Re: Buffer overflow in cp and mv commands

[Jim Meyering]

Gregory Butenko <address@hidden> wrote:
> I have compiled coreutils with hardened gcc and now the following
> messages pop up when subtrees copied or moved:
>        mv: stack smashing attack in function copy_internal()
>              or
>        cp: stack smashing attack in function copy_internal()
>
> That is a good sign of a buffer overflow bug. Could someone fix that?
> I run Linux on PPC with 64MB memory and this bug shows up when there is
> not enough memory, I believe.

Thanks for the report.
Unfortunately, what you've provided isn't quite enough to say
precisely where the bug is -- or indeed, whether there is one.

However, here's a guess:
If you're really using a system that is so memory-limited,
then you may be encountering a stack overflow.  alloca is
documented to have undefined behavior if allocation causes
stack overflow.

Consider using more *virtual* memory, so you don't run into
this sort or problem.

Please be sure to report the version of the coreutils that
you're using.  If you can get the latest from CVS, that'd be best:

  http://savannah.gnu.org/cvs/?group=coreutils

Otherwise, please use this slightly dated test release:

  ftp://alpha.gnu.org/gnu/coreutils/coreutils-5.3.0.tar.gz
  ftp://alpha.gnu.org/gnu/coreutils/coreutils-5.3.0.tar.bz2