[egenix-users] bufferoverflow in egenix?

Klavs Klavsen kl at vsen.dk
Sat Sep 11 20:21:57 CEST 2004


Hi guys,

Just installed a new gcc with stack-smashing protection - and while
recompiling modules with stack-smashing protection, I got this message:
--
copying build/lib.linux-i686-2.3/mx/Misc/__init__.py ->
/var/tmp/portage/egenix-mx-base-2.0.5/image/usr/l
ib/python2.3/site-packages/mx/Misc
copying build/lib.linux-i686-2.3/mx/Misc/Cache.py ->
/var/tmp/portage/egenix-mx-base-2.0.5/image/usr/lib/
python2.3/site-packages/mx/Misc
writing byte-compilation script
'/var/tmp/portage/egenix-mx-base-2.0.5/temp/tmpTQ2rvx.py'
/usr/bin/python -O /var/tmp/portage/egenix-mx-base-2.0.5/temp/tmpTQ2rvx.py
usr/lib/python2.3/site-packages/mx/TextTools/Examples/pytag.py:47:
SyntaxWarning: name 'debugging' is use
d prior to global declaration
python: stack smashing attack in function symtable_node()
error: command '/usr/bin/python' terminated by signal 6

!!! ERROR: dev-python/egenix-mx-base-2.0.5 failed.
!!! Function distutils_src_install, Line 43, Exitcode 1
!!! (no error message)

so it seems egenix-mx-base causes a bufferoverflow (or perhaps it causes
one in python) - I haven't done very much research as I can live without
egenix - but just wanted to let you know :)

p.s. it's python-2.3.3.

-- 
Regards,
Klavs Klavsen, GSEC - kl at vsen.dk - http://www.vsen.dk
PGP: 7E063C62/2873 188C 968E 600D D8F8  B8DA 3D3A 0B79 7E06 3C62

"Those who do not understand Unix are condemned to reinvent it, poorly."
  --Henry Spencer



More information about the egenix-users mailing list