New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crash on start of samterm with hardening #24
Comments
Ok, it's not the same address that is sent, I misread that. |
More debugging: (gdb) p &cmd So something truncates this pointer. |
outvlong generates a buf with "\270\311_VUU\000", For some reason USE64BITS isn't passed to sam, so sizeof ulong == 4 for sam on 64-bit! |
I think all files that load u.h should load config.h before? |
After fixing the sizeof, it crashes dereferencing nw->user1 which is 0... Since user1 is only set in flnew, it should be set after... but it isn't? In flnew, l is correct: (gdb) p *l After, cmd.l[0] is off? $12 = {bg = 16777215, f = {bg = 0, font = 0x0, b = 0x0, r = {min = {x = 0, ... gah this is because the two C files don't use the same sizes. |
A clean rebuild where I force ulong to uint64_t seems to work. The setting from config.h is currently broken. |
Hey @chneukirchen, thank you for debugging this. What compiler flags are you using? Something like this?
? |
Without |
This is on Linux btw. |
Please try putting a
in include/u.h That should fix it, I think? |
Yes, that fixes it. I was not sure a mere "../" works, but it looks like it. BTW, some warnings came up which you really should investigate:
|
Hey @chneukirchen sam compiles without warnings now, and I've believe it also compiles more-or-less correctly with the hardening flags above. Also, I'm working on replacing the complex buffer management code with a much simpler mechanism that is also agnostic about USE64BITS. When that's ready to be put into master, I'm going to modify all of the outT* functions to always treat "l" as 64-bit, "s" as 16-bit, and so on. With that change, there won't be any further need of the USE64BITS setting. Anyway, I'm going to close this bug now, since I think it's fixed. If not, please reopen it. Thanks! |
I built sam/samterm with stack protector, PIE and fortify_source, and it segfaults at the Hbindname message now:
It seems PIE is at fault here, which shuffles the addresses in the new samterm process(?)... is this code really passing pointers to global variables via a pipe? In a non-PIE build, text[i] is
cmd
, but not sure where that is defined really.The text was updated successfully, but these errors were encountered: