diff options
| author | Holger Hoffstätte <holger@applied-asynchrony.com> | 2025-08-04 10:12:25 +0200 |
|---|---|---|
| committer | Sam James <sam@gentoo.org> | 2025-08-04 23:15:56 +0100 |
| commit | d4fb521d829cf0c52a01f9488054de6dde86c972 (patch) | |
| tree | 14cbdaff627490900a3790fe529124d2c4a4adb2 /dev-debug/sysdig/files/libs-0.20.0-fix-buffer-overrun-reading-sockets-from-procfs.patch | |
| parent | 2c76b49f5755837d01023486052d9651be0daabd (diff) | |
| download | gentoo-d4fb521d829cf0c52a01f9488054de6dde86c972.tar.gz gentoo-d4fb521d829cf0c52a01f9488054de6dde86c972.tar.bz2 gentoo-d4fb521d829cf0c52a01f9488054de6dde86c972.zip | |
dev-debug/sysdig: fix runtime failures with glibc-2.42
glibc-2.42 added __inet_ntop_chk fortification, which started to fail:
*** buffer overflow detected ***: terminated
Program received signal SIGABRT, Aborted.
0x00007ffff629b0dc in __pthread_kill_implementation () from /lib64/libc.so.6
(gdb) bt
#0 in __pthread_kill_implementation () from /lib64/libc.so.6
#1 in raise () from /lib64/libc.so.6
#2 in abort () from /lib64/libc.so.6
#3 in __libc_message_impl.cold () from /lib64/libc.so.6
#4 in __fortify_fail () from /lib64/libc.so.6
#5 in __chk_fail () from /lib64/libc.so.6
#6 in __inet_ntop_chk () from /lib64/libc.so.6
#7 in inet_ntop (..) at /usr/include/bits/inet-fortified.h>
#8 ipv6tuple_to_string[abi:cxx11](ipv6tuple*, bool) (..)
Use INET6_ADDRSTRLEN as destination buffer size.
Also add a minor build system fix and ebuild cleanups.
Revbump directly to stable since this has always been an issue and
should be fixed even with glibc <2.42.
Closes: https://bugs.gentoo.org/961046
Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com>
Part-of: https://github.com/gentoo/gentoo/pull/43311
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'dev-debug/sysdig/files/libs-0.20.0-fix-buffer-overrun-reading-sockets-from-procfs.patch')
| -rw-r--r-- | dev-debug/sysdig/files/libs-0.20.0-fix-buffer-overrun-reading-sockets-from-procfs.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/dev-debug/sysdig/files/libs-0.20.0-fix-buffer-overrun-reading-sockets-from-procfs.patch b/dev-debug/sysdig/files/libs-0.20.0-fix-buffer-overrun-reading-sockets-from-procfs.patch new file mode 100644 index 000000000000..238cd12ac540 --- /dev/null +++ b/dev-debug/sysdig/files/libs-0.20.0-fix-buffer-overrun-reading-sockets-from-procfs.patch @@ -0,0 +1,35 @@ +Patch from: +https://github.com/falcosecurity/libs/commit/de3f4cac9233682eae63c63377c82efb649679f5 + +From de3f4cac9233682eae63c63377c82efb649679f5 Mon Sep 17 00:00:00 2001 +From: Shane Lawrence <shane@lawrence.dev> +Date: Thu, 20 Feb 2025 14:55:41 +0000 +Subject: [PATCH] Fix buffer overrun reading sockets from procfs. + +Signed-off-by: Shane Lawrence <shane@lawrence.dev> +--- + userspace/libscap/linux/scap_fds.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/userspace/libscap/linux/scap_fds.c b/userspace/libscap/linux/scap_fds.c +index f98ac3f32f..73e99ca428 100644 +--- a/userspace/libscap/linux/scap_fds.c ++++ b/userspace/libscap/linux/scap_fds.c +@@ -766,7 +766,7 @@ int32_t scap_fd_read_ipv4_sockets_from_proc_fs(const char *dir, + break; + } + +- while(*scan_pos == ' ' && scan_pos < scan_end) { ++ while(scan_pos < scan_end && *scan_pos == ' ') { + scan_pos++; + } + +@@ -974,7 +974,7 @@ int32_t scap_fd_read_ipv6_sockets_from_proc_fs(char *dir, + break; + } + +- while(*scan_pos == ' ' && scan_pos < scan_end) { ++ while(scan_pos < scan_end && *scan_pos == ' ') { + scan_pos++; + } + |