/lib/security/pam_otpw.so: undefined symbol: __stack_chk_fail_local

Thank you for reporting this bug. Please add your ubuntu version.

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=8.04
DISTRIB_CODENAME=hardy
DISTRIB_DESCRIPTION="Ubuntu 8.04"

% dpkg -s libpam-otpw
Package: libpam-otpw
Status: install ok installed
Priority: optional
Section: libs
Installed-Size: 116
Maintainer: Ubuntu MOTU Developers <email address hidden>
Architecture: i386
Source: otpw
Version: 1.3-2
Depends: libc6 (>= 2.6.1-1), libpam0g (>= 0.99.7.1)
Recommends: otpw-bin
Description: Use OTPW for PAM authentication
 OTPW is a one-time password system which is robust against
 the password list being stolen and race for the last digit
 attacks.
 .
 This package contains the PAM library to use OTPW in any
 program which uses PAM.
Original-Maintainer: Matthew Johnson <email address hidden>

Same problem here. Is there any workaround/solution yet.

Its a problem with the stack-protector. As a workaround one can add -fno-stack-protector to the gcc-options at compiletime. Without it the Package is unusable.

--- old/otpw-1.3/debian/rules 2008-10-04 23:30:01.000000000 +0200
+++ new/otpw-1.3/debian/rules 2008-10-04 23:27:48.000000000 +0200
@@ -32,7 +32,7 @@
  dh_testdir

  # Add here commands to compile the package.
- $(MAKE) CFLAGS="-fPIC -O -ggdb -W -Wall" otpw-gen pam_otpw.so
+ $(MAKE) CFLAGS="-fPIC -O -ggdb -W -Wall -fno-stack-protector" otpw-gen pam_otpw.so
  ar r libotpw.a md.o otpw-l.o pam_otpw.o rmd160.o
  ranlib libotpw.a

Thank you Konstantin!

It works!

How important is that stack-protector? After all this is a security package... ;-)

BR,
Yavor

The SSP is there to make it harder to exploit buffer overflows. As long as
otpw doesn't have any bugs with bufferoverflows one doesn't need it at all.
Ubuntu once decided to enable SSP by default and for most programs that's not
a problem. However some do break, so one has to do it the "old fashioned" way
without SSP.

Konstantin

Still broken in 10.04 alpha 1.

It sounds like we just need some corrected build options, can somebody with commit rights look into this?

Still doesn't seem to be fixed unfortunately! 10.04.1

Hey guys !

I am having the same issue on Ubuntu 10.04 LTS. I think Charlie Dyson also commented that the issue is not resolved yet and I am not even able to make the code run after adding the -fno-stack-protector option.

My Platform details:
OS: Ubuntu 10.04.1 LTS, 32-bit.
compiler: gcc-4.3 and g++-4.3
Purpose: I am trying to compile a piece of neural CSIM code available at http://www.lsm.tugraz.at/download/index.html on my machine. This code requires the MATLAB utility mex to be installed correctly on your machine, which I have. I changed the options file (lsm/csim/src/csim_mex72_opts.sh) to include the -fno-stack-protector option.

As recommended in this page, I changed the CFLAGS option from:
CFLAGS='-fPIC -ansi -D_GNU_SOURCE -pthread -fexceptions -m32'

to:
CFLAGS='-fPIC -ansi -D_GNU_SOURCE -pthread -fexceptions -m32 -fno-stack-protector'

and I am still getting the error:

/home/pbhat/Downloads/lsm/csim/csim.mexglx: undefined symbol:
__stack_chk_fail_local.

Can somebody guide me as to what I should be doing to resolve this please....

On Thu, 2011-03-10 at 17:38 +0000, Priya Bhat wrote:
> compiler: gcc-4.3 and g++-4.3
> This code requires the MATLAB utility mex

Matlab only supports gcc 4.2. You have to install an older version of
the compiler. The 4.2 in Ubuntu works with Matlab.

hi Konstantin, and every one!

Are you sure about the gcc version? I am using MATLAB R2010b on Linux Ubuntu 10.04.1 and according to this (http://www.mathworks.com/support/compilers/R2010b/linux.html) the currently supported version of gcc/g++ is 4.3.x.

Anyway, I did try to compile the gcc/g++ 4.2 version and it seems like the repositories for it are no longer supported

pbhat@BmiUbuntu32:~/Downloads/lsm/csim$ sudo apt-get install gcc-4.2
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package gcc-4.2 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package gcc-4.2 has no installation candidate

Is there another way in which I can use the apt-get utility to install gcc / g++ version 4.2 without having to compile from source. I have tried to do that in the past and the results are always messy.

Thanks to everyone for the continued advice !

Hello again,

I just wanted to add that I found this (http://www.linuxquestions.org/questions/linux-from-scratch-13/glibc-compile-issues-597651/) web-page that recommends changing the option LDFLAGS in the Makefile.

The advice on that page is:
* dlfcn/Makefile (LDLIBS-bug-atexit3-lib.so): Use this instead of
LDFLAGS. Add -lgcc_eh and libc_nonshared (again) to make sure we
get the __stack_chk_fail_local definition when it's needed.

Based on what I understood from the webpage I changes the Makefile LDFLAG options from:
LDFLAGS="-pthread -shared -m32 -Wl,--version-script,$TMW_ROOT/extern/lib/$Arch/$MAPFILE"

to:
LDFLAGS=" -lgcc_eh /usr/lib/libc_nonshared.a -pthread -shared -m32 -Wl,--version-script,$TMW_ROOT/extern/lib/$Arch/$MAPFILE"

I have already added the -fno-stack-protector to the CFLAGS option in the Makefile.

CFLAGS='-fPIC -ansi -D_GNU_SOURCE -pthread -fexceptions -m32 -fno-stack-protector'

But I am still getting the error :
??? Invalid MEX-file '/home/pbhat/Downloads/lsm/csim/csim.mexglx':
/home/pbhat/Downloads/lsm/csim/csim.mexglx: undefined symbol:
__stack_chk_fail_local.

Can somebody advice on whether I have correctly deciphered the instructions on the web-page and what are the next steps I could try

Thanks!

Hello Priya,
this is a bug report page concerning a bug in otpw. It is NOT a Matlab
support forum. Unless you have to add something that concerns the very
bug in otpw, please post your problem somewhere else. E.g. I believe
Mathworks has some forums on their website.

Cheers,
Konstantin

This bug was fixed in the package otpw - 1.3-2ubuntu1

---------------
otpw (1.3-2ubuntu1) oneiric; urgency=low

  * Link with gcc instead of ld. LP: #247190, LP: #756078.
 -- Matthias Klose <email address hidden> Wed, 14 Sep 2011 10:45:51 +0200