Red Hat Bugzilla – Bug 190822
cfengine 2.1.20 buffer overflow when using ipv6
Last modified: 2007-11-30 17:11:32 EST
Description of problem: cfengine 2.1.20 has a buffer overflow problem related to
IP V6 interfaces and certain constructs in the configuration files of cfengine
itself. The problem gets detected by the stack-protector feature of gcc 4.1.
Details below, have reported problem, it is fixed upstream.
Version-Release number of selected component (if applicable): 2.1.20-1.fc5
Steps to Reproduce:
1. Install cfengine.
2. Into /var/cfengine/inputs/cfagent.conf, put a classes: x = (
3. Make sure you machine has an IPv6 interface
4. cfagent --no-splay -v
Actual results: Stack smashing detected: cfagent terminated
Expected results: Complete run of cfengine
Additional info: The bug is a buffer overflow problem, where a (long) IPv6
address does not fit into a buffer set to be too small. The problem was fixed
by Mark Burgess with revision 240 of file item.c. The isolated diff to revision
207 of item.c is attached as a patch, I have rebuilt the package, installed and
The patch contains only changes to item.c between revisions 207 and 240.
The problem is somewhat urgent as cfengine in a non-trivial setup will not run.
For my upstream bug report, see
Created attachment 128658 [details]
patch (changes to file item.c only) to rebuild the rpm
Martin, thanks for the patch. I will work on updated packages shortly.
Sorry - I never closed this when I pushed out the updated packages. This was
fixed in 2.1.20-3.