limits.h usability... yes
checking limits.h presence... yes
checking for limits.h... yes
checking locale.h usability... yes
checking locale.h presence... yes
checking for locale.h... yes
checking nl_types.h usability... yes
checking nl_types.h presence... yes
checking for nl_types.h... yes
checking malloc.h usability... yes
checking malloc.h presence... yes
checking for malloc.h... yes
checking stddef.h usability... yes
checking stddef.h presence... yes
checking for stddef.h... yes
checking for stdlib.h... (cached) yes
checking for string.h... (cached) yes
checking for unistd.h... (cached) yes
checking sys/param.h usability... yes
checking sys/param.h presence... yes
checking for sys/param.h... yes
checking for feof_unlocked... yes
checking for fgets_unlocked... yes
checking for getc_unlocked... yes
checking for getcwd... yes
checking for getegid... yes
checking for geteuid... yes
checking for getgid... yes
checking for getuid... yes
checking for mempcpy... yes
checking for munmap... yes
checking for putenv... yes
checking for setenv... yes
checking for setlocale... yes
checking for stpcpy... yes
checking for strcasecmp... yes
checking for strdup... yes
checking for strtoul... yes
checking for tsearch... yes
checking for __argz_count... yes
checking for __argz_stringify... yes
checking for __argz_next... yes
checking for iconv... yes
checking for iconv declaration...
         extern size_t iconv (iconv_t cd, char * *inbuf, size_t *inbytesleft,
char * *outbuf, size_t *outbytesleft);
checking for nl_langinfo and CODESET... yes
checking for LC_MESSAGES... yes
checking for bison... bison
checking version of bison... 2.0, ok
checking whether NLS is requested... yes
checking whether included gettext is requested... no
checking for GNU gettext in libc... yes
checking for GNU style IPX support... yes
checking for working IPX ioctl values... yes
checking for ANSI C header files... (cached) yes
checking for sys/wait.h that is POSIX.1 compatible... yes
checking sys/mount.h usability... yes
checking sys/mount.h presence... yes
checking for sys/mount.h... yes
checking for mount constants in sys/mount.h... yes
checking net/if.h usability... yes
checking net/if.h presence... yes
checking for net/if.h... yes
checking net/route.h usability... yes
checking net/route.h presence... yes
checking for net/route.h... yes
checking netinet/if_ether.h usability... yes
checking netinet/if_ether.h presence... yes
checking for netinet/if_ether.h... yes
checking sys/select.h usability... yes
checking sys/select.h presence... yes
checking for sys/select.h... yes
checking for C9X integer types... yes
checking whether sys/select.h and linux/posix_types.h may both be included... yes
checking for third parameter to accept... socklen_t
checking for wchar_t... yes
checking wchar.h usability... yes
checking wchar.h presence... yes
checking for wchar.h... yes
checking iconv.h usability... yes
checking iconv.h presence... yes
checking for iconv.h... yes
checking for iconv... (cached) yes
checking for iconv declaration... (cached)
         extern size_t iconv (iconv_t cd, char * *inbuf, size_t *inbytesleft,
char * *outbuf, size_t *outbytesleft);
checking for an ANSI C-conforming const... (cached) yes
checking for uid_t in sys/types.h... yes
checking for inline... (cached) inline
checking for mode_t... yes
checking for off_t... (cached) yes
checking for pid_t... yes
checking for size_t... (cached) yes
checking whether time.h and sys/time.h may both be included... yes
checking whether struct tm is in sys/time.h or time.h... time.h
checking whether gcc needs -traditional... no
checking for wcslen... yes
checking for wcscpy... yes
checking for wcsdup... yes
checking for wcscmp... yes
checking for wcsncmp... yes
checking for wcscasecmp... yes
checking for wcsncasecmp... yes
checking for wcsrev... no
checking security/pam_appl.h usability... yes
checking security/pam_appl.h presence... yes
checking for security/pam_appl.h... yes
checking for pam modules directory... /lib/security
checking for php-config... no
checking for mpilib word size... 32
checking for working pthread support... yes
checking for working weak symbols... yes
checking for working atomic operations... optimized
checking for ELF target... yes
checking for function sections... yes
checking for working versioned link... yes
configure: creating ./config.status
config.status: creating Make.rules
config.status: creating Makefile
config.status: creating lib/Makefile
config.status: creating man/Makefile
config.status: creating util/Makefile
config.status: creating sutil/Makefile
config.status: creating ipx-1.0/Makefile
config.status: creating ipx-1.0/Samples/Makefile
config.status: creating ipxdump/Makefile
config.status: creating contrib/tknwmsg/Makefile
config.status: creating contrib/testing/Makefile
config.status: creating contrib/testing/pp/Makefile
config.status: creating contrib/tcl-utils/Makefile
config.status: creating contrib/tests/Makefile
config.status: creating intl/Makefile
config.status: creating po/Makefile.in
config.status: creating contrib/pam/Makefile
config.status: creating contrib/php/Makefile.in
config.status: creating include/private/libncp-atomic.h.tmp
config.status: include/private/libncp-atomic.h is unchanged
config.status: creating include/ncp/nwnet.h.tmp
config.status: include/ncp/nwnet.h is unchanged
config.status: creating include/ncp/ext/stdint.h.tmp
config.status: include/ncp/ext/stdint.h is unchanged
config.status: creating include/ncp/ext/socket.h.tmp
config.status: include/ncp/ext/socket.h is unchanged
config.status: creating include/ncp/kernel/fs.h.tmp
config.status: include/ncp/kernel/fs.h is unchanged
config.status: creating include/ncp/kernel/if.h.tmp
config.status: include/ncp/kernel/if.h is unchanged
config.status: creating include/ncp/kernel/ipx.h.tmp
config.status: include/ncp/kernel/ipx.h is unchanged
config.status: creating include/ncp/kernel/route.h.tmp
config.status: include/ncp/kernel/route.h is unchanged
config.status: creating include/ncp/kernel/types.h.tmp
config.status: include/ncp/kernel/types.h is unchanged
config.status: creating include/config.h
config.status: include/config.h is unchanged
config.status: executing gettext commands
config.status: creating po/POTFILES
config.status: creating po/Makefile

Building ncpfs-2.2.4 and ipx-1.0 with following configuration options:
kernel support:        yes
ncpmount support:      linux-2.0, linux-2.2, linux-2.4
NCP supported:         IPX, UDP, TCP
NDS support:           yes
PAM support:           /lib/security (autodetected)
PHP support:           no (autodetected)
Threading support:     enabled (autodetected)
Atomic operations:     available (optimized i386)
Versioned symbols:     yes (autodetected)
Function sections:     yes (autodetected)
Compile-time warnings: no
NCP trace:             no
NCP debug:             no

[root@protheus05 ncpfs-2.2.4]# make install install-dev
or i in intl po lib sutil util man   ipx-1.0 contrib/pam; do   make -C $i
install; done
make[1]: Entering directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/intl'
if test "ncpfs" = "gettext" \
   && test '' = 'intl-compat.o'; then \
  /bin/sh `case "./mkinstalldirs" in /*) echo "./mkinstalldirs" ;; *) echo
".././mkinstalldirs" ;; esac` /usr/local/lib /usr/local/include; \
  /usr/bin/install -c -m 644 libintl.h /usr/local/include/libintl.h; \
  @LIBTOOL@ --mode=install \
    /usr/bin/install -c -m 644 libintl.a /usr/local/lib/libintl.a; \
else \
  : ; \
fi
if test 'no' = yes; then \
  test yes != no || /bin/sh `case "./mkinstalldirs" in /*) echo
"./mkinstalldirs" ;; *) echo ".././mkinstalldirs" ;; esac` /usr/local/lib; \
  temp=/usr/local/lib/t-charset.alias; \
  dest=/usr/local/lib/charset.alias; \
  if test -f /usr/local/lib/charset.alias; then \
    orig=/usr/local/lib/charset.alias; \
    sed -f ref-add.sed $orig > $temp; \
    /usr/bin/install -c -m 644 $temp $dest; \
    rm -f $temp; \
  else \
    if test yes = no; then \
      orig=charset.alias; \
      sed -f ref-add.sed $orig > $temp; \
      /usr/bin/install -c -m 644 $temp $dest; \
      rm -f $temp; \
    fi; \
  fi; \
  /bin/sh `case "./mkinstalldirs" in /*) echo "./mkinstalldirs" ;; *) echo
".././mkinstalldirs" ;; esac` /usr/local/share/locale; \
  test -f /usr/local/share/locale/locale.alias \
    && orig=/usr/local/share/locale/locale.alias \
    || orig=./locale.alias; \
  temp=/usr/local/share/locale/t-locale.alias; \
  dest=/usr/local/share/locale/locale.alias; \
  sed -f ref-add.sed $orig > $temp; \
  /usr/bin/install -c -m 644 $temp $dest; \
  rm -f $temp; \
else \
  : ; \
fi
if test "ncpfs" = "gettext"; then \
  /bin/sh `case "./mkinstalldirs" in /*) echo "./mkinstalldirs" ;; *) echo
".././mkinstalldirs" ;; esac` /usr/local/share/gettext/intl; \
  /usr/bin/install -c -m 644 VERSION /usr/local/share/gettext/intl/VERSION; \
  /usr/bin/install -c -m 644 ChangeLog.inst
/usr/local/share/gettext/intl/ChangeLog; \
  dists="COPYING.LIB-2.0 COPYING.LIB-2.1 Makefile.in config.charset locale.alias
ref-add.sin ref-del.sin gmo.h gettextP.h hash-string.h plural-exp.h
eval-plural.h os2compat.h libgnuintl.h loadinfo.h bindtextdom.c dcgettext.c
dgettext.c gettext.c finddomain.c loadmsgcat.c localealias.c textdomain.c
l10nflist.c explodename.c dcigettext.c dcngettext.c dngettext.c ngettext.c
plural.y plural-exp.c localcharset.c localename.c osdep.c os2compat.c
intl-compat.c"; \
  for file in $dists; do \
    /usr/bin/install -c -m 644 ./$file \
                    /usr/local/share/gettext/intl/$file; \
  done; \
  chmod a+x /usr/local/share/gettext/intl/config.charset; \
  dists="plural.c"; \
  for file in $dists; do \
    if test -f $file; then dir=.; else dir=.; fi; \
    /usr/bin/install -c -m 644 $dir/$file \
                    /usr/local/share/gettext/intl/$file; \
  done; \
  dists="xopen-msg.sed linux-msg.sed po2tbl.sed.in cat-compat.c COPYING.LIB-2
gettext.h libgettext.h plural-eval.c"; \
  for file in $dists; do \
    rm -f /usr/local/share/gettext/intl/$file; \
  done; \
else \
  : ; \
fi
make[1]: Leaving directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/intl'
make[1]: Entering directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/po'
/bin/sh `case "./mkinstalldirs" in /*) echo "./mkinstalldirs" ;; *) echo
".././mkinstalldirs" ;; esac` /usr/local/share
installing cs.gmo as /usr/local/share/locale/cs/LC_MESSAGES/ncpfs.mo
installing de.gmo as /usr/local/share/locale/de/LC_MESSAGES/ncpfs.mo
if test "ncpfs" = "gettext"; then \
  /bin/sh `case "./mkinstalldirs" in /*) echo "./mkinstalldirs" ;; *) echo
".././mkinstalldirs" ;; esac` /usr/local/share/gettext/po; \
  for file in Makefile.in.in Makevars remove-potcdate.sin   ; do \
    /usr/bin/install -c -m 644 ./$file \
                    /usr/local/share/gettext/po/$file; \
  done; \
else \
  : ; \
fi
make[1]: Leaving directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/po'
make[1]: Entering directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/lib'
gcc  -DN_PLAT_LINUX -DLOCALEDIR=\"/usr/local/share/locale\"
-DNCPFS_VERSION=\"2.2.4\" -DNCPFS_PACKAGE=\"ncpfs\" -g -O2  -I../include
-I../intl -I../include -I. -D_REENTRANT -fPIC -DMULTIVERSION
-DNWSFIND=\"/usr/local/bin/nwsfind\" -DHAVE_CONFIG_H -DMAKE_NCPLIB -D_GNU_SOURCE
 -o ncplib.do -c ncplib.c
ncplib.c: In function ‘ipx_make_reachable_rip’:
ncplib.c:539: warning: pointer targets in passing argument 2 of
‘ipx_assign_node’ differ in signedness
ncplib.c: In function ‘run_wdog’:
ncplib.c:652: warning: pointer targets in passing argument 6 of ‘x_recvfrom’
differ in signedness
ncplib.c: In function ‘do_ncp_tcp_call’:
ncplib.c:1000: warning: pointer targets in passing argument 2 of ‘do_tcp_rcv’
differ in signedness
ncplib.c: In function ‘ncp_kernel_request’:
ncplib.c:1077: warning: pointer targets in assignment differ in signedness
ncplib.c:1079: warning: pointer targets in assignment differ in signedness
ncplib.c: In function ‘ncp_temp_request’:
ncplib.c:1109: warning: pointer targets in passing argument 4 of ‘do_ncp_call’
differ in signedness
ncplib.c:1112: warning: pointer targets in passing argument 4 of
‘do_ncp_tcp_call’ differ in signedness
ncplib.c: In function ‘ncp_connect_ipx_addr’:
ncplib.c:1297: warning: pointer targets in passing argument 2 of
‘ipx_assign_node’ differ in signedness
ncplib.c: In function ‘ncp_login_conn’:
ncplib.c:1677: warning: pointer targets in passing argument 2 of
‘ncp_login_object’ differ in signedness
ncplib.c:1677: warning: pointer targets in passing argument 4 of
‘ncp_login_object’ differ in signedness
ncplib.c:1697: warning: pointer targets in passing argument 2 of
‘ncp_login_object’ differ in signedness
ncplib.c:1697: warning: pointer targets in passing argument 4 of
‘ncp_login_object’ differ in signedness
ncplib.c: In function ‘ncp_initialize_2’:
ncplib.c:2416: error: invalid storage class for function ‘get_argument’
ncplib.c:2462: warning: initialization discards qualifiers from pointer target type
ncplib.c: In function ‘ncp_scan_bindery_object’:
ncplib.c:3126: warning: pointer targets in passing argument 5 of ‘NWScanObject’
differ in signedness
ncplib.c: In function ‘ncp_keyed_verify_password’:
ncplib.c:3497: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3503: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c: In function ‘NWVerifyObjectPassword’:
ncplib.c:3518: warning: pointer targets in passing argument 2 of
‘ncp_get_encryption_key’ differ in signedness
ncplib.c:3529: warning: pointer targets in passing argument 4 of
‘ncp_keyed_verify_password’ differ in signedness
ncplib.c: In function ‘ncp_login_encrypted’:
ncplib.c:3569: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3575: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c:3589: warning: pointer targets in passing argument 2 of
‘ncp_sign_start’ differ in signedness
ncplib.c: In function ‘ncp_login_unencrypted’:
ncplib.c:3611: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c: In function ‘ncp_change_login_passwd’:
ncplib.c:3642: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3643: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3645: warning: pointer targets in passing argument 1 of
‘newpassencrypt’ differ in signedness
ncplib.c:3645: warning: pointer targets in passing argument 2 of
‘newpassencrypt’ differ in signedness
ncplib.c:3645: warning: pointer targets in passing argument 3 of
‘newpassencrypt’ differ in signedness
ncplib.c:3646: warning: pointer targets in passing argument 1 of
‘newpassencrypt’ differ in signedness
ncplib.c:3646: warning: pointer targets in passing argument 2 of
‘newpassencrypt’ differ in signedness
ncplib.c:3646: warning: pointer targets in passing argument 3 of
‘newpassencrypt’ differ in signedness
ncplib.c:3647: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3655: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c: In function ‘ncp_login_object’:
ncplib.c:3681: warning: pointer targets in passing argument 2 of
‘ncp_get_encryption_key’ differ in signedness
ncplib.c:3683: warning: pointer targets in passing argument 3 of
‘ncp_login_unencrypted’ differ in signedness
ncplib.c:3686: warning: pointer targets in passing argument 3 of
‘ncp_get_bindery_object_id’ differ in signedness
ncplib.c:3704: warning: pointer targets in passing argument 3 of
‘ncp_read_property_value’ differ in signedness
ncplib.c: In function ‘ncp_set_private_key_perm’:
ncplib.c:4151: error: invalid lvalue in assignment
make[1]: ** [ncplib.do] Erro 1
make[1]: Leaving directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/lib'
make[1]: Entering directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/sutil'
make -C ../lib libncp.a
make[2]: Entering directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/lib'
gcc  -DN_PLAT_LINUX -DLOCALEDIR=\"/usr/local/share/locale\"
-DNCPFS_VERSION=\"2.2.4\" -DNCPFS_PACKAGE=\"ncpfs\" -g -O2  -I../include
-I../intl -I../include -I. -D_REENTRANT -ffunction-sections -fdata-sections 
-DNWSFIND=\"/usr/local/bin/nwsfind\" -DHAVE_CONFIG_H -DMAKE_NCPLIB -D_GNU_SOURCE
 -o ncplib.o -c ncplib.c
ncplib.c: In function ‘ipx_make_reachable_rip’:
ncplib.c:539: warning: pointer targets in passing argument 2 of
‘ipx_assign_node’ differ in signedness
ncplib.c: In function ‘run_wdog’:
ncplib.c:652: warning: pointer targets in passing argument 6 of ‘x_recvfrom’
differ in signedness
ncplib.c: In function ‘do_ncp_tcp_call’:
ncplib.c:1000: warning: pointer targets in passing argument 2 of ‘do_tcp_rcv’
differ in signedness
ncplib.c: In function ‘ncp_kernel_request’:
ncplib.c:1077: warning: pointer targets in assignment differ in signedness
ncplib.c:1079: warning: pointer targets in assignment differ in signedness
ncplib.c: In function ‘ncp_temp_request’:
ncplib.c:1109: warning: pointer targets in passing argument 4 of ‘do_ncp_call’
differ in signedness
ncplib.c:1112: warning: pointer targets in passing argument 4 of
‘do_ncp_tcp_call’ differ in signedness
ncplib.c: In function ‘ncp_connect_ipx_addr’:
ncplib.c:1297: warning: pointer targets in passing argument 2 of
‘ipx_assign_node’ differ in signedness
ncplib.c: In function ‘ncp_login_conn’:
ncplib.c:1677: warning: pointer targets in passing argument 2 of
‘ncp_login_object’ differ in signedness
ncplib.c:1677: warning: pointer targets in passing argument 4 of
‘ncp_login_object’ differ in signedness
ncplib.c:1697: warning: pointer targets in passing argument 2 of
‘ncp_login_object’ differ in signedness
ncplib.c:1697: warning: pointer targets in passing argument 4 of
‘ncp_login_object’ differ in signedness
ncplib.c: In function ‘ncp_initialize_2’:
ncplib.c:2416: error: invalid storage class for function ‘get_argument’
ncplib.c:2462: warning: initialization discards qualifiers from pointer target type
ncplib.c: In function ‘ncp_scan_bindery_object’:
ncplib.c:3126: warning: pointer targets in passing argument 5 of ‘NWScanObject’
differ in signedness
ncplib.c: In function ‘ncp_keyed_verify_password’:
ncplib.c:3497: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3503: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c: In function ‘NWVerifyObjectPassword’:
ncplib.c:3518: warning: pointer targets in passing argument 2 of
‘ncp_get_encryption_key’ differ in signedness
ncplib.c:3529: warning: pointer targets in passing argument 4 of
‘ncp_keyed_verify_password’ differ in signedness
ncplib.c: In function ‘ncp_login_encrypted’:
ncplib.c:3569: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3575: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c:3589: warning: pointer targets in passing argument 2 of
‘ncp_sign_start’ differ in signedness
ncplib.c: In function ‘ncp_login_unencrypted’:
ncplib.c:3611: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c: In function ‘ncp_change_login_passwd’:
ncplib.c:3642: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3643: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3645: warning: pointer targets in passing argument 1 of
‘newpassencrypt’ differ in signedness
ncplib.c:3645: warning: pointer targets in passing argument 2 of
‘newpassencrypt’ differ in signedness
ncplib.c:3645: warning: pointer targets in passing argument 3 of
‘newpassencrypt’ differ in signedness
ncplib.c:3646: warning: pointer targets in passing argument 1 of
‘newpassencrypt’ differ in signedness
ncplib.c:3646: warning: pointer targets in passing argument 2 of
‘newpassencrypt’ differ in signedness
ncplib.c:3646: warning: pointer targets in passing argument 3 of
‘newpassencrypt’ differ in signedness
ncplib.c:3647: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3655: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c: In function ‘ncp_login_object’:
ncplib.c:3681: warning: pointer targets in passing argument 2 of
‘ncp_get_encryption_key’ differ in signedness
ncplib.c:3683: warning: pointer targets in passing argument 3 of
‘ncp_login_unencrypted’ differ in signedness
ncplib.c:3686: warning: pointer targets in passing argument 3 of
‘ncp_get_bindery_object_id’ differ in signedness
ncplib.c:3704: warning: pointer targets in passing argument 3 of
‘ncp_read_property_value’ differ in signedness
ncplib.c: In function ‘ncp_set_private_key_perm’:
ncplib.c:4151: error: invalid lvalue in assignment
make[2]: ** [ncplib.o] Erro 1
make[2]: Leaving directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/lib'
make[1]: ** [../lib/libncp.a] Erro 2
make[1]: Leaving directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/sutil'
make[1]: Entering directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/util'
make -C ../lib libncp.so
make[2]: Entering directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/lib'
gcc  -DN_PLAT_LINUX -DLOCALEDIR=\"/usr/local/share/locale\"
-DNCPFS_VERSION=\"2.2.4\" -DNCPFS_PACKAGE=\"ncpfs\" -g -O2  -I../include
-I../intl -I../include -I. -D_REENTRANT -fPIC -DMULTIVERSION
-DNWSFIND=\"/usr/local/bin/nwsfind\" -DHAVE_CONFIG_H -DMAKE_NCPLIB -D_GNU_SOURCE
 -o ncplib.do -c ncplib.c
ncplib.c: In function ‘ipx_make_reachable_rip’:
ncplib.c:539: warning: pointer targets in passing argument 2 of
‘ipx_assign_node’ differ in signedness
ncplib.c: In function ‘run_wdog’:
ncplib.c:652: warning: pointer targets in passing argument 6 of ‘x_recvfrom’
differ in signedness
ncplib.c: In function ‘do_ncp_tcp_call’:
ncplib.c:1000: warning: pointer targets in passing argument 2 of ‘do_tcp_rcv’
differ in signedness
ncplib.c: In function ‘ncp_kernel_request’:
ncplib.c:1077: warning: pointer targets in assignment differ in signedness
ncplib.c:1079: warning: pointer targets in assignment differ in signedness
ncplib.c: In function ‘ncp_temp_request’:
ncplib.c:1109: warning: pointer targets in passing argument 4 of ‘do_ncp_call’
differ in signedness
ncplib.c:1112: warning: pointer targets in passing argument 4 of
‘do_ncp_tcp_call’ differ in signedness
ncplib.c: In function ‘ncp_connect_ipx_addr’:
ncplib.c:1297: warning: pointer targets in passing argument 2 of
‘ipx_assign_node’ differ in signedness
ncplib.c: In function ‘ncp_login_conn’:
ncplib.c:1677: warning: pointer targets in passing argument 2 of
‘ncp_login_object’ differ in signedness
ncplib.c:1677: warning: pointer targets in passing argument 4 of
‘ncp_login_object’ differ in signedness
ncplib.c:1697: warning: pointer targets in passing argument 2 of
‘ncp_login_object’ differ in signedness
ncplib.c:1697: warning: pointer targets in passing argument 4 of
‘ncp_login_object’ differ in signedness
ncplib.c: In function ‘ncp_initialize_2’:
ncplib.c:2416: error: invalid storage class for function ‘get_argument’
ncplib.c:2462: warning: initialization discards qualifiers from pointer target type
ncplib.c: In function ‘ncp_scan_bindery_object’:
ncplib.c:3126: warning: pointer targets in passing argument 5 of ‘NWScanObject’
differ in signedness
ncplib.c: In function ‘ncp_keyed_verify_password’:
ncplib.c:3497: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3503: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c: In function ‘NWVerifyObjectPassword’:
ncplib.c:3518: warning: pointer targets in passing argument 2 of
‘ncp_get_encryption_key’ differ in signedness
ncplib.c:3529: warning: pointer targets in passing argument 4 of
‘ncp_keyed_verify_password’ differ in signedness
ncplib.c: In function ‘ncp_login_encrypted’:
ncplib.c:3569: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3575: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c:3589: warning: pointer targets in passing argument 2 of
‘ncp_sign_start’ differ in signedness
ncplib.c: In function ‘ncp_login_unencrypted’:
ncplib.c:3611: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c: In function ‘ncp_change_login_passwd’:
ncplib.c:3642: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3643: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3645: warning: pointer targets in passing argument 1 of
‘newpassencrypt’ differ in signedness
ncplib.c:3645: warning: pointer targets in passing argument 2 of
‘newpassencrypt’ differ in signedness
ncplib.c:3645: warning: pointer targets in passing argument 3 of
‘newpassencrypt’ differ in signedness
ncplib.c:3646: warning: pointer targets in passing argument 1 of
‘newpassencrypt’ differ in signedness
ncplib.c:3646: warning: pointer targets in passing argument 2 of
‘newpassencrypt’ differ in signedness
ncplib.c:3646: warning: pointer targets in passing argument 3 of
‘newpassencrypt’ differ in signedness
ncplib.c:3647: warning: pointer targets in passing argument 1 of ‘strlen’ differ
in signedness
ncplib.c:3655: warning: pointer targets in passing argument 2 of
‘ncp_add_pstring’ differ in signedness
ncplib.c: In function ‘ncp_login_object’:
ncplib.c:3681: warning: pointer targets in passing argument 2 of
‘ncp_get_encryption_key’ differ in signedness
ncplib.c:3683: warning: pointer targets in passing argument 3 of
‘ncp_login_unencrypted’ differ in signedness
ncplib.c:3686: warning: pointer targets in passing argument 3 of
‘ncp_get_bindery_object_id’ differ in signedness
ncplib.c:3704: warning: pointer targets in passing argument 3 of
‘ncp_read_property_value’ differ in signedness
ncplib.c: In function ‘ncp_set_private_key_perm’:
ncplib.c:4151: error: invalid lvalue in assignment
make[2]: ** [ncplib.do] Erro 1
make[2]: Leaving directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/lib'
make[1]: ** [../lib/libncp.so] Erro 2
make[1]: Leaving directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/util'
make[1]: Entering directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/man'
/usr/bin/install -c -d /usr/local/man/man1 /usr/local/man/man5 /usr/local/man/man8
/usr/bin/install -c -m 644 nprint.1.gz nsend.1.gz nwauth.1.gz nwbols.1.gz
nwboprops.1.gz nwbpset.1.gz nwbpvalues.1.gz nwdir.1.gz nwfsinfo.1.gz
nwfstime.1.gz nwpasswd.1.gz nwpurge.1.gz nwrights.1.gz nwsfind.1.gz
nwtrustee.1.gz nwuserlist.1.gz nwvolinfo.1.gz pqlist.1.gz nwpqjob.1.gz
pqstat.1.gz pserver.1.gz slist.1.gz nwpjmv.1.gz ncopy.1.gz /usr/local/man/man1
/usr/bin/install -c -m 644 nwclient.5.gz /usr/local/man/man5
/usr/bin/install -c -m 644 nwbocreate.8.gz nwborm.8.gz nwbpadd.8.gz
nwbpcreate.8.gz nwbprm.8.gz nwfsctrl.8.gz nwgrant.8.gz nwrevoke.8.gz
ncpmount.8.gz ncpumount.8.gz nwmsg.8.gz /usr/local/man/man8
ln -sf nwpqjob.1.gz /usr/local/man/man1/pqrm.1.gz
ln -sf ncpmount.8.gz /usr/local/man/man8/mount.ncp.8.gz
make[1]: Leaving directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/man'
make[1]: Entering directory
`/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/ipx-1.0'
/usr/bin/install -c -d /usr/local/bin
/usr/bin/install -c ipx_configure ipx_cmd ipx_interface ipx_internal_net
ipx_route /usr/local/bin
/usr/bin/install -c -d /usr/local/man/man8
/usr/bin/install -c -m 644 ipx_configure.8.gz ipx_cmd.8.gz ipx_interface.8.gz
ipx_internal_net.8.gz ipx_route.8.gz /usr/local/man/man8
make[1]: Leaving directory `/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/ipx-1.0'
make[1]: Entering directory
`/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/contrib/pam'
gcc  -DN_PLAT_LINUX -DLOCALEDIR=\"/usr/local/share/locale\"
-DNCPFS_VERSION=\"2.2.4\" -DNCPFS_PACKAGE=\"ncpfs\" -g -O2  -I../../include
-I../../intl -I../../include -DNCPMOUNT_PATH=\"/usr/local/bin/ncpmount\"
-DNCPUMOUNT_PATH=\"/usr/local/bin/ncpumount\" -fPIC -o pam_ncp_auth.do -c
pam_ncp_auth.c
pam_ncp_auth.c: In function ‘nw_create_conn_to_server’:
pam_ncp_auth.c:683: warning: pointer targets in passing argument 2 of
‘ncp_get_encryption_key’ differ in signedness
pam_ncp_auth.c:686: warning: pointer targets in passing argument 4 of
‘ncp_login_unencrypted’ differ in signedness
pam_ncp_auth.c:694: warning: pointer targets in passing argument 4 of
‘ncp_login_encrypted’ differ in signedness
pam_ncp_auth.c: In function ‘nw_ctx_search’:
pam_ncp_auth.c:956: warning: pointer targets in passing argument 11 of
‘NWDSSearch’ differ in signedness
pam_ncp_auth.c: In function ‘nw_retrieve_bindery_user_info’:
pam_ncp_auth.c:1422: warning: pointer targets in passing argument 1 of ‘strlen’
differ in signedness
pam_ncp_auth.c:1422: warning: pointer targets in passing argument 1 of
‘__strdup’ differ in signedness
pam_ncp_auth.c:1440: warning: pointer targets in passing argument 1 of
‘__builtin_strchr’ differ in signedness
pam_ncp_auth.c:1446: warning: pointer targets in passing argument 1 of ‘strlen’
differ in signedness
pam_ncp_auth.c:1446: warning: pointer targets in passing argument 1 of
‘__strdup’ differ in signedness
pam_ncp_auth.c: In function ‘nds_group_name’:
pam_ncp_auth.c:1743: error: invalid lvalue in increment
pam_ncp_auth.c: In function ‘do_chfn’:
pam_ncp_auth.c:2623: error: invalid lvalue in assignment
pam_ncp_auth.c: In function ‘nw_attempt_passwd_post’:
pam_ncp_auth.c:4357: warning: pointer targets in passing argument 2 of
‘ncp_get_encryption_key’ differ in signedness
pam_ncp_auth.c:4363: warning: pointer targets in passing argument 3 of
‘ncp_get_bindery_object_id’ differ in signedness
pam_ncp_auth.c:4369: warning: pointer targets in passing argument 4 of
‘ncp_change_login_passwd’ differ in signedness
pam_ncp_auth.c:4369: warning: pointer targets in passing argument 5 of
‘ncp_change_login_passwd’ differ in signedness
make[1]: ** [pam_ncp_auth.do] Erro 1
make[1]: Leaving directory
`/usr/src/redhat/SOURCES/ncpfs-2.2.4/ncpfs-2.2.4/contrib/pam'
make: ** [install] Erro 2
[root@protheus05 ncpfs-2.2.4]#
[root@protheus05 ncpfs-2.2.4]# ncplogin -S CTP-RAID-NW4 -U douglas
*** buffer overflow detected ***: ncplogin terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x272735]
/lib/libc.so.6[0x271eb2]
ncplogin(main+0x655)[0xdc5e09]
/lib/libc.so.6(__libc_start_main+0xdf)[0x1a94ff]
ncplogin[0xdc51d1]
======= Memory map: ========
00111000-00112000 r-xp 00000000 fd:00 1236816    /usr/lib/gconv/ISO8859-1.so
00112000-00114000 rwxp 00000000 fd:00 1236816    /usr/lib/gconv/ISO8859-1.so
00179000-00192000 r-xp 00000000 fd:00 715977     /lib/ld-2.3.90.so
00192000-00193000 r-xp 00018000 fd:00 715977     /lib/ld-2.3.90.so
00193000-00194000 rwxp 00019000 fd:00 715977     /lib/ld-2.3.90.so
00194000-002b9000 r-xp 00000000 fd:00 715979     /lib/libc-2.3.90.so
002b9000-002bb000 r-xp 00125000 fd:00 715979     /lib/libc-2.3.90.so
002bb000-002bd000 rwxp 00127000 fd:00 715979     /lib/libc-2.3.90.so
002bd000-002bf000 rwxp 002bd000 00:00 0
00338000-00341000 r-xp 00000000 fd:00 716009     /lib/libgcc_s-4.0.1-20050727.so.1
00341000-00342000 rwxp 00009000 fd:00 716009     /lib/libgcc_s-4.0.1-20050727.so.1
007c5000-007c6000 r-xp 007c5000 00:00 0
0091d000-00921000 r-xp 00000000 fd:00 716016     /lib/libnss_dns-2.3.90.so
00921000-00922000 r-xp 00003000 fd:00 716016     /lib/libnss_dns-2.3.90.so
00922000-00923000 rwxp 00004000 fd:00 716016     /lib/libnss_dns-2.3.90.so
00963000-0096c000 r-xp 00000000 fd:00 716019     /lib/libnss_files-2.3.90.so
0096c000-0096d000 r-xp 00008000 fd:00 716019     /lib/libnss_files-2.3.90.so
0096d000-0096e000 rwxp 00009000 fd:00 716019     /lib/libnss_files-2.3.90.so
009d3000-009e2000 r-xp 00000000 fd:00 715989     /lib/libresolv-2.3.90.so
009e2000-009e3000 r-xp 0000e000 fd:00 715989     /lib/libresolv-2.3.90.so
009e3000-009e4000 rwxp 0000f000 fd:00 715989     /lib/libresolv-2.3.90.so
009e4000-009e6000 rwxp 009e4000 00:00 0
00dc2000-00e02000 r-xp 00000000 fd:00 1176363    /usr/bin/ncplogin
00e02000-00e05000 rw-p 0003f000 fd:00 1176363    /usr/bin/ncplogin
00e05000-00e08000 rw-p 00e05000 00:00 0
08ccc000-08cee000 rw-p 08ccc000 00:00 0          [heap]
b7d13000-b7d19000 r--s 00000000 fd:00 1236883    /usr/lib/gconv/gconv-modules.cache
b7d19000-b7f19000 r--p 00000000 fd:00 1173066    /usr/lib/locale/locale-archive
b7f19000-b7f1b000 rw-p b7f19000 00:00 0
bfb1f000-bfb35000 rw-p bfb1f000 00:00 0          [stack]
Abortado
[root@protheus05 ncpfs-2.2.4]# 
Comment 3 Martin Stransky 2005-09-24 09:47:02 EDT
Use #rpmbuild --rebuild ncpfs-2.2.4-10.src.rpm, #rpm -
Uhv /usr/src/redhat/RPMS/i386/ncpfs-2.2.4-10.i386.rpm and check the ncplogin.
Comment 4 Douglas Chagas 2005-09-26 08:31:13 EDT
Ok. The installation was ok, but the problem still happen. :(

Checking for unpackaged file(s): /usr/lib/rpm/check-files /var/tmp/ncpfs-2.2.4-root
Gravei: /usr/src/redhat/RPMS/i386/ncpfs-2.2.4-10.i386.rpm
Gravei: /usr/src/redhat/RPMS/i386/ipxutils-2.2.4-10.i386.rpm
Gravei: /usr/src/redhat/RPMS/i386/ncpfs-debuginfo-2.2.4-10.i386.rpm
A executar(%clean): /bin/sh -e /var/tmp/rpm-tmp.22029
+ umask 022
+ cd /usr/src/redhat/BUILD
+ cd ncpfs-2.2.4
+ rm -rf /var/tmp/ncpfs-2.2.4-root
+ rm -f rpm.files
+ exit 0
A executar(--clean): /bin/sh -e /var/tmp/rpm-tmp.22029
+ umask 022
+ cd /usr/src/redhat/BUILD
+ rm -rf ncpfs-2.2.4
+ exit 0
[root@protheus05 ~]# cd /usr/src/redhat/RPMS/i386/
[root@protheus05 i386]# ls
ipxutils-2.2.4-10.i386.rpm  ncpfs-debuginfo-2.2.4-10.i386.rpm
ncpfs-2.2.4-10.i386.rpm
[root@protheus05 i386]# rpm -q ipxutils
ipxutils-2.2.4-8
[root@protheus05 i386]# rpm -Uvh ipxutils-2.2.4-10.i386.rpm
A preparar...               ########################################### [100%]
   1:ipxutils               ########################################### [100%]
[root@protheus05 i386]# ls
ipxutils-2.2.4-10.i386.rpm  ncpfs-debuginfo-2.2.4-10.i386.rpm
ncpfs-2.2.4-10.i386.rpm
[root@protheus05 i386]# rpm -Uvh ncpfs-2.2.4-10.i386.rpm
A preparar...               ########################################### [100%]
   1:ncpfs                  ########################################### [100%]
[root@protheus05 i386]# ls
ipxutils-2.2.4-10.i386.rpm  ncpfs-debuginfo-2.2.4-10.i386.rpm
ncpfs-2.2.4-10.i386.rpm
[root@protheus05 i386]# ncplogin -S CTP-RAID-NW4 -U douglas
failed:Unable to open connection to CTP-RAID-NW4.
[root@protheus05 i386]# slist
slist: Server not found (0x8847) in ncp_open
[root@protheus05 i386]# ipx_configure -pon
[root@protheus05 i386]# ipx_configure -ion
[root@protheus05 i386]# slist

Known NetWare File Servers                          Network   Node Address
--------------------------------------------------------------------------
CTP-RAID-NW4                                        351846FD  000000000001
[root@protheus05 i386]# ncplogin -S CTP-RAID-NW4 -U douglas
*** buffer overflow detected ***: ncplogin terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x32dc45]
/lib/libc.so.6[0x32d4d2]
ncplogin(main+0x66b)[0x3c7e5f]
/lib/libc.so.6(__libc_start_main+0xdf)[0x264d5f]
ncplogin[0x3c7211]
======= Memory map: ========
00111000-00115000 r-xp 00000000 fd:00 715991     /lib/libnss_dns-2.3.5.so
00115000-00116000 r-xp 00003000 fd:00 715991     /lib/libnss_dns-2.3.5.so
00116000-00117000 rwxp 00004000 fd:00 715991     /lib/libnss_dns-2.3.5.so
00117000-00118000 r-xp 00000000 fd:00 846779     /usr/lib/gconv/ISO8859-1.so
00118000-0011a000 rwxp 00000000 fd:00 846779     /usr/lib/gconv/ISO8859-1.so
00250000-00373000 r-xp 00000000 fd:00 716138     /lib/libc-2.3.5.so
00373000-00375000 r-xp 00123000 fd:00 716138     /lib/libc-2.3.5.so
00375000-00377000 rwxp 00125000 fd:00 716138     /lib/libc-2.3.5.so
00377000-00379000 rwxp 00377000 00:00 0
003c4000-00404000 r-xp 00000000 fd:00 1175680    /usr/bin/ncplogin
00404000-00407000 rwxp 0003f000 fd:00 1175680    /usr/bin/ncplogin
00407000-0040a000 rwxp 00407000 00:00 0
00442000-00443000 r-xp 00442000 00:00 0
00578000-00587000 r-xp 00000000 fd:00 720776     /lib/libresolv-2.3.5.so
00587000-00588000 r-xp 0000e000 fd:00 720776     /lib/libresolv-2.3.5.so
00588000-00589000 rwxp 0000f000 fd:00 720776     /lib/libresolv-2.3.5.so
00589000-0058b000 rwxp 00589000 00:00 0
0081a000-00834000 r-xp 00000000 fd:00 715982     /lib/ld-2.3.5.so
00834000-00835000 r-xp 00019000 fd:00 715982     /lib/ld-2.3.5.so
00835000-00836000 rwxp 0001a000 fd:00 715982     /lib/ld-2.3.5.so
00993000-0099c000 r-xp 00000000 fd:00 716009     /lib/libgcc_s-4.0.1-20050727.so.1
0099c000-0099d000 rwxp 00009000 fd:00 716009     /lib/libgcc_s-4.0.1-20050727.so.1
00abe000-00ac7000 r-xp 00000000 fd:00 716027     /lib/libnss_files-2.3.5.so
00ac7000-00ac8000 r-xp 00008000 fd:00 716027     /lib/libnss_files-2.3.5.so
00ac8000-00ac9000 rwxp 00009000 fd:00 716027     /lib/libnss_files-2.3.5.so
095bf000-095e1000 rw-p 095bf000 00:00 0          [heap]
b7d20000-b7d26000 r--s 00000000 fd:00 846838     /usr/lib/gconv/gconv-modules.cache
b7d26000-b7f26000 r--p 00000000 fd:00 1178866    /usr/lib/locale/locale-archive
b7f26000-b7f28000 rw-p b7f26000 00:00 0
bfa2d000-bfa42000 rw-p bfa2d000 00:00 0          [stack]
Abortado
[root@protheus05 i386]#
Comment 5 Douglas Chagas 2005-09-28 08:43:40 EDT
Hi. Any answer please?
Comment 6 Martin Stransky 2005-10-04 06:04:40 EDT
Could you please check to run it from gdb? Like that:

#gdb /usr/bin/ncplogin

...

(gdb) r -S CTP-RAID-NW4 -U douglas

and tell me what happens. Very userful will be some back-trace if ncplogin
crashes (use 'bt' command in gdb).
Comment 7 Martin Stransky 2005-10-04 06:21:20 EDT
btw. You can place a breakpoint to "__chk_fail" (before the run command):

(gdb) b __chk_fail
Comment 8 Douglas Chagas 2005-10-04 08:19:50 EDT
Hi. I tried the commands you said, but the problem still happen. 
When I try to create a break point, I don't know if is it correct. 
I've never used gdb before. If it's wrong, please show the right command and
I'll try again.
The commands I tried are following:

Known NetWare File Servers                          Network   Node Address
--------------------------------------------------------------------------
CTP-RAID-NW4                                        351846FD  000000000001
[root@protheus05 ~]# gdb /usr/bin/ncplogin
GNU gdb Red Hat Linux (6.3.0.0-1.21rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db
library "/lib/libthread_db.so.1".

(gdb) b __chk_fail
Function "__chk_fail" not defined.
Make breakpoint pending on future shared library load? (y or [n]) y

Breakpoint 1 (__chk_fail) pending.
(gdb) r -S CTP-RAID-NW4 -U douglas
Starting program: /usr/bin/ncplogin -S CTP-RAID-NW4 -U douglas
Reading symbols from shared object read from target memory...done.
Loaded system supplied DSO at 0x223000
Detaching after fork from child process 3032.
Detaching after fork from child process 3033.
*** buffer overflow detected ***: /usr/bin/ncplogin terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x7e1c45]
/lib/libc.so.6[0x7e14d2]
/usr/bin/ncplogin(main+0x66b)[0x1a5e5f]
/lib/libc.so.6(__libc_start_main+0xdf)[0x718d5f]
/usr/bin/ncplogin[0x1a5211]
======= Memory map: ========
00111000-00115000 r-xp 00000000 fd:00 715991     /lib/libnss_dns-2.3.5.so
00115000-00116000 r-xp 00003000 fd:00 715991     /lib/libnss_dns-2.3.5.so
00116000-00117000 rwxp 00004000 fd:00 715991     /lib/libnss_dns-2.3.5.so
00117000-00118000 r-xp 00000000 fd:00 846779     /usr/lib/gconv/ISO8859-1.so
00118000-0011a000 rwxp 00000000 fd:00 846779     /usr/lib/gconv/ISO8859-1.so
001a2000-001e2000 r-xp 00000000 fd:00 1174870    /usr/bin/ncplogin
001e2000-001e5000 rwxp 0003f000 fd:00 1174870    /usr/bin/ncplogin
001e5000-001e8000 rwxp 001e5000 00:00 0
00223000-00224000 r-xp 00223000 00:00 0
00704000-00827000 r-xp 00000000 fd:00 715979     /lib/libc-2.3.5.so
00827000-00829000 r-xp 00123000 fd:00 715979     /lib/libc-2.3.5.so
00829000-0082b000 rwxp 00125000 fd:00 715979     /lib/libc-2.3.5.so
0082b000-0082d000 rwxp 0082b000 00:00 0
00af9000-00b13000 r-xp 00000000 fd:00 715977     /lib/ld-2.3.5.so
00b13000-00b14000 r-xp 00019000 fd:00 715977     /lib/ld-2.3.5.so
00b14000-00b15000 rwxp 0001a000 fd:00 715977     /lib/ld-2.3.5.so
00b97000-00ba6000 r-xp 00000000 fd:00 715987     /lib/libresolv-2.3.5.so
00ba6000-00ba7000 r-xp 0000e000 fd:00 715987     /lib/libresolv-2.3.5.so
00ba7000-00ba8000 rwxp 0000f000 fd:00 715987     /lib/libresolv-2.3.5.so
00ba8000-00baa000 rwxp 00ba8000 00:00 0
00d67000-00d70000 r-xp 00000000 fd:00 716023     /lib/libgcc_s-4.0.1-20050727.so.1
00d70000-00d71000 rwxp 00009000 fd:00 716023     /lib/libgcc_s-4.0.1-20050727.so.1
00fa0000-00fa9000 r-xp 00000000 fd:00 716027     /lib/libnss_files-2.3.5.so
00fa9000-00faa000 r-xp 00008000 fd:00 716027     /lib/libnss_files-2.3.5.so
00faa000-00fab000 rwxp 00009000 fd:00 716027     /lib/libnss_files-2.3.5.so
08488000-084aa000 rw-p 08488000 00:00 0          [heap]
b7da5000-b7dab000 r--s 00000000 fd:00 846838     /usr/lib/gconv/gconv-modules.cache
b7dab000-b7fab000 r--p 00000000 fd:00 1178866    /usr/lib/locale/locale-archive
b7fab000-b7fad000 rw-p b7fab000 00:00 0
bfab1000-bfac7000 rw-p bfab1000 00:00 0          [stack]

Program received signal SIGABRT, Aborted.
0x00223402 in __kernel_vsyscall ()
(gdb)  
Comment 9 Martin Stransky 2005-10-04 08:36:59 EDT
Please type the 'bt' command after crash:

(gdb) bt

it should show the back-trace.
Comment 10 Douglas Chagas 2005-10-04 09:16:02 EDT
The results are following:

[root@protheus05 ~]# gdb /usr/bin/ncplogin
GNU gdb Red Hat Linux (6.3.0.0-1.21rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db
library "/lib/libthread_db.so.1".

(gdb) b __chk_fail
Function "__chk_fail" not defined.
Make breakpoint pending on future shared library load? (y or [n]) y

Breakpoint 1 (__chk_fail) pending.
(gdb) r -S CTP-RAID-NW4 -U douglas
Starting program: /usr/bin/ncplogin -S CTP-RAID-NW4 -U douglas
Reading symbols from shared object read from target memory...done.
Loaded system supplied DSO at 0x320000
Detaching after fork from child process 13643.
Detaching after fork from child process 13644.
*** buffer overflow detected ***: /usr/bin/ncplogin terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x3fec45]
/lib/libc.so.6[0x3fe4d2]
/usr/bin/ncplogin(main+0x66b)[0x1fde5f]
/lib/libc.so.6(__libc_start_main+0xdf)[0x335d5f]
/usr/bin/ncplogin[0x1fd211]
======= Memory map: ========
00111000-0011a000 r-xp 00000000 fd:00 716027     /lib/libnss_files-2.3.5.so
0011a000-0011b000 r-xp 00008000 fd:00 716027     /lib/libnss_files-2.3.5.so
0011b000-0011c000 rwxp 00009000 fd:00 716027     /lib/libnss_files-2.3.5.so
0013d000-0014c000 r-xp 00000000 fd:00 715987     /lib/libresolv-2.3.5.so
0014c000-0014d000 r-xp 0000e000 fd:00 715987     /lib/libresolv-2.3.5.so
0014d000-0014e000 rwxp 0000f000 fd:00 715987     /lib/libresolv-2.3.5.so
0014e000-00150000 rwxp 0014e000 00:00 0
001fa000-0023a000 r-xp 00000000 fd:00 1174870    /usr/bin/ncplogin
0023a000-0023d000 rwxp 0003f000 fd:00 1174870    /usr/bin/ncplogin
0023d000-00240000 rwxp 0023d000 00:00 0
00320000-00321000 r-xp 00320000 00:00 0
00321000-00444000 r-xp 00000000 fd:00 715979     /lib/libc-2.3.5.so
00444000-00446000 r-xp 00123000 fd:00 715979     /lib/libc-2.3.5.so
00446000-00448000 rwxp 00125000 fd:00 715979     /lib/libc-2.3.5.so
00448000-0044a000 rwxp 00448000 00:00 0
007ab000-007af000 r-xp 00000000 fd:00 715991     /lib/libnss_dns-2.3.5.so
007af000-007b0000 r-xp 00003000 fd:00 715991     /lib/libnss_dns-2.3.5.so
007b0000-007b1000 rwxp 00004000 fd:00 715991     /lib/libnss_dns-2.3.5.so
00897000-00898000 r-xp 00000000 fd:00 846779     /usr/lib/gconv/ISO8859-1.so
00898000-0089a000 rwxp 00000000 fd:00 846779     /usr/lib/gconv/ISO8859-1.so
00cfb000-00d15000 r-xp 00000000 fd:00 715977     /lib/ld-2.3.5.so
00d15000-00d16000 r-xp 00019000 fd:00 715977     /lib/ld-2.3.5.so
00d16000-00d17000 rwxp 0001a000 fd:00 715977     /lib/ld-2.3.5.so
00d3b000-00d44000 r-xp 00000000 fd:00 716023     /lib/libgcc_s-4.0.1-20050727.so.1
00d44000-00d45000 rwxp 00009000 fd:00 716023     /lib/libgcc_s-4.0.1-20050727.so.1
0879b000-087bd000 rw-p 0879b000 00:00 0          [heap]
b7d44000-b7d4a000 r--s 00000000 fd:00 846838     /usr/lib/gconv/gconv-modules.cache
b7d4a000-b7f4a000 r--p 00000000 fd:00 1178866    /usr/lib/locale/locale-archive
b7f4a000-b7f4c000 rw-p b7f4a000 00:00 0
bf851000-bf866000 rw-p bf851000 00:00 0          [stack]

Program received signal SIGABRT, Aborted.
0x00320402 in __kernel_vsyscall ()
(gdb) bt
#0  0x00320402 in __kernel_vsyscall ()
#1  0x00349118 in raise () from /lib/libc.so.6
#2  0x0034a888 in abort () from /lib/libc.so.6
#3  0x0037e22a in __libc_message () from /lib/libc.so.6
#4  0x003fec45 in __chk_fail () from /lib/libc.so.6
#5  0x003fe4d2 in __strncpy_chk () from /lib/libc.so.6
#6  0x001fde5f in main (argc=5, argv=0xbf8648a4) at ncplogin.c:170
(gdb) 
Comment 11 Martin Stransky 2005-10-04 09:27:25 EDT
Great, I've always known you'll do it :-) Patch is on the way...
Comment 12 Martin Stransky 2005-10-04 10:31:01 EDT
The problem appeared in previous patch for CAN-2005-0014
(ncpfs-2.2.4-overflow2.patch).  It causes that memory from sizeof(tmpNWPath)-1
is copied into tmpNWPath instead of the string from info->remote_path.

Here is the problematic code:

strncpy(tmpNWPath,sizeof(tmpNWPath)-1,(info->remote_path));
Comment 13 Martin Stransky 2005-10-04 10:33:39 EDT
Created attachment 119603 [details]
Proposed patch
Comment 14 Douglas Chagas 2005-10-04 10:59:16 EDT
Ok, but how can I use it please?
Comment 15 Martin Stransky 2005-10-04 11:13:05 EDT
(In reply to comment #14)
> Ok, but how can I use it please?

You don't have to care about this patch, you should use a package which is
comming via update for FC. Or you can use a package from devel, it's package
ncpfs-2.2.4-10 and it will be here:

http://download.fedora.redhat.com/pub/fedora/linux/core/development/
Comment 16 Douglas Chagas 2005-10-04 12:16:44 EDT
I´ve tried it. Do you remember? You asked me to use it in the comment #1.
Comment 17 Douglas Chagas 2005-10-04 12:18:06 EDT
And my Linux is Updated. I used up2date and install all updates. And the 
problem still happens
Comment 18 Martin Stransky 2005-10-04 16:42:02 EDT
Don't rush it, it will be here after while...

Package here:
http://people.redhat.com/stransky/ncpfs/ncpfs-2.2.4-10.src.rpm
is only a testing package.
Comment 19 Douglas Chagas 2005-10-05 12:04:14 EDT
I said I tried to use this packege, but the problem still happens. It don´t 
solve the problem.
My english isn´t good, but do you understand me? How can I solve the problem?
Comment 21 Douglas Chagas 2005-10-21 12:31:49 EDT
Hi. Now I can login and map. But I can't print. I've configured my printer with
printconf. I've wrote server, queue, user and password, it was ok. But, when i
tried to print it doesn't print.
Comment 22 Arjan van de Ven 2005-10-23 16:02:20 EDT
does it still cause the buffer overflow detected message? If not, please open a
separate bug for that since that's then unrelated to this bug

Note You need to log in before you can comment on or make changes to this bug.