Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#549 Lookup of RAC database fails if __FORTIFY_SOURCE=2

open
nobody
5
2012-09-15
2010-09-24
Thomas Beierlein
No

Newer GCC versions (>4.4.3) are setting __FORTIFY_SOURCE=2 thereby forcing stricter checks for buffer overflows.
Similar to Bug 2580745 xastir segfaults with an buffer overrun error if we do a lookup of an VE callsign.
See also http://bugs.gentoo.org/show_bug.cgi?id=337365

The problem is line 258 of rac_data.c. The code reads as follows:

rac_record racdata;
...
rc = fgets((char *)&racdata, sizeof(racdata), fdb);

It looks perfectly legal, but the __bos macro in stdio2.h seems to get the size of
the buffer wrong causing a buffer overun error.

The attached code snippet fixes the problem.

Discussion

  • Patch to fix rac_data.c