Bug 204840 - "buffer overflow detected" when devname's length >=16 of ethtool
"buffer overflow detected" when devname's length >=16 of ethtool
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ethtool (Show other bugs)
5.0
powerpc Linux
medium Severity medium
: ---
: ---
Assigned To: Jay Fenlason
Brian Brock
:
: 207205 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-08-31 16:25 EDT by IBM Bug Proxy
Modified: 2014-08-31 19:28 EDT (History)
4 users (show)

See Also:
Fixed In Version: beta2
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-12-22 19:08:16 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
IBM Linux Technology Center 26538 None None None Never

  None (edit)
Description IBM Bug Proxy 2006-08-31 16:25:31 EDT
LTC Owner is: wangzyu@cn.ibm.com
LTC Originator is: wangzyu@cn.ibm.com


Problem description:
  Issuing 'ethtool 1234567890123456', it reports this following error:
# ethtool 1234567890123456
*** buffer overflow detected ***: ethtool terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x68)[0xff24a08]
/lib/libc.so.6(__strcpy_chk+0x60)[0xff23740]
ethtool[0x100040f4]
ethtool[0x100058a4]
/lib/libc.so.6[0xfe3d5c0]
/lib/libc.so.6(__libc_start_main+0x144)[0xfe3d7e4]
======= Memory map: ========
00100000-00103000 r-xp 00100000 00:00 0 
0fe20000-0ff7d000 r-xp 00000000 fd:00 1735427                           
/lib/libc-2.4.90.so
0ff7d000-0ff8c000 ---p 0015d000 fd:00 1735427                           
/lib/libc-2.4.90.so
0ff8c000-0ff90000 r--p 0015c000 fd:00 1735427                           
/lib/libc-2.4.90.so
0ff90000-0ff91000 rw-p 00160000 fd:00 1735427                           
/lib/libc-2.4.90.so
0ff91000-0ff94000 rw-p 0ff91000 00:00 0 
0ffc0000-0ffdd000 r-xp 00000000 fd:00 1735426                           
/lib/ld-2.4.90.so
0ffed000-0ffee000 r--p 0001d000 fd:00 1735426                           
/lib/ld-2.4.90.so
0ffee000-0ffef000 rw-p 0001e000 fd:00 1735426                           
/lib/ld-2.4.90.so
10000000-10017000 r-xp 00000000 fd:00 5330994                           
/sbin/ethtool
10026000-10027000 rw-p 00016000 fd:00 5330994                           
/sbin/ethtool
f7fd9000-f7fda000 rw-p f7fd9000 00:00 0 
f7ffe000-f7fff000 rw-p f7ffe000 00:00 0 
fff0f000-fff24000 rw-p fff0f000 00:00 0                                  [stack]
Aborted
# echo $?
134
#


If this is not an installation problem,
       Describe any custom patches installed.

       Provide output from "uname -a", if possible:
Linux columbialp2.upt.austin.ibm.com 2.6.16-1.2290_EL #1 SMP Thu Jun 15 15:21:06
EDT 2006 ppc64 ppc64 ppc64 GNU/Linux

Hardware Environment
    Machine type (p650, x235, SF2, etc.): SF4+
    Cpu type (Power4, Power5, IA-64, etc.): Power5
    Describe any special hardware you think might be relevant to this problem:


Please provide contact information if the submitter is not the primary contact.
Backups are Jiang Changhai in China and Chanh Nguyen in Austin.

Please provide access information for the machine if it is available.
I will post it below.

Is this reproducible?
    If so, how long does it (did it) take to reproduce it? yes
    Describe the steps:
    1. ethtool "Link detected: no"

    If not, describe how the bug was encountered:


Is the system (not just the application) hung? no
    If so, describe how you determined this:


Did the system produce an OOPS message on the console?
    If so, copy it here:


Is the system sitting in a debugger right now?
    If so, how long may it stay there?
Comment 1 IBM Bug Proxy 2006-08-31 16:29:43 EDT
also sent here

http://www.spinics.net/lists/netdev/msg13628.html
Comment 2 IBM Bug Proxy 2006-09-01 17:11:14 EDT
----- Additional Comments From salina@us.ibm.com  2006-09-01 17:07 EDT -------
Hi Jeff,

We see kernel.org ethtool git has a fix checked in by you  ( date 8/24 )

Is that fix already in Beta 1 or do we need to wait for Beta 2 ? 

Thanks 
Comment 3 Jeff Garzik 2006-09-01 18:15:50 EDT
The fix isn't in RHEL or Fedora Core yet.  This bug should be kept open until it
is merged.
Comment 4 Jeff Garzik 2006-09-01 18:26:00 EDT
FYI, I just posted a new release of the ethtool package at its home page,
http://sourceforge.net/projects/gkernel/
Comment 5 IBM Bug Proxy 2006-09-04 05:46:11 EDT
----- Additional Comments From wangzyu@cn.ibm.com  2006-09-04 05:41 EDT -------
  RHEL5 Beta1 re-create this defect. fyi:
==================================================
[root@galluslp2 ~]# uname -a
Linux galluslp2.upt.austin.ibm.com 2.6.17-1.2519.4.21.el5 #1 SMP Wed Aug 30
18:29:48 EDT 2006 ppc64 ppc64 ppc64 GNU/Linux
[root@galluslp2 ~]# rpm -qlif `which ethtool`
Name        : ethtool                      Relocations: (not relocatable)
Version     : 3                                 Vendor: Red Hat, Inc.
Release     : 1.2.2                         Build Date: Wed 12 Jul 2006 03:33:52
AM CDT
Install Date: Sun 03 Sep 2006 07:41:25 PM CDT      Build Host:
js20-bc2-10.build.redhat.com
Group       : Applications/System           Source RPM: ethtool-3-1.2.2.src.rpm
Size        : 139027                           License: GPL
Signature   : DSA/SHA1, Thu 24 Aug 2006 09:34:42 PM CDT, Key ID fd372689897da07a
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://sourceforge.net/projects/gkernel/
Summary     : Ethernet settings tool for PCI ethernet cards
Description :
This utility allows querying and changing of ethernet
card settings, such as speed, port, autonegotiation,
and PCI locations.
/sbin/ethtool
/usr/sbin/ethtool
/usr/share/doc/ethtool-3
/usr/share/doc/ethtool-3/AUTHORS
/usr/share/doc/ethtool-3/COPYING
/usr/share/doc/ethtool-3/ChangeLog
/usr/share/doc/ethtool-3/INSTALL
/usr/share/doc/ethtool-3/NEWS
/usr/share/doc/ethtool-3/README
/usr/share/man/man8/ethtool.8.gz
[root@galluslp2 ~]# ethtool 1234567890123456
*** buffer overflow detected ***: ethtool terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x68)[0xff47318]
/lib/libc.so.6(__strcpy_chk+0x60)[0xff460d0]
ethtool[0x100040e4]
ethtool[0x10005894]
/lib/libc.so.6[0xfe6124c]
/lib/libc.so.6(__libc_start_main+0x144)[0xfe61474]
======= Memory map: ========
00100000-00120000 r-xp 00100000 00:00 0                                  [vdso]
0fe40000-0ffa0000 r-xp 00000000 fd:00 4318106                           
/lib/libc-2.4.90.so
0ffa0000-0ffb0000 r--p 00160000 fd:00 4318106                           
/lib/libc-2.4.90.so
0ffb0000-0ffc0000 rw-p 00170000 fd:00 4318106                           
/lib/libc-2.4.90.so
0ffc0000-0ffe0000 r-xp 00000000 fd:00 4318105                           
/lib/ld-2.4.90.so
0ffe0000-0fff0000 r--p 00010000 fd:00 4318105                           
/lib/ld-2.4.90.so
0fff0000-10000000 rw-p 00020000 fd:00 4318105                           
/lib/ld-2.4.90.so
10000000-10020000 r-xp 00000000 fd:00 8699478                           
/sbin/ethtool
10020000-10030000 rw-p 00010000 fd:00 8699478                           
/sbin/ethtool
fcdd0000-fcf20000 rw-p fcdd0000 00:00 0                                  [stack]
Aborted
[root@galluslp2 ~]# 
Comment 6 IBM Bug Proxy 2006-09-04 23:01:15 EDT
----- Additional Comments From wangzyu@cn.ibm.com  2006-09-04 22:56 EDT -------
  Yes, I got that packages ethtool-5.tar.gz from
http://sourceforge.net/projects/gkernel/ and tested it. It fix this defect. 
Comment 7 Jeff Garzik 2006-09-19 19:20:29 EDT
*** Bug 207205 has been marked as a duplicate of this bug. ***
Comment 8 IBM Bug Proxy 2006-09-20 05:10:58 EDT
----- Additional Comments From wangzyu@cn.ibm.com  2006-09-20 05:05 EDT -------
  RHEL5 Beta1 respin ISOs re-create this defect. fyi:
[root@galluslp1 ~]# rpm -qif `which ethtool`
Name        : ethtool                      Relocations: (not relocatable)
Version     : 3                                 Vendor: Red Hat, Inc.
Release     : 1.2.2                         Build Date: Wed 12 Jul 2006 03:33:52
AM CDT
Install Date: Tue 19 Sep 2006 10:20:29 PM CDT      Build Host:
js20-bc2-10.build.redhat.com
Group       : Applications/System           Source RPM: ethtool-3-1.2.2.src.rpm
Size        : 139027                           License: GPL
Signature   : DSA/SHA1, Thu 24 Aug 2006 09:34:42 PM CDT, Key ID fd372689897da07a
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://sourceforge.net/projects/gkernel/
Summary     : Ethernet settings tool for PCI ethernet cards
Description :
This utility allows querying and changing of ethernet
card settings, such as speed, port, autonegotiation,
and PCI locations.
[root@galluslp1 ~]# 

==========fyi  ===========
[root@galluslp1 ~]# ethtool 12345678901234567
*** buffer overflow detected ***: ethtool terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x68)[0xff47318]
/lib/libc.so.6(__strcpy_chk+0x60)[0xff460d0]
ethtool[0x100040e4]
ethtool[0x10005894]
/lib/libc.so.6[0xfe6124c]
/lib/libc.so.6(__libc_start_main+0x144)[0xfe61474]
======= Memory map: ========
00100000-00120000 r-xp 00100000 00:00 0                                  [vdso]
0fe40000-0ffa0000 r-xp 00000000 fd:00 8079048                           
/lib/libc-2.4.90.so
0ffa0000-0ffb0000 r--p 00160000 fd:00 8079048                           
/lib/libc-2.4.90.so
0ffb0000-0ffc0000 rw-p 00170000 fd:00 8079048                           
/lib/libc-2.4.90.so
0ffc0000-0ffe0000 r-xp 00000000 fd:00 8079047                           
/lib/ld-2.4.90.so
0ffe0000-0fff0000 r--p 00010000 fd:00 8079047                           
/lib/ld-2.4.90.so
0fff0000-10000000 rw-p 00020000 fd:00 8079047                           
/lib/ld-2.4.90.so
10000000-10020000 r-xp 00000000 fd:00 5756110                           
/sbin/ethtool
10020000-10030000 rw-p 00010000 fd:00 5756110                           
/sbin/ethtool
f9b90000-f9ce0000 rw-p f9b90000 00:00 0                                  [stack]
Aborted
[root@galluslp1 ~]# 
Comment 11 IBM Bug Proxy 2006-10-09 03:51:29 EDT
----- Additional Comments From wangzyu@cn.ibm.com  2006-10-09 03:48 EDT -------
  RHEL5 Beta1 0927 ISOs re-create this defect. 
Comment 12 IBM Bug Proxy 2006-10-12 17:16:56 EDT
changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|FIXEDAWAITINGTEST           |TESTED




------- Additional Comments From rosalesa@us.ibm.com (prefers email at rosalesa@austin.ibm.com)  2006-10-12 17:14 EDT -------
Per comment 45:
"Yes, I got that packages ethtool-5.tar.gz from
http://sourceforge.net/projects/gkernel/ and tested it. It fix this defect."

Marking this bug as Tested. 
Comment 13 IBM Bug Proxy 2006-10-12 19:16:44 EDT
changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|TESTED                      |SUBMITTED




------- Additional Comments From rosalesa@us.ibm.com (prefers email at rosalesa@austin.ibm.com)  2006-10-12 17:16 EDT -------
Marking bug as submitted as this is mirrored.  Awaiting confirmation this fix is
included in a rhel5 release before marking as "Accepted" and closing.

-thanks. 
Comment 14 RHEL Product and Program Management 2006-10-13 15:49:09 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux release.  Product Management has requested further review
of this request by Red Hat Engineering.  This request is not yet committed for
inclusion in release.
Comment 15 IBM Bug Proxy 2006-11-01 00:10:46 EST
----- Additional Comments From wangzyu@cn.ibm.com  2006-11-01 00:07 EDT -------
  RHEL5 Beta1 1020 ISOs re-create this defect. 
fyi:
[root@apollolp1 ~]# ethtool 12345678901234567
*** buffer overflow detected ***: ethtool terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x68)[0xff44668]
/lib/libc.so.6(__strcpy_chk+0x60)[0xff43420]
ethtool[0x100040e4]
ethtool[0x10005894]
/lib/libc.so.6[0xfe5dd4c]
/lib/libc.so.6(__libc_start_main+0x144)[0xfe5df74]
======= Memory map: ========
00100000-00120000 r-xp 00100000 00:00 0                                  [vdso]
0fe40000-0ffa0000 r-xp 00000000 fd:00 1339972                           
/lib/libc-2.5.so
0ffa0000-0ffb0000 r--p 00160000 fd:00 1339972                           
/lib/libc-2.5.so
0ffb0000-0ffc0000 rw-p 00170000 fd:00 1339972                           
/lib/libc-2.5.so
0ffc0000-0ffe0000 r-xp 00000000 fd:00 1339971                           
/lib/ld-2.5.so
0ffe0000-0fff0000 r--p 00010000 fd:00 1339971                           
/lib/ld-2.5.so
0fff0000-10000000 rw-p 00020000 fd:00 1339971                           
/lib/ld-2.5.so
10000000-10020000 r-xp 00000000 fd:00 4243412                           
/sbin/ethtool
10020000-10030000 rw-p 00010000 fd:00 4243412                           
/sbin/ethtool
ff210000-ff360000 rw-p ff210000 00:00 0                                  [stack]
Aborted
[root@apollolp1 ~]# rpm -qif `which ethtool`
Name        : ethtool                      Relocations: (not relocatable)
Version     : 3                                 Vendor: Red Hat, Inc.
Release     : 1.2.2                         Build Date: Wed 12 Jul 2006 03:33:52
AM CDT
Install Date: Tue 31 Oct 2006 01:53:57 AM CST      Build Host:
js20-bc2-10.build.redhat.com
Group       : Applications/System           Source RPM: ethtool-3-1.2.2.src.rpm
Size        : 139027                           License: GPL
Signature   : DSA/SHA1, Thu 24 Aug 2006 09:34:42 PM CDT, Key ID fd372689897da07a
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://sourceforge.net/projects/gkernel/
Summary     : Ethernet settings tool for PCI ethernet cards
Description :
This utility allows querying and changing of ethernet
card settings, such as speed, port, autonegotiation,
and PCI locations.
[root@apollolp1 ~]# 
Comment 16 IBM Bug Proxy 2006-11-08 01:57:38 EST
----- Additional Comments From wangzyu@cn.ibm.com  2006-11-08 01:54 EDT -------
  Any updates? Thanks! 
Comment 17 IBM Bug Proxy 2006-11-15 03:30:47 EST
----- Additional Comments From wangzyu@cn.ibm.com  2006-11-15 03:29 EDT -------
  RHEL5 Beta2(build 11.11) re-create this defect. 
fyi:
[root@rulerlp6 ~]# uname -a

Linux rulerlp6.upt.austin.ibm.com 2.6.18-1.2747.el5 #1 SMP Thu Nov 9 19:12:27
EST 2006 ppc64 ppc64 ppc64 GNU/Linux

[root@rulerlp6 ~]# rpm -qif `which ethtool`
Name        : ethtool                      Relocations: (not relocatable)
Version     : 3                                 Vendor: Red Hat, Inc.
Release     : 1.2.2                         Build Date: Wed 12 Jul 2006 04:33:52
AM EDT
Install Date: Tue 14 Nov 2006 10:51:26 PM EST      Build Host:
js20-bc2-10.build.redhat.com
Group       : Applications/System           Source RPM: ethtool-3-1.2.2.src.rpm
Size        : 139027                           License: GPL
Signature   : DSA/SHA1, Thu 24 Aug 2006 10:34:42 PM EDT, Key ID fd372689897da07a
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://sourceforge.net/projects/gkernel/
Summary     : Ethernet settings tool for PCI ethernet cards
Description :
This utility allows querying and changing of ethernet
card settings, such as speed, port, autonegotiation,
and PCI locations.

[root@rulerlp6 ~]# ethtool 1234567890123456
*** buffer overflow detected ***: ethtool terminated
======= Backtrace: =========
/lib/power6/libc.so.6(__chk_fail+0x68)[0xff450e8]
/lib/power6/libc.so.6(__strcpy_chk+0x60)[0xff43ea0]
ethtool[0x100040e4]
ethtool[0x10005894]
/lib/power6/libc.so.6[0xfe5dd8c]
/lib/power6/libc.so.6(__libc_start_main+0x144)[0xfe5dfb4]
======= Memory map: ========
00100000-00120000 r-xp 00100000 00:00 0                                  [vdso]
0fe40000-0ffa0000 r-xp 00000000 08:03 26345928                          
/lib/power6/libc-2.5.so
0ffa0000-0ffb0000 r--p 00160000 08:03 26345928                          
/lib/power6/libc-2.5.so
0ffb0000-0ffc0000 rw-p 00170000 08:03 26345928                          
/lib/power6/libc-2.5.so
0ffc0000-0ffe0000 r-xp 00000000 08:03 26345927                          
/lib/ld-2.5.so
0ffe0000-0fff0000 r--p 00010000 08:03 26345927                          
/lib/ld-2.5.so
0fff0000-10000000 rw-p 00020000 08:03 26345927                          
/lib/ld-2.5.so
10000000-10020000 r-xp 00000000 08:03 31064269                          
/sbin/ethtool
10020000-10030000 rw-p 00010000 08:03 31064269                          
/sbin/ethtool
fb740000-fb890000 rw-p fb740000 00:00 0                                  [stack]
Aborted
[root@rulerlp6 ~]# 
Comment 18 Peter Martuccelli 2006-12-14 10:13:55 EST
Jay, Looks like resolving bug 184985 will fix this issue as well.
Comment 19 Jay Fenlason 2006-12-20 14:17:33 EST
Upgraded ethtool ready for rhel5, should fix this. 
Comment 20 IBM Bug Proxy 2006-12-22 01:05:38 EST
----- Additional Comments From wangzyu@cn.ibm.com  2006-12-22 01:01 EDT -------
  RHEL5 snapshot5(2.6.18-1.2910.el5) fix this defect.
fyi:
[root@floralp2 ~]# uname -a
Linux floralp2.upt.austin.ibm.com 2.6.18-1.2910.el5 #1 SMP Fri Dec 15 22:22:48
EST 2006 ppc64 ppc64 ppc64 GNU/Linux

[root@floralp2 ~]# rpm -qif `which ethtool`
Name        : ethtool                      Relocations: (not relocatable)
Version     : 5                                 Vendor: Red Hat, Inc.
Release     : 1.el5                         Build Date: Thu 14 Dec 2006 03:00:26
PM EST
Install Date: Wed 20 Dec 2006 11:52:10 PM EST      Build Host:
js20-bc1-9.build.redhat.com
Group       : Applications/System           Source RPM: ethtool-5-1.el5.src.rpm
Size        : 149867                           License: GPL
Signature   : DSA/SHA1, Thu 14 Dec 2006 04:30:33 PM EST, Key ID fd372689897da07a
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://sourceforge.net/projects/gkernel/
Summary     : Ethernet settings tool for PCI ethernet cards
Description :
This utility allows querying and changing of ethernet
card settings, such as speed, port, autonegotiation,
and PCI locations.

  After issued "ethtool 1234567890123456", it output help messages:
[root@floralp2 ~]# ethtool 1234567890123456
ethtool version 5
Usage:
ethtool DEVNAME Display standard information about device
        ethtool -s|--change DEVNAME     Change generic options
                [ speed 10|100|1000 ]
...
...
        ethtool -S|--statistics DEVNAME Show adapter statistics
        ethtool -h|--help DEVNAME       Show this help
[root@floralp2 ~]# 
Comment 21 RHEL Product and Program Management 2006-12-22 19:08:16 EST
A package has been built which should help the problem described in 
this bug report. This report is therefore being closed with a resolution 
of CURRENTRELEASE. You may reopen this bug report if the solution does 
not work for you.
Comment 22 IBM Bug Proxy 2006-12-23 15:00:46 EST
changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ACCEPTED                    |CLOSED
             Impact|------                      |Functionality




------- Additional Comments From salina@us.ibm.com  2006-12-23 14:55 EDT -------
closing problem.  Thanks 

Note You need to log in before you can comment on or make changes to this bug.