is lib-safe adopted in fc8?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I've just install fc8 and tried some new tech it use in anti-buffer

Here is the test...

#include <stdio.h>
int main(int argc,char * argv[])

     char buf[10];
        return 0;


it's a quite obvious stack buffer overflow vul..

Then I started the program ..
the argv[1] is just 10 'A' and I got a seg fault?

I tried gdb test

Starting program: /root/test AAAAAAAAAA

warning: Missing the separate debug info file: /usr/lib/debug/.build-
(no debugging symbols found)
Error in re-setting breakpoint 2:
Function "strcpy" not defined.
(no debugging symbols found)

warning: Missing the separate debug info file: /usr/lib/debug/.build-
(no debugging symbols found)

Breakpoint 2, 0x00bf3c34 in strcpy () from /lib/
(gdb) c

Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()
(gdb) bt
#0  0x00000000 in ?? ()
#1  0x00000001 in ?? ()
#2  0x00000000 in ?? ()

Is it a lib-safe or something else ?


Re: is lib-safe adopted in fc8?

Quoted text here. Click to load it

libsafe is a LD_PRELOAD dynamic lib that catches calls to certain
functions (see the libsafe manpage). You have to specifically use
libsafe via LD_PRELOAD, or via /etc/ containing the full
path to binary. So this is likely not libsafe. Also
libsafe reports in the syslog what it does.

There's other BO protectors too: libssp, some linker switches, and
3rd-party kernel add-ons. From what you posted, I can't see if any of
those are in use, but it doesn't appear libsafe is.

The binary is like so:

-rwxr-xr-x 1 root root 20356 2003-02-25 03:14 /lib/

 [** America, the police state **]
Whoooose! What's that noise? Why, it's US citizen's
rights, going down the toilet with Bush flushing.

Site Timeline