This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 200400 - buffer overflow when going to MASTER mode
buffer overflow when going to MASTER mode
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: ucarp (Show other bugs)
5
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Matthias Saou
Fedora Extras Quality Assurance
:
: 201596 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-07-27 09:48 EDT by ValueCommerce Infrastructure Team
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-22 09:15:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description ValueCommerce Infrastructure Team 2006-07-27 09:48:27 EDT
ucarp-1.1-5.fc5

1. Running with preempt on:

# ucarp -v 1 -p password -s 10.1.0.5 -a 10.1.0.9 -i eth0 -k 64 -P
[WARNING] Warning: no script called when going up
[WARNING] Warning: no script called when going down
[INFO] Local advertised ethernet address is [00:02:55:b7:e6:e5]
*** buffer overflow detected ***: ucarp terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x477292b1]
ucarp[0x804d4ad]
ucarp[0x804a16b]
ucarp[0x804a422]
ucarp[0x8049709]
/lib/libc.so.6(__libc_start_main+0xdc)[0x47662724]
ucarp[0x80491f1]
======= Memory map: ========
08048000-0804f000 r-xp 00000000 03:03 437435     /usr/sbin/ucarp
0804f000-08050000 rwxp 00007000 03:03 437435     /usr/sbin/ucarp
08b14000-08b35000 rwxp 08b14000 00:00 0          [heap]
4762f000-47630000 r-xp 4762f000 00:00 0          [vdso]
47630000-47649000 r-xp 00000000 03:03 2058338    /lib/ld-2.4.so
47649000-4764a000 r-xp 00018000 03:03 2058338    /lib/ld-2.4.so
4764a000-4764b000 rwxp 00019000 03:03 2058338    /lib/ld-2.4.so
4764d000-4777a000 r-xp 00000000 03:03 2058354    /lib/libc-2.4.so
4777a000-4777c000 r-xp 0012d000 03:03 2058354    /lib/libc-2.4.so
4777c000-4777d000 rwxp 0012f000 03:03 2058354    /lib/libc-2.4.so
4777d000-47780000 rwxp 4777d000 00:00 0 
47782000-477aa000 r-xp 00000000 03:03 434336     /usr/lib/libpcap.so.0.9.4
477aa000-477ab000 rwxp 00028000 03:03 434336     /usr/lib/libpcap.so.0.9.4
4780d000-47818000 r-xp 00000000 03:03 2058399    /lib/libgcc_s-4.1.1-20060525.so.1
47818000-47819000 rwxp 0000a000 03:03 2058399    /lib/libgcc_s-4.1.1-20060525.so.1
b7d38000-b7f38000 r--p 00000000 03:03 432124     /usr/lib/locale/locale-archive
b7f38000-b7f39000 rw-p b7f38000 00:00 0 
b7f3b000-b7f3d000 rw-p b7f3b000 00:00 0 
bfd0e000-bfd24000 rw-p bfd0e000 00:00 0          [stack]
Aborted


2. Running with preempt off:
# ucarp -v 1 -p password -s 10.1.0.5 -a 10.1.0.9 -i eth0
[WARNING] Warning: no script called when going up
[WARNING] Warning: no script called when going down
[INFO] Local advertised ethernet address is [00:02:55:b7:e6:e5]
[WARNING] Switching to state: BACKUP
[WARNING] Switching to state: MASTER
*** buffer overflow detected ***: ucarp terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x477292b1]
ucarp[0x804d4ad]
ucarp[0x8049acc]
ucarp[0x804a1df]
ucarp[0x804a548]
ucarp[0x8049709]
/lib/libc.so.6(__libc_start_main+0xdc)[0x47662724]
ucarp[0x80491f1]
======= Memory map: ========
08048000-0804f000 r-xp 00000000 03:03 437435     /usr/sbin/ucarp
0804f000-08050000 rwxp 00007000 03:03 437435     /usr/sbin/ucarp
0927a000-0929b000 rwxp 0927a000 00:00 0          [heap]
4762f000-47630000 r-xp 4762f000 00:00 0          [vdso]
47630000-47649000 r-xp 00000000 03:03 2058338    /lib/ld-2.4.so
47649000-4764a000 r-xp 00018000 03:03 2058338    /lib/ld-2.4.so
4764a000-4764b000 rwxp 00019000 03:03 2058338    /lib/ld-2.4.so
4764d000-4777a000 r-xp 00000000 03:03 2058354    /lib/libc-2.4.so
4777a000-4777c000 r-xp 0012d000 03:03 2058354    /lib/libc-2.4.so
4777c000-4777d000 rwxp 0012f000 03:03 2058354    /lib/libc-2.4.so
4777d000-47780000 rwxp 4777d000 00:00 0 
47782000-477aa000 r-xp 00000000 03:03 434336     /usr/lib/libpcap.so.0.9.4
477aa000-477ab000 rwxp 00028000 03:03 434336     /usr/lib/libpcap.so.0.9.4
4780d000-47818000 r-xp 00000000 03:03 2058399    /lib/libgcc_s-4.1.1-20060525.so.1
47818000-47819000 rwxp 0000a000 03:03 2058399    /lib/libgcc_s-4.1.1-20060525.so.1
b7dd2000-b7fd2000 r--p 00000000 03:03 432124     /usr/lib/locale/locale-archive
b7fd2000-b7fd3000 rw-p b7fd2000 00:00 0 
b7fd5000-b7fd7000 rw-p b7fd5000 00:00 0 
bf9b3000-bf9c9000 rw-p bf9b3000 00:00 0          [stack]
Aborted
Comment 1 Matthias Saou 2006-07-27 10:13:00 EDT
Interesting. Can you please try the 1.2 package from devel? It has fixed quite a
few issues already, and I should really backport it for older FC releases.
Comment 2 ValueCommerce Infrastructure Team 2006-07-27 10:26:07 EDT
ucarp-1.2-2.fc6 produces little different stacks:

[root@localhost ~]# ucarp -v 1 -p password -s 192.168.40.17 -a 192.168.40.18 -i
intel -k 64 -P
[WARNING] Warning: no script called when going up
[WARNING] Warning: no script called when going down
[INFO] Local advertised ethernet address is [00:02:55:74:aa:dd]
[WARNING] Switching to state: MASTER
*** buffer overflow detected ***: ucarp terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0x314a61]
ucarp[0x804d68d]
ucarp[0x8049b4c]
ucarp[0x804a1eb]
ucarp[0x804a4db]
ucarp[0x8049779]
/lib/libc.so.6(__libc_start_main+0xdc)[0x24e214]
ucarp[0x8049251]
======= Memory map: ========
00235000-00366000 r-xp 00000000 fd:00 525581     /lib/libc-2.4.90.so
00366000-00368000 r-xp 00131000 fd:00 525581     /lib/libc-2.4.90.so
00368000-00369000 rwxp 00133000 fd:00 525581     /lib/libc-2.4.90.so
00369000-0036c000 rwxp 00369000 00:00 0 
00577000-0059f000 r-xp 00000000 fd:00 437745     /usr/lib/libpcap.so.0.9.4
0059f000-005a0000 rwxp 00028000 fd:00 437745     /usr/lib/libpcap.so.0.9.4
006af000-006ba000 r-xp 00000000 fd:00 526993     /lib/libgcc_s-4.1.1-20060721.so.1
006ba000-006bb000 rwxp 0000a000 fd:00 526993     /lib/libgcc_s-4.1.1-20060721.so.1
00bed000-00c06000 r-xp 00000000 fd:00 524303     /lib/ld-2.4.90.so
00c06000-00c07000 r-xp 00018000 fd:00 524303     /lib/ld-2.4.90.so
00c07000-00c08000 rwxp 00019000 fd:00 524303     /lib/ld-2.4.90.so
08048000-0804f000 r-xp 00000000 fd:00 437760     /usr/sbin/ucarp
0804f000-08050000 rwxp 00007000 fd:00 437760     /usr/sbin/ucarp
0990c000-0992d000 rwxp 0990c000 00:00 0 
b7d3e000-b7f3e000 r-xp 00000000 fd:00 436314     /usr/lib/locale/locale-archive
b7f3e000-b7f40000 rwxp b7f3e000 00:00 0 
b7f43000-b7f44000 rwxp b7f43000 00:00 0 
b7f44000-b7f45000 r-xp b7f44000 00:00 0          [vdso]
bff48000-bff5e000 rw-p bff48000 00:00 0          [stack]
Aborted

[root@localhost ~]# ucarp -v 1 -p password -s 192.168.40.17 -a 192.168.40.18 -i
intel
[WARNING] Warning: no script called when going up
[WARNING] Warning: no script called when going down
[INFO] Local advertised ethernet address is [00:02:55:74:aa:dd]
[WARNING] Switching to state: BACKUP
[WARNING] Switching to state: MASTER
*** buffer overflow detected ***: ucarp terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x41)[0xb49a61]
ucarp[0x804d68d]
ucarp[0x8049b4c]
ucarp[0x804a26f]
ucarp[0x804a6be]
ucarp[0x8049779]
/lib/libc.so.6(__libc_start_main+0xdc)[0xa83214]
ucarp[0x8049251]
======= Memory map: ========
00859000-00864000 r-xp 00000000 fd:00 526993     /lib/libgcc_s-4.1.1-20060721.so.1
00864000-00865000 rwxp 0000a000 fd:00 526993     /lib/libgcc_s-4.1.1-20060721.so.1
00a6a000-00b9b000 r-xp 00000000 fd:00 525581     /lib/libc-2.4.90.so
00b9b000-00b9d000 r-xp 00131000 fd:00 525581     /lib/libc-2.4.90.so
00b9d000-00b9e000 rwxp 00133000 fd:00 525581     /lib/libc-2.4.90.so
00b9e000-00ba1000 rwxp 00b9e000 00:00 0 
00c72000-00c8b000 r-xp 00000000 fd:00 524303     /lib/ld-2.4.90.so
00c8b000-00c8c000 r-xp 00018000 fd:00 524303     /lib/ld-2.4.90.so
00c8c000-00c8d000 rwxp 00019000 fd:00 524303     /lib/ld-2.4.90.so
00fba000-00fe2000 r-xp 00000000 fd:00 437745     /usr/lib/libpcap.so.0.9.4
00fe2000-00fe3000 rwxp 00028000 fd:00 437745     /usr/lib/libpcap.so.0.9.4
08048000-0804f000 r-xp 00000000 fd:00 437760     /usr/sbin/ucarp
0804f000-08050000 rwxp 00007000 fd:00 437760     /usr/sbin/ucarp
08561000-08582000 rwxp 08561000 00:00 0 
b7de9000-b7fe9000 r-xp 00000000 fd:00 436314     /usr/lib/locale/locale-archive
b7fe9000-b7feb000 rwxp b7fe9000 00:00 0 
b7fee000-b7fef000 rwxp b7fee000 00:00 0 
b7fef000-b7ff0000 r-xp b7fef000 00:00 0          [vdso]
bfe0f000-bfe24000 rw-p bfe0f000 00:00 0          [stack]
Aborted
Comment 3 Matthias Saou 2006-07-27 10:45:49 EDT
Then you might want to give the 1.3 snapshots are try too, and if the same
problem is still present, report the bug upstream.
Comment 4 ValueCommerce Infrastructure Team 2006-08-04 06:15:50 EDT
The snapshot doesn't coredumps. At least for the first time...
Comment 5 Matthias Saou 2006-08-07 15:23:25 EDT
*** Bug 201596 has been marked as a duplicate of this bug. ***
Comment 6 Matthias Saou 2006-08-22 09:15:45 EDT
Fixed packages of 1.2, which include a patch to bring the code up to the 1.3
snapshot, have just been rebuilt for FC-4, FC-5 and devel. They should be pushed
shortly.

Note You need to log in before you can comment on or make changes to this bug.