[pkg-firebird-general] firebird 2.1 compiled without stack protector, so UDF dlopen failed

marius adrian popa mapopa at gmail.com
Thu May 7 22:33:44 UTC 2009


On Thu, May 7, 2009 at 10:23 PM, Damyan Ivanov <dmn at debian.org> wrote:
> -=| marius adrian popa, Thu, May 07, 2009 at 12:39:17PM -0400 |=-
>> interesting bug , maybe firebird should default to stack protector ?
>> or at least it should be a notice for UDF users and writers
>>
>> https://bugs.edge.launchpad.net/ubuntu/+source/firebird2.1/+bug/363694
>
> Here's a typical compilation line from mips build logs:
>  g++ -g -O2 -DTERMINATE_IDLE_LOCK_MANAGER -Werror=write-strings
>  -I../src/include/gen -I../src/include -I../src/vulcan
>  -DNAMESPACE=Vulcan -DNDEBUG -ggdb -DFB_SEND_FLAGS=MSG_NOSIGNAL
>  -DLINUX -pipe -MMD -fPIC -fmessage-length=0 -O3 -march=i486
>  -mtune=i686 -fno-omit-frame-pointer -DPROD_BUILD -c
>  ../src/common/classes/locks.cpp -o
>  ../temp/std/common/classes/locks.o
>
> No -fno-stack-protector there.

" It turns out that Ubuntu and Debian differ in their implementation
in terms of using stack protection when building software. Debian’s
default is “Do not use stack protection.” Ubuntu’s maintainers decided
that stack protection was better even if things wouldn’t be completely
compatible with Debian."

http://www.research.ibm.com/trl/projects/security/ssp/
http://gcc.gnu.org/ml/gcc-patches/2005-05/msg01193.html
http://en.wikipedia.org/wiki/Stack-smashing_protection

>
> --
> dam
>
> _______________________________________________
> pkg-firebird-general mailing list
> pkg-firebird-general at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-firebird-general
>



More information about the pkg-firebird-general mailing list