XASTIR / Bugs / #549 Lookup of RAC database fails if __FORTIFY

#549 Lookup of RAC database fails if __FORTIFY_SOURCE=2

Milestone: v1.0_(example)

Status: closed

Owner: nobody

Labels: Compile Error (15)

Priority: 5

Updated: 2023-07-08

Created: 2010-09-24

Creator: Thomas Beierlein

Private: No

Newer GCC versions (>4.4.3) are setting __FORTIFY_SOURCE=2 thereby forcing stricter checks for buffer overflows.
Similar to Bug 2580745 xastir segfaults with an buffer overrun error if we do a lookup of an VE callsign.
See also http://bugs.gentoo.org/show_bug.cgi?id=337365

The problem is line 258 of rac_data.c. The code reads as follows:

rac_record racdata;
...
rc = fgets((char *)&racdata, sizeof(racdata), fdb);

It looks perfectly legal, but the __bos macro in stdio2.h seems to get the size of
the buffer wrong causing a buffer overun error.

The attached code snippet fixes the problem.

Discussion

Thomas Beierlein - 2010-09-24

Patch to fix rac_data.c

xastir-1.9.8-fortify.diff

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Tom Russo - 2023-07-08

status: open --> closed

Group: --> v1.0_(example)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Tom Russo - 2023-07-08

The Xastir project no longer uses sourceforge for issue tracking and I am closing all open issues (all of which are very old).

If this issue is still important, please open a new one on https://github.com/Xastir/Xastir.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Lookup of RAC database fails if __FORTIFY_SOURCE=2

Multiplatform Ham Radio APRS and Mapping Program

Group

Searches

Help

#549 Lookup of RAC database fails if __FORTIFY_SOURCE=2

Discussion