RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 611402 - star still broken for files of 100-character names
Summary: star still broken for files of 100-character names
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: star
Version: 6.0
Hardware: All
OS: Linux
low
medium
Target Milestone: rc
: ---
Assignee: Ondrej Vasik
QA Contact: Petr Sklenar
URL:
Whiteboard:
: 635559 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-07-05 06:30 UTC by Lubomir Rintel
Modified: 2011-07-13 08:38 UTC (History)
4 users (show)

Fixed In Version: star-1.5-10.el6
Doc Type: Bug Fix
Doc Text:
Under certain circumstances, the star utility could have terminated unexpectedly with a segmentation fault when used with a file which name was exactly 100 characters long. This segmentation fault has been fixed in this update and no longer occurs.
Clone Of:
Environment:
Last Closed: 2011-07-13 08:38:19 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:0932 0 normal SHIPPED_LIVE star bug fix update 2011-07-13 08:38:15 UTC

Description Lubomir Rintel 2010-07-05 06:30:51 UTC 
Consider this reproducer:

F=x/"Is there a single line of documentation without unnecessary insults shipped with Schilly's software?"
# man, that needs to be a mean guy
mkdir -p "$(dirname "$F")"
touch "$F"
rm -f lal.tar
star cf lal.tar "$F"

It appears to have the patch for the issue applied (I can not access the original bug report given it's private):

[liveuser@localhost ~]$ rpm -qi star
Name        : star                         Relocations: (not relocatable)
Version     : 1.5                               Vendor: Red Hat, Inc.
Release     : 9.el6                         Build Date: Thu 04 Feb 2010 12:50:54 PM CET
Install Date: Mon 05 Jul 2010 08:21:53 AM CEST      Build Host: hs20-bc2-5.build.redhat.com
Group       : Applications/Archiving        Source RPM: star-1.5-9.el6.src.rpm
Size        : 901662                           License: CDDL
Signature   : RSA/8, Tue 20 Apr 2010 07:59:46 PM CEST, Key ID 938a80caf21541eb
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://cdrecord.berlios.de/old/private/star.html
Summary     : An archiving tool with ACL support
Description :
Star saves many files together into a single tape or disk archive,
and can restore individual files from the archive. Star supports ACL.
[liveuser@localhost ~]$ rpm -q --changelog star |head
* Wed Feb 03 2010 Ondrej Vasik <ovasik> 1.5-9
- fix buffer overflow for files with names of length
  100 chars(#561503)

* Thu Aug 27 2009 Ondrej Vasik <ovasik> 1.5-8
- provide symlinked manpage for ustar

* Thu Aug 27 2009 Ondrej Vasik <ovasik> 1.5-7
- Merge review (#226434) changes: convert AN-1.5 to utf-8,
  spec file cosmetic/policy changes, ship README.linux in doc
[liveuser@localhost ~]$ 

Still, running it against that package results in an overflow:

[liveuser@localhost ~]$ sh repr.sh 
*** buffer overflow detected ***: star terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x4d)[0x94c2dd]
/lib/libc.so.6[0x94a30a]
/lib/libc.so.6(__strcpy_chk+0x44)[0x9495e4]
star[0x806e03d]
star[0x805d934]
star[0x805eacf]
star[0x804c171]
star[0x804ec2b]
/lib/libc.so.6(__libc_start_main+0xe6)[0x86acc6]
star[0x804a091]
======= Memory map: ========
006fd000-0071a000 r-xp 00000000 fd:02 66363      /lib/libgcc_s-4.4.4-20100525.so.1
0071a000-0071b000 rw-p 0001d000 fd:02 66363      /lib/libgcc_s-4.4.4-20100525.so.1
00825000-00829000 r-xp 00000000 fd:02 66377      /lib/libattr.so.1.1.0
00829000-0082a000 rw-p 00003000 fd:02 66377      /lib/libattr.so.1.1.0
0082e000-0084c000 r-xp 00000000 fd:02 66342      /lib/ld-2.12.so
0084c000-0084d000 r--p 0001d000 fd:02 66342      /lib/ld-2.12.so
0084d000-0084e000 rw-p 0001e000 fd:02 66342      /lib/ld-2.12.so
00854000-009d9000 r-xp 00000000 fd:02 66343      /lib/libc-2.12.so
009d9000-009da000 ---p 00185000 fd:02 66343      /lib/libc-2.12.so
009da000-009dc000 r--p 00185000 fd:02 66343      /lib/libc-2.12.so
009dc000-009dd000 rw-p 00187000 fd:02 66343      /lib/libc-2.12.so
009dd000-009e0000 rw-p 00000000 00:00 0 
009e7000-009e8000 r-xp 00000000 00:00 0          [vdso]
009ff000-00a02000 r-xp 00000000 fd:02 66352      /lib/libdl-2.12.so
00a02000-00a03000 r--p 00002000 fd:02 66352      /lib/libdl-2.12.so
00a03000-00a04000 rw-p 00003000 fd:02 66352      /lib/libdl-2.12.so
00b3d000-00b5a000 r-xp 00000000 fd:02 66355      /lib/libselinux.so.1
00b5a000-00b5b000 r--p 0001c000 fd:02 66355      /lib/libselinux.so.1
00b5b000-00b5c000 rw-p 0001d000 fd:02 66355      /lib/libselinux.so.1
03700000-03707000 r-xp 00000000 fd:02 66382      /lib/libacl.so.1.1.0
03707000-03708000 rw-p 00006000 fd:02 66382      /lib/libacl.so.1.1.0
08048000-08095000 r-xp 00000000 fd:02 156778     /usr/bin/star
08095000-08097000 rw-p 0004d000 fd:02 156778     /usr/bin/star
08097000-080ae000 rw-p 00000000 00:00 0 
08ed3000-08ef4000 rw-p 00000000 00:00 0          [heap]
b6ff7000-b77fd000 rw-s 00000000 00:04 156346     /dev/zero (deleted)
b77fd000-b77ff000 rw-p 00000000 00:00 0 
b780d000-b780e000 rw-p 00000000 00:00 0 
bfb60000-bfb75000 rw-p 00000000 00:00 0          [stack]
repr.sh: line 6: 31172 Aborted                 star cf lal.tar "$F"

Consequently, rebuilding the package from source that's at ftp.redhat.com fixes the problem.

I can't really tell what went wrong since I can not have at the look at the build logs, but you'll hopefully figure.
Comment 2 Ondrej Vasik 2010-07-08 17:39:10 UTC 
Thanks for report, it's strange... will check that...
Comment 3 Ondrej Vasik 2010-07-12 12:59:57 UTC 
Rebuilding the package on RHEL-6 beta2 i686 doesn't solve the issue for me, the same for rebuilding in latest RHEL-6 trees in brew build system. Will check what's wrong - maybe you recompiled that on Fedora and the toolchain was different.
Comment 4 Lubomir Rintel 2010-07-12 13:27:50 UTC 
Ondrej, I was rebuilding on a RHEL 6 Beta 2 system.

However, it had a yum-priority plugin installed and fedora repositories with priority lower than one of RHEL repositories installed. I'm quite sure nothing from from Fedora replaced a RHEL package, however I had extra packages from Fedora installed. I'm not sure how could it cause my build to be correct (maybe I had some macros in .rpmfc that messed up optflags or something), however I'm glad that you could reproduce the issue more easily than me :)
Comment 6 Suzanne Logcher 2011-02-15 21:39:42 UTC 
This issue was proposed for RHEL 6.1 FasTrack but did not get resolved in time.
It has been moved to RHEL 6.2 FasTrack.
Comment 8 Suzanne Logcher 2011-02-15 22:03:16 UTC 
This issue was proposed for RHEL 6.1 FasTrack but did not get resolved in time.
It has been moved to RHEL 6.2 FasTrack.
Comment 11 Ondrej Vasik 2011-06-03 10:30:39 UTC 
*** Bug 635559 has been marked as a duplicate of this bug. ***
Comment 14 Petr Kovar 2011-06-28 13:42:03 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Under certain circumstances, the star utility could have terminated unexpectedly with a segmentation fault when used with a file which name was exactly 100 characters long. This segmentation fault has been fixed in this update and no longer occurs.
Comment 17 errata-xmlrpc 2011-07-13 08:38:19 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0932.html
Note You need to log in before you can comment on or make changes to this bug.