Bugzilla – Bug 135620
Openmotif 2.2.3-13: buffer overflow detected
Last modified: 2005-12-01 09:06:17 UTC
Some Openmotif programs crashes with buffer overflows in SL 10.0. Okay, Openmofig is buggy, but with prior versions of Suse Linux these programms had run well. Seems that this is related to the GCC 4 and the FORTIFY_SOURCE feature that is now turned on by default within Suse Linux. Test case and OpenMotif SPEC file that fixes the buffer overflow are attached. BTW: I've been told that also some programms from the openmotif-demo rpm crashes with buffer overflow.
Created attachment 58797 [details] test case test program. crashes with: *** buffer overflow detected *** unzip and compile with cc -g -O0 -I/usr/X11R6/include -L/usr/X11R6/lib -lXt -lXm -lMrm -o test_xm test_xm.c LANG="de_DE.ISO8859-1" uil -o test_xm.uid test_xm.uil
Created attachment 58798 [details] workaround modified spec file that compiles openmotif without the FORTIFY_SOURCE options that is now default in Suse Linux. Using this, the test program runs flawlessly.
the solution is not to disable FORTIFY_SOURCE but to debug and fix the buffer overflow :)
Works fine here.
I've tested it on different SL 10.0 systems, and the overflow occurred on all of them. Furthermore, from the openmotif-demo-2.2.3-13 RPMs the programs /usr/X11R6/bin/hellomotif and /usr/X11R6/bin/xmanimate do also crash with buffer overflows (and /usr/X11R6/bin/wsm crashes with segmentatin fault). In the provided test program test_xm the problems seems to be related with reading the test_xm.uid file. The buffer overflow only occur if it is larger than 4095 (>= 4096) bytes. I'm using openmotif-2.2.3-13 glibc-2.3.5-40
Can't reproduce on ppc either. Idb__HDR_GetHeader is never called.
works fine here too, so it is some condition on your side that triggers it. can you supply us a gdb backtrace please?
let secteam track it until we find the problem
The other bugs are already fixed.