This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 519766 - (nss) FORTIFY_SOURCE buffer overflows and other issues in test suite
(nss) FORTIFY_SOURCE buffer overflows and other issues in test suite
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: nss (Show other bugs)
rawhide
All Linux
low Severity medium
: ---
: ---
Assigned To: Elio Maldonado Batiz
Fedora Extras Quality Assurance
: Reopened
Depends On:
Blocks: F12Blocker/F12FinalBlocker
  Show dependency treegraph
 
Reported: 2009-08-27 14:26 EDT by Warren Togami
Modified: 2013-01-10 00:26 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-10-21 18:44:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Warren Togami 2009-08-27 14:26:37 EDT
http://koji.fedoraproject.org/koji/taskinfo?taskID=1639120
nss-3.12.3.99.3-19.fc12

1) These build logs are showing multiple problems during the test suite.  ppc and ppc64 are showing glibc FORTIFY_SOURCE runtime errors due to something wrong with how it is using strcpy().  i386 and x86_64 are not showing this particular problem.

2) Note the "command not found", missing utilities in BuildRequires?

3) Do they tests rely on the network or try to access anything via the network?  If so then the tests must be disabled, or those parts of the tests must be disabled during package build.  Network access is forbidden during buildtime on the buildsystem.

PROBLEM WITH THE CERT CHAIN:
CERT 3. Root [Certificate Authority]:
  ERROR -8180: Peer's Certificate has been revoked.
Returned value is 1, expected result is fail
chains.sh: #3375: Revocation: Verifying certificate(s)  EE21CA2.der with flags  -g chain -m crl -d AllDB    -t Root.der - PASSED
./chains.sh: line 728: ping: command not found
OCSP server not accessible, skipping OCSP tests
TIMESTAMP chains END: Thu Aug 27 13:51:09 EDT 2009
chains.sh: Testing with upgraded library ===============================
cp: cannot stat `/builddir/build/BUILD/nss-3.12.3.99.3/mozilla/tests_results/security/localhost.1/eccurves': No such file or directory
cp: cannot stat `/builddir/build/BUILD/nss-3.12.3.99.3/mozilla/tests_results/security/localhost.1/cert.done': No such file or directory
Running tests for dbupgrade
TIMESTAMP dbupgrade BEGIN: Thu Aug 27 13:51:09 EDT 2009
dbupgrade.sh: DB upgrade tests ===============================
Reset databases to their initial values:
Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI
FIPS_PUB_140_Test_Certificate                                Cu,Cu,Cu
dbupgrade.sh: Legacy to shared Library update ===============================
alicedir
upgrading db alicedir
*** buffer overflow detected ***: /builddir/build/BUILD/nss-3.12.3.99.3/mozilla/dist/Linux2.6_ppc_glibc_PTH_64_OPT.OBJ/bin/certutil terminated
Comment 1 Rex Dieter 2009-08-28 11:18:43 EDT
nss-3.12.3.99.3-24.fc12 
http://koji.fedoraproject.org/koji/buildinfo?buildID=129665

seems happy now.
Comment 2 Elio Maldonado Batiz 2009-08-31 20:55:37 EDT
(In reply to comment #1) Happy because the tests weren't run.
Comment 3 Elio Maldonado Batiz 2009-08-31 21:25:03 EDT
A build fix with all tests passing in all platforms can be seen in
Task info: http://koji.fedoraproject.org/koji/taskinfo?taskID=1647031

Fix is in for nss-3_12_3_99_3-30_fc12
http://koji.fedoraproject.org/koji/buildinfo?buildID=13006
Comment 4 Jesse Keating 2009-10-21 18:44:29 EDT
This is in rawhide/F12.

Note You need to log in before you can comment on or make changes to this bug.