Buffer overflow detected by REDZONE with linuxulator

Alexander Leidinger Alexander at Leidinger.net
Tue Sep 15 09:08:18 UTC 2009 

Quoting Alexander Best <alexbestms at math.uni-muenster.de> (from Wed, 09  
Sep 2009 19:01:31 +0200 (CEST)):

> hi there,

CCing emulation@, this is better suited there. Full quote for the  
benefit of the emulation@ readers. Please drop hackers@ on reply.  
Thanks.

> i've installed emulators/linux_dist-gentoo-stage3 and grabbed a snapshot from
> the ltp git repository (http://ltp.sourceforge.net/). as expected some tests
> failed because i'm using compat.linux.osrelease: 2.6.16 which is  
> still missing
> a few linux syscalls, ipcs and ioctls.

Are you interested to help update the corresponding FreeBSD wiki page?  
If yes, register there and we can hand out write access.

> however i also noticed REDZONE reporting buffer overflows. i'm only  
> a user and
> not a developer so i don't know if the ltp is to be blamed or if the problem
> lies within the linuxulator.

Probably the later...

> i'm running 9.0-CURRENT (r196879). as i mentioned before i'm using 2.6 linux
> kernel emulation. here are the buffer overflow reports:

Is your system running in 32bit or 64bit mode? Do you know which  
ltp-tests cause those messages to appear?

Bye,
Alexander.

> Sep  9 14:12:42 otaku kernel: REDZONE: Buffer overflow detected. 9 bytes
> corrupted after 0xcc28c483 (3 bytes allocated).
> Sep  9 14:12:42 otaku kernel: Allocation backtrace:
> Sep  9 14:12:42 otaku kernel: #0 0xc0709aaa at redzone_setup+0x3a
> Sep  9 14:12:42 otaku kernel: #1 0xc05bc673 at malloc+0x1c3
> Sep  9 14:12:42 otaku kernel: #2 0xc07428b8 at linux_getsockaddr+0x48
> Sep  9 14:12:42 otaku kernel: #3 0xc0742eb8 at linux_socketcall+0x178
> Sep  9 14:12:42 otaku kernel: #4 0xc0772f56 at syscall+0x2a6
> Sep  9 14:12:42 otaku kernel: #5 0xc07568b0 at Xint0x80_syscall+0x20
> Sep  9 14:12:42 otaku kernel: Free backtrace:
> Sep  9 14:12:42 otaku kernel: #0 0xc0709a3a at redzone_check+0x17a
> Sep  9 14:12:42 otaku kernel: #1 0xc05bc32d at free+0x5d
> Sep  9 14:12:42 otaku kernel: #2 0xc0742ef0 at linux_socketcall+0x1b0
> Sep  9 14:12:42 otaku kernel: #3 0xc0772f56 at syscall+0x2a6
> Sep  9 14:12:42 otaku kernel: #4 0xc07568b0 at Xint0x80_syscall+0x20
> Sep  9 14:20:08 otaku kernel: REDZONE: Buffer overflow detected. 4 bytes
> corrupted after 0xcc2538ea (106 bytes allocated).
> Sep  9 14:20:08 otaku kernel: Allocation backtrace:
> Sep  9 14:20:08 otaku kernel: #0 0xc0709aaa at redzone_setup+0x3a
> Sep  9 14:20:08 otaku kernel: #1 0xc05bc673 at malloc+0x1c3
> Sep  9 14:20:08 otaku kernel: #2 0xc063a902 at unp_connect+0x162
> Sep  9 14:20:08 otaku kernel: #3 0xc063d6c9 at uipc_connect+0x49
> Sep  9 14:20:08 otaku kernel: #4 0xc062fde2 at soconnect+0x52
> Sep  9 14:20:08 otaku kernel: #5 0xc0638eb6 at kern_connect+0x96
> Sep  9 14:20:08 otaku kernel: #6 0xc0742c7b at linux_connect+0x3b
> Sep  9 14:20:08 otaku kernel: #7 0xc0742f22 at linux_socketcall+0x1e2
> Sep  9 14:20:08 otaku kernel: #8 0xc0772f56 at syscall+0x2a6
> Sep  9 14:20:08 otaku kernel: #9 0xc07568b0 at Xint0x80_syscall+0x20
> Sep  9 14:20:08 otaku kernel: Free backtrace:
> Sep  9 14:20:08 otaku kernel: #0 0xc0709a3a at redzone_check+0x17a
> Sep  9 14:20:08 otaku kernel: #1 0xc05bc32d at free+0x5d
> Sep  9 14:20:08 otaku kernel: #2 0xc063bfb2 at uipc_detach+0x242
> Sep  9 14:20:08 otaku kernel: #3 0xc0632a7e at sofree+0x22e
> Sep  9 14:20:08 otaku kernel: #4 0xc0632f26 at soclose+0x386
> Sep  9 14:20:08 otaku kernel: #5 0xc0617c49 at soo_close+0x29
> Sep  9 14:20:08 otaku kernel: #6 0xc0598b13 at _fdrop+0x43
> Sep  9 14:20:08 otaku kernel: #7 0xc059ab90 at closef+0x290
> Sep  9 14:20:08 otaku kernel: #8 0xc059af22 at kern_close+0x102
> Sep  9 14:20:08 otaku kernel: #9 0xc059b09a at close+0x1a
> Sep  9 14:20:08 otaku kernel: #10 0xc0772f56 at syscall+0x2a6
> Sep  9 14:20:08 otaku kernel: #11 0xc07568b0 at Xint0x80_syscall+0x20
> Sep  9 14:20:09 otaku kernel: REDZONE: Buffer overflow detected. 4 bytes
> corrupted after 0xccc653ea (106 bytes allocated).
> Sep  9 14:20:09 otaku kernel: Allocation backtrace:
> Sep  9 14:20:09 otaku kernel: #0 0xc0709aaa at redzone_setup+0x3a
> Sep  9 14:20:09 otaku kernel: #1 0xc05bc673 at malloc+0x1c3
> Sep  9 14:20:09 otaku kernel: #2 0xc063a902 at unp_connect+0x162
> Sep  9 14:20:09 otaku kernel: #3 0xc063d6c9 at uipc_connect+0x49
> Sep  9 14:20:09 otaku kernel: #4 0xc062fde2 at soconnect+0x52
> Sep  9 14:20:09 otaku kernel: #5 0xc0638eb6 at kern_connect+0x96
> Sep  9 14:20:09 otaku kernel: #6 0xc0742c7b at linux_connect+0x3b
> Sep  9 14:20:09 otaku kernel: #7 0xc0742f22 at linux_socketcall+0x1e2
> Sep  9 14:20:09 otaku kernel: #8 0xc0772f56 at syscall+0x2a6
> Sep  9 14:20:09 otaku kernel: #9 0xc07568b0 at Xint0x80_syscall+0x20
> Sep  9 14:20:09 otaku kernel: Free backtrace:
> Sep  9 14:20:09 otaku kernel: #0 0xc0709a3a at redzone_check+0x17a
> Sep  9 14:20:09 otaku kernel: #1 0xc05bc32d at free+0x5d
> Sep  9 14:20:09 otaku kernel: #2 0xc063bfb2 at uipc_detach+0x242
> Sep  9 14:20:09 otaku kernel: #3 0xc0632a7e at sofree+0x22e
> Sep  9 14:20:09 otaku kernel: #4 0xc0632f26 at soclose+0x386
> Sep  9 14:20:09 otaku kernel: #5 0xc0617c49 at soo_close+0x29
> Sep  9 14:20:09 otaku kernel: #6 0xc0598b13 at _fdrop+0x43
> Sep  9 14:20:09 otaku kernel: #7 0xc059ab90 at closef+0x290
> Sep  9 14:20:09 otaku kernel: #8 0xc059af22 at kern_close+0x102
> Sep  9 14:20:09 otaku kernel: #9 0xc059b09a at close+0x1a
> Sep  9 14:20:09 otaku kernel: #10 0xc0772f56 at syscall+0x2a6
> Sep  9 14:20:09 otaku kernel: #11 0xc07568b0 at Xint0x80_syscall+0x20
> Sep  9 14:20:09 otaku kernel: REDZONE: Buffer overflow detected. 4 bytes
> corrupted after 0xcf45a9ea (106 bytes allocated).
> Sep  9 14:20:09 otaku kernel: Allocation backtrace:
> Sep  9 14:20:09 otaku kernel: #0 0xc0709aaa at redzone_setup+0x3a
> Sep  9 14:20:09 otaku kernel: #1 0xc05bc673 at malloc+0x1c3
> Sep  9 14:20:09 otaku kernel: #2 0xc063a902 at unp_connect+0x162
> Sep  9 14:20:09 otaku kernel: #3 0xc063d6c9 at uipc_connect+0x49
> Sep  9 14:20:09 otaku kernel: #4 0xc062fde2 at soconnect+0x52
> Sep  9 14:20:09 otaku kernel: #5 0xc0638eb6 at kern_connect+0x96
> Sep  9 14:20:09 otaku kernel: #6 0xc0742c7b at linux_connect+0x3b
> Sep  9 14:20:09 otaku kernel: #7 0xc0742f22 at linux_socketcall+0x1e2
> Sep  9 14:20:09 otaku kernel: #8 0xc0772f56 at syscall+0x2a6
> Sep  9 14:20:09 otaku kernel: #9 0xc07568b0 at Xint0x80_syscall+0x20
> Sep  9 14:20:09 otaku kernel: Free backtrace:
> Sep  9 14:20:09 otaku kernel: #0 0xc0709a3a at redzone_check+0x17a
> Sep  9 14:20:09 otaku kernel: #1 0xc05bc32d at free+0x5d
> Sep  9 14:20:09 otaku kernel: #2 0xc063bfb2 at uipc_detach+0x242
> Sep  9 14:20:09 otaku kernel: #3 0xc0632a7e at sofree+0x22e
> Sep  9 14:20:09 otaku kernel: #4 0xc0632f26 at soclose+0x386
> Sep  9 14:20:09 otaku kernel: #5 0xc0617c49 at soo_close+0x29
> Sep  9 14:20:09 otaku kernel: #6 0xc0598b13 at _fdrop+0x43
> Sep  9 14:20:09 otaku kernel: #7 0xc059ab90 at closef+0x290
> Sep  9 14:20:09 otaku kernel: #8 0xc059b55a at fdfree+0x3ea
> Sep  9 14:20:09 otaku kernel: #9 0xc05a57b3 at exit1+0x513
> Sep  9 14:20:09 otaku kernel: #10 0xc05d17f4 at sigexit+0xa14
> Sep  9 14:20:09 otaku kernel: #11 0xc05d19fd at postsig+0x1dd
> Sep  9 14:20:09 otaku kernel: #12 0xc0608fca at ast+0x35a
> Sep  9 14:20:09 otaku kernel: #13 0xc0757174 at doreti_ast+0x17
>
> cheers.
> alex

-- 
Fifth Law of Procrastination:
	Procrastination avoids boredom; one never has the feeling that
there is nothing important to do.

http://www.Leidinger.net    Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org       netchild @ FreeBSD.org  : PGP ID = 72077137

More information about the freebsd-hackers mailing list