[OpenAFS] Buffer overflow on Mac OS X 10.9.2 Mavericks
Frederick Luehring
luehring@indiana.edu
Mon, 21 Apr 2014 11:12:22 -0400
Hi Everyone,
Since there has been certain amount of excitement about the consequences
of buffer overflows in recent days, I would like to point a possible problem I
discovered when following the instructions to compile open afs on Mac OS X. I
guess you know of this but just in case, if follow the instructions at:
http://www.openafs.org/macos.html
it sets the enable-checking flag which almost immediately finds:
gcc -Os -I/Users/luehring/openafs-1.6.6/src/config
-I/Users/luehring/openafs-1.6.6/include -I. -I. -Os -Wall
-Wstrict-prototypes -Wold-style-definition -Wpointer-arith -Wall
-Wstrict-prototypes -Wold-style-definition -Werror -fdiagnostics-show-option
-Wpointer-arith -arch i386 -arch x86_64 -c cmd.c
cmd.c:46:30: error: the value of the size argument in 'strncat' is too large,
might lead to a buffer overflow [-Werror,-Wstrncat-size]
strncat(tbuffer, a2, sizeof(tbuffer));
^~~~~~~~~~~~~~~
cmd.c:46:30: note: change the argument to be the free space in the destination
buffer minus the terminating null byte
strncat(tbuffer, a2, sizeof(tbuffer));
^~~~~~~~~~~~~~~
sizeof(tbuffer) - strlen(tbuffer) - 1
1 error generated.
make[3]: *** [cmd.o] Error 1
make[2]: *** [cmd] Error 2
make[1]: *** [build] Error 2
make: *** [all] Error 2
Those instructions also set "--with-krb5-conf=/usr/bin/krb5-config" which
seems to be unrecognized. I guess this is because kerberos version 4 is
completely dead and the flag is no longer needed.
Fred
--
Fred Luehring Indiana U. HEP mailto:luehring@indiana.edu +1 812 855 1025 IU
http://cern.ch/Fred.Luehring mailto:Fred.Luehring@cern.ch +41 22 767 1166 CERN
http://cern.ch/Fred.Luehring/Luehring_pub.asc +1 812 391 0225 GSM