[Rd] Stack smashing in RODBC
Tom "spot" Callaway
tcallawa at redhat.com
Tue Jan 26 15:39:36 CET 2010
On 01/26/2010 06:17 AM, Dirk Eddelbuettel wrote:
>
> On 26 January 2010 at 01:23, "Tom \"spot\" Callaway" wrote:
> | On 01/25/2010 09:14 PM, Dirk Eddelbuettel wrote:
> | > I cannot replicate this on Debian. The error gets trapped just fine. This may
> | > be particular to your builds or setup. I don;t see an R error (but of course
> | > do not speak for R Core). Here is a short version, it is the same in normal
> | > interactive mode.
> |
> | I don't think Debian builds with stack protection in glibc, whereas
> | Fedora does (and I think Ubuntu Hardy and onward also do).
>
> As I get the exact same result on Ubuntu, I continue to suspect that the
> issue with Fedora.
We're not modifying the RODBC or R code at all, so I suspect that it is
a legitimate bug that Fedora is better at reproducing.
The Fedora optflags tend to be more restrictive than some other Linux
distributions, here is how RODBC is compiled by default:
gcc -m32 -std=gnu99 -I/usr/include/R -I. -I/usr/local/include -fpic
-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom
-fasynchronous-unwind-tables -c RODBC.c -o RODBC.o
gcc -m32 -std=gnu99 -shared -L/usr/local/lib -o RODBC.so RODBC.o -lodbc
-L/usr/lib/R/lib -lR
I compiled RODBC without any -O and with -ggdb for debugging, but it
didn't prevent the crash.
[spot at f12.i386 ~]$ echo 'library(RODBC); channel <- odbcConnect("foo",
uid="bar")' | R --slave
*** stack smashing detected ***: /usr/lib/R/bin/exec/R terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x4d)[0x2041ed]
/lib/libc.so.6(-0xffa62e66)[0x20419a]
/usr/lib/R/library/RODBC/libs/RODBC.so(+0x6164)[0x2c9164]
/usr/lib/R/library/RODBC/libs/RODBC.so(RODBCDriverConnect+0x4ed)[0x2c5072]
/usr/lib/R/lib/libR.so[0x85c01c]
/usr/lib/R/lib/libR.so(Rf_eval+0x7f2)[0x87fa82]
/usr/lib/R/lib/libR.so[0x881fd5]
/usr/lib/R/lib/libR.so(Rf_eval+0x568)[0x87f7f8]
/usr/lib/R/lib/libR.so[0x8820eb]
/usr/lib/R/lib/libR.so(Rf_eval+0x568)[0x87f7f8]
/usr/lib/R/lib/libR.so(Rf_applyClosure+0x2e7)[0x883ac7]
/usr/lib/R/lib/libR.so(Rf_eval+0x40d)[0x87f69d]
/usr/lib/R/lib/libR.so[0x88043a]
/usr/lib/R/lib/libR.so[0x8cbe9e]
/usr/lib/R/lib/libR.so(Rf_eval+0x568)[0x87f7f8]
/usr/lib/R/lib/libR.so(Rf_applyClosure+0x2e7)[0x883ac7]
/usr/lib/R/lib/libR.so(Rf_eval+0x40d)[0x87f69d]
/usr/lib/R/lib/libR.so[0x8820eb]
/usr/lib/R/lib/libR.so(Rf_eval+0x568)[0x87f7f8]
/usr/lib/R/lib/libR.so(Rf_applyClosure+0x2e7)[0x883ac7]
/usr/lib/R/lib/libR.so(Rf_eval+0x40d)[0x87f69d]
/usr/lib/R/lib/libR.so[0x8820eb]
/usr/lib/R/lib/libR.so(Rf_eval+0x568)[0x87f7f8]
/usr/lib/R/lib/libR.so(Rf_applyClosure+0x2e7)[0x883ac7]
/usr/lib/R/lib/libR.so(Rf_eval+0x40d)[0x87f69d]
/usr/lib/R/lib/libR.so[0x881fd5]
/usr/lib/R/lib/libR.so(Rf_eval+0x568)[0x87f7f8]
/usr/lib/R/lib/libR.so(Rf_ReplIteration+0x23d)[0x8ba64d]
/usr/lib/R/lib/libR.so[0x8ba9a5]
/usr/lib/R/lib/libR.so(run_Rmainloop+0x66)[0x8bb236]
/usr/lib/R/lib/libR.so(Rf_mainloop+0x1d)[0x8bb26d]
/usr/lib/R/bin/exec/R(main+0x39)[0x8048699]
/lib/libc.so.6(__libc_start_main+0xe6)[0x126bb6]
/usr/lib/R/bin/exec/R[0x8048591]
======= Memory map: ========
00110000-0027f000 r-xp 00000000 fd:00 463 /lib/libc-2.11.1.so
0027f000-00281000 r--p 0016e000 fd:00 463 /lib/libc-2.11.1.so
00281000-00282000 rw-p 00170000 fd:00 463 /lib/libc-2.11.1.so
00282000-00285000 rw-p 00000000 00:00 0
00285000-0029b000 r-xp 00000000 fd:00 17315 /lib/libtinfo.so.5.7
0029b000-0029e000 rw-p 00015000 fd:00 17315 /lib/libtinfo.so.5.7
0029e000-002bb000 r-xp 00000000 fd:00 356
/lib/libgcc_s-4.4.2-20091222.so.1
002bb000-002bc000 rw-p 0001c000 fd:00 356
/lib/libgcc_s-4.4.2-20091222.so.1
002bc000-002c2000 r-xp 00000000 fd:00 225678
/usr/lib/R/library/methods/libs/methods.so
002c2000-002c3000 rw-p 00005000 fd:00 225678
/usr/lib/R/library/methods/libs/methods.so
002c3000-002cb000 r-xp 00000000 fd:00 227777
/usr/lib/R/library/RODBC/libs/RODBC.so
002cb000-002cc000 rw-p 00007000 fd:00 227777
/usr/lib/R/library/RODBC/libs/RODBC.so
002cc000-002cd000 rw-p 00000000 00:00 0
002cd000-00339000 r-xp 00000000 fd:00 25406 /usr/lib/libodbc.so.2.0.0
00339000-0033e000 rw-p 0006b000 fd:00 25406 /usr/lib/libodbc.so.2.0.0
00487000-004a5000 r-xp 00000000 fd:00 462 /lib/ld-2.11.1.so
004a5000-004a6000 r--p 0001d000 fd:00 462 /lib/ld-2.11.1.so
004a6000-004a7000 rw-p 0001e000 fd:00 462 /lib/ld-2.11.1.so
004e2000-00538000 r-xp 00000000 fd:00 226761
/usr/lib/R/library/stats/libs/stats.so
00538000-0053a000 rw-p 00055000 fd:00 226761
/usr/lib/R/library/stats/libs/stats.so
0053c000-0053d000 r-xp 00000000 00:00 0 [vdso]
005bd000-005c8000 r-xp 00000000 fd:00 31904 /lib/libnss_files-2.11.1.so
005c8000-005c9000 r--p 0000a000 fd:00 31904 /lib/libnss_files-2.11.1.so
005c9000-005ca000 rw-p 0000b000 fd:00 31904 /lib/libnss_files-2.11.1.so
00620000-00623000 r-xp 00000000 fd:00 479 /lib/libdl-2.11.1.so
00623000-00624000 r--p 00002000 fd:00 479 /lib/libdl-2.11.1.so
00624000-00625000 rw-p 00003000 fd:00 479 /lib/libdl-2.11.1.so
00627000-0063d000 r-xp 00000000 fd:00 476 /lib/libpthread-2.11.1.so
0063d000-0063e000 r--p 00015000 fd:00 476 /lib/libpthread-2.11.1.so
0063e000-0063f000 rw-p 00016000 fd:00 476 /lib/libpthread-2.11.1.so
0063f000-00641000 rw-p 00000000 00:00 0
00643000-0066b000 r-xp 00000000 fd:00 478 /lib/libm-2.11.1.so
0066b000-0066c000 r--p 00027000 fd:00 478 /lib/libm-2.11.1.so
0066c000-0066d000 rw-p 00028000 fd:00 478 /lib/libm-2.11.1.so
0067a000-0068c000 r-xp 00000000 fd:00 630 /lib/libz.so.1.2.3
0068c000-0068d000 rw-p 00011000 fd:00 630 /lib/libz.so.1.2.3
0068f000-00764000 r-xp 00000000 fd:00 24537
/usr/lib/libgfortran.so.3.0.0
00764000-00766000 rw-p 000d4000 fd:00 24537
/usr/lib/libgfortran.so.3.0.0
00768000-00790000 r-xp 00000000 fd:00 138492 /usr/lib/R/lib/libRblas.so
00790000-00791000 rw-p 00027000 fd:00 138492 /usr/lib/R/lib/libRblas.so
0079a000-007cf000 r-xp 00000000 fd:00 17316 /lib/libreadline.so.6.0
007cf000-007d3000 rw-p 00035000 fd:00 17316 /lib/libreadline.so.6.0
007d3000-007d4000 rw-p 00000000 00:00 0
007d6000-00a46000 r-xp 00000000 fd:00 138529 /usr/lib/R/lib/libR.so
00a46000-00a54000 rw-p 00270000 fd:00 138529 /usr/lib/R/lib/libR.so
00a54000-00aea000 rw-p 00000000 00:00 0
00d17000-00d36000 r-xp 00000000 fd:00 225135
/usr/lib/R/library/grDevices/libs/grDevices.so
00d36000-00d37000 rw-p 0001f000 fd:00 225135
/usr/lib/R/library/grDevices/libs/grDevices.so
04c8d000-04d6a000 r-xp 00000000 fd:00 546
/usr/lib/libstdc++.so.6.0.13
04d6a000-04d6e000 r--p 000dc000 fd:00 546
/usr/lib/libstdc++.so.6.0.13
04d6e000-04d70000 rw-p 000e0000 fd:00 546
/usr/lib/libstdc++.so.6.0.13
04d70000-04d76000 rw-p 00000000 00:00 0
04da8000-04dd7000 r-xp 00000000 fd:00 20052 /lib/libpcre.so.0.0.1
04dd7000-04dd8000 rw-p 0002e000 fd:00 20052 /lib/libpcre.so.0.0.1
050f6000-05106000 r-xp 00000000 fd:00 18599 /lib/libbz2.so.1.0.4
05106000-05107000 rw-p 00010000 fd:00 18599 /lib/libbz2.so.1.0.4
05109000-05112000 r-xp 00000000 fd:00 19476 /usr/lib/libltdl.so.7.2.1
05112000-05113000 rw-p 00008000 fd:00 19476 /usr/lib/libltdl.so.7.2.1
059e1000-05b9f000 r-xp 00000000 fd:00 13610 /usr/lib/libicui18n.so.42.1
05b9f000-05ba6000 rw-p 001be000 fd:00 13610 /usr/lib/libicui18n.so.42.1
05ba8000-05cf5000 r-xp 00000000 fd:00 20040 /usr/lib/libicuuc.so.42.1
05cf5000-05d00000 rw-p 0014c000 fd:00 20040 /usr/lib/libicuuc.so.42.1
05d00000-05d01000 rw-p 00000000 00:00 0
05dd6000-06d1b000 r-xp 00000000 fd:00 20039 /usr/lib/libicudata.so.42.1
06d1b000-06d1c000 rw-p 00f44000 fd:00 20039 /usr/lib/libicudata.so.42.1
08048000-08049000 r-xp 00000000 fd:00 223583 /usr/lib/R/bin/exec/R
08049000-0804b000 rw-p 00000000 fd:00 223583 /usr/lib/R/bin/exec/R
09864000-0a3da000 rw-p 00000000 00:00 0 [heap]
b746e000-b7582000 rw-p 00000000 00:00 0
b7582000-b7589000 r--s 00000000 fd:00 942
/usr/lib/gconv/gconv-modules.cache
b7589000-b75ce000 rw-p 00000000 00:00 0
b75cf000-b75d0000 rw-s 00000000 00:08 1146901 /SYSV79002790 (deleted)
b75d0000-b7643000 rw-p 00000000 00:00 0
b7643000-b7843000 r--p 00000000 fd:00 56084
/usr/lib/locale/locale-archive
b7843000-b7849000 rw-p 00000000 00:00 0
bfe3f000-bfe5d000 rw-p 00000000 00:00 0 [stack]Aborted
> FWIW, on Debian and Ubuntu, unixodbc_2.2.11 is used.
On Fedora 12, we're using:
glibc-2.11.1-1.i686
unixODBC-2.2.14-9.fc12.i686
The newer glibc may be better at detecting stack smashing, or the newer
unixODBC could be doing something differently from 2.2.11.
~spot
More information about the R-devel
mailing list