bacula not compiled with FORTIFY_SOURCE
Bug #265102 reported by
Kees Cook
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Bacula |
Unknown
|
Unknown
|
|||
| bacula (Ubuntu) |
Confirmed
|
Medium
|
Unassigned | ||
Bug Description
Binary package hint: bacula
Due to upstream's strange use of redefinable extern unions, fortify has unfriendly behavior. It would be nice to fix this in a sensible fashion so that the rest of bacula could get fortify protections.
http://
| Changed in bacula: | |
| importance: | Undecided → Medium |
| status: | New → Confirmed |
Revision history for this message
| Kern Sibbald (kern) wrote | #1 |
Revision history for this message
| Kees Cook (kees) wrote | #2 |
Revision history for this message
| Kern Sibbald (kern) wrote | #3 |
To post a comment you must log in.
This problem *should* already be fixed in the trunk, though I have never actually tried building and running it with fortify source.
We *strongly* recommend not to enable fortify source. Bacula is already well protected and has its own buffer overrun detection that in general detects most overrun problems earlier and better than glibc and produces a reasonable traceback in the process. If you do enable fortify source, we cannot exclude that you will encounter other such problems.