[LinuxPPS] some more info on recent attempt at nmea patch

Udo van den Heuvel udovdh at xs4all.nl
Sat Aug 26 16:47:42 CEST 2006 

So I started ntpd with some debugging and it finds a buffer overflow:

[root at epia ntpd]# ./ntpd -d -d -d
ntpd 4.2.2p3 at 1.1577-o Sat Aug 26 14:40:44 UTC 2006 (1)
addto_syslog: set_process_priority: Leave priority alone: priority_done
is <2>
addto_syslog: precision = 2.000 usec
create_sockets(123)
address_okay: listen Virtual: 1, IF name: sit0, Up Flag: 1
address_okay: listen Virtual: 1, IF name: eth0, Up Flag: 1
address_okay: listen Virtual: 1, IF name: lo, Up Flag: 1
address_okay: listen Virtual: 1, IF name: sit0, Up Flag: 1
address_okay: listen Virtual: 1, IF name: sit0, Up Flag: 1
address_okay: listen Virtual: 1, IF name: eth1, Up Flag: 1
address_okay: listen Virtual: 1, IF name: eth0, Up Flag: 1
address_okay: listen Virtual: 1, IF name: eth1, Up Flag: 1
address_okay: listen Virtual: 1, IF name: lo, Up Flag: 1
address_okay: listen Virtual: 1, IF name: ppp0, Up Flag: 1
addto_syslog: ntp_io: estimated max descriptors: 1024, initial socket
boundary: 16
bind() fd 16, family 2, port 123, addr 0.0.0.0, flags=9
Added addr 0.0.0.0 to list of addresses
flags for fd 16: 04002
addto_syslog: Listening on interface wildcard, 0.0.0.0#123 Disabled
bind() fd 17, family 10, port 123, addr ::, flags=1
Added addr :: to list of addresses
flags for fd 17: 04002
addto_syslog: Listening on interface wildcard, ::#123 Disabled
bind() fd 18, family 10, port 123, addr ::192.168.10.98, flags=1
Added addr ::192.168.10.98 to list of addresses
flags for fd 18: 04002
addto_syslog: Listening on interface sit0, ::192.168.10.98#123 Enabled
bind() fd 19, family 10, port 123, addr fe80::240:63ff:fed6:40a7, flags=1
Added addr fe80::240:63ff:fed6:40a7 to list of addresses
flags for fd 19: 04002
addto_syslog: Listening on interface eth0, fe80::240:63ff:fed6:40a7#123
Enabled
bind() fd 20, family 10, port 123, addr ::1, flags=1
Added addr ::1 to list of addresses
flags for fd 20: 04002
addto_syslog: Listening on interface lo, ::1#123 Enabled
bind() fd 21, family 10, port 123, addr ::10.0.0.150, flags=1
Added addr ::10.0.0.150 to list of addresses
flags for fd 21: 04002
addto_syslog: Listening on interface sit0, ::10.0.0.150#123 Enabled
bind() fd 22, family 10, port 123, addr ::127.0.0.1, flags=1
Added addr ::127.0.0.1 to list of addresses
flags for fd 22: 04002
addto_syslog: Listening on interface sit0, ::127.0.0.1#123 Enabled
bind() fd 23, family 10, port 123, addr fe80::240:63ff:fed6:4075, flags=1
Added addr fe80::240:63ff:fed6:4075 to list of addresses
flags for fd 23: 04002
addto_syslog: Listening on interface eth1, fe80::240:63ff:fed6:4075#123
Enabled
bind() fd 24, family 2, port 123, addr 192.168.10.98, flags=25
Added addr 192.168.10.98 to list of addresses
flags for fd 24: 04002
addto_syslog: Listening on interface eth0, 192.168.10.98#123 Enabled
bind() fd 25, family 2, port 123, addr 10.0.0.150, flags=25
Added addr 10.0.0.150 to list of addresses
flags for fd 25: 04002
addto_syslog: Listening on interface eth1, 10.0.0.150#123 Enabled
bind() fd 26, family 2, port 123, addr 127.0.0.1, flags=5
Added addr 127.0.0.1 to list of addresses
flags for fd 26: 04002
addto_syslog: Listening on interface lo, 127.0.0.1#123 Enabled
bind() fd 27, family 2, port 123, addr 82.92.197.115, flags=19
Added addr 82.92.197.115 to list of addresses
flags for fd 27: 04002
addto_syslog: Listening on interface ppp0, 82.92.197.115#123 Enabled
create_sockets: Total interfaces = 12
interface 0:  fd=16,  bfd=-1,  name=wildcard,  flags=0x9,  scope=0
              sin=0.0.0.0  bcast=0.0.0.0,  mask=255.255.255.255 Disabled
interface 1:  fd=17,  bfd=-1,  name=wildcard,  flags=0x1,  scope=0
              sin=:: Disabled
interface 2:  fd=18,  bfd=-1,  name=sit0,  flags=0x1,  scope=0
              sin=::192.168.10.98 Enabled
interface 3:  fd=19,  bfd=-1,  name=eth0,  flags=0x1,  scope=1
              sin=fe80::240:63ff:fed6:40a7 Enabled
interface 4:  fd=20,  bfd=-1,  name=lo,  flags=0x1,  scope=0
              sin=::1 Enabled
interface 5:  fd=21,  bfd=-1,  name=sit0,  flags=0x1,  scope=0
              sin=::10.0.0.150 Enabled
interface 6:  fd=22,  bfd=-1,  name=sit0,  flags=0x1,  scope=0
              sin=::127.0.0.1 Enabled
interface 7:  fd=23,  bfd=-1,  name=eth1,  flags=0x1,  scope=2
              sin=fe80::240:63ff:fed6:4075 Enabled
interface 8:  fd=24,  bfd=-1,  name=eth0,  flags=0x19,  scope=0
              sin=192.168.10.98  bcast=192.168.10.255,
mask=255.255.255.0 Enabled
interface 9:  fd=25,  bfd=-1,  name=eth1,  flags=0x19,  scope=0
              sin=10.0.0.150  bcast=10.0.0.255,  mask=255.255.255.0 Enabled
interface 10:  fd=26,  bfd=-1,  name=lo,  flags=0x5,  scope=0
              sin=127.0.0.1,  mask=255.0.0.0 Enabled
interface 11:  fd=27,  bfd=-1,  name=ppp0,  flags=0x13,  scope=0
              sin=82.92.197.115,  mask=255.255.255.255 Enabled
init_io: maxactivefd 27
local_clock: time 0 base 0.000000 offset 0.000000 freq 0.000 state 0
getnetnum given 127.127.1.0, got 127.127.1.0
newpeer: cast flags: 0x1 for address: 127.127.1.0
newpeer: using fd 26 and our addr 127.0.0.1
key_expire: at 0
peer_clear: at 0 next 1 assoc ID 21956 refid INIT
newpeer: 127.0.0.1->127.127.1.0 mode 3 vers 4 poll 6 10 flags 0x1021 0x1
ttl 0 key 00000000
getnetnum given 127.127.1.0, got 127.127.1.0
getnetnum given 127.127.20.0, got 127.127.20.0
newpeer: cast flags: 0x1 for address: 127.127.20.0
newpeer: using fd 26 and our addr 127.0.0.1
key_expire: at 0
peer_clear: at 0 next 2 assoc ID 21957 refid INIT
refclock_setup fd 5 modem status: 0x4006
refclock_ioctl: fd 5 flags 0x1
*** buffer overflow detected ***: ./ntpd terminated
======= Backtrace: =========
/lib/libc.so.6(__chk_fail+0x29)[0xb7e33131]
/lib/libc.so.6[0xb7e329c6]
./ntpd[0x80029136]
======= Memory map: ========
4e012000-4e029000 r-xp 00000000 03:05 76969      /lib/ld-2.4.so
4e029000-4e02a000 r--p 00016000 03:05 76969      /lib/ld-2.4.so
4e02a000-4e02b000 rw-p 00017000 03:05 76969      /lib/ld-2.4.so
80000000-8003a000 r-xp 00000000 03:0a 883682
/usr/src/redhat/BUILD/ntp-4.2.2p3/ntpd/ntpd
8003a000-8003d000 rw-p 00039000 03:0a 883682
/usr/src/redhat/BUILD/ntp-4.2.2p3/ntpd/ntpd
8003d000-800a4000 rw-p 8003d000 00:00 0          [heap]
b7d2c000-b7d37000 r-xp 00000000 03:05 77060
/lib/libgcc_s-4.1.1-20060525.so.1
b7d37000-b7d38000 rw-p 0000a000 03:05 77060
/lib/libgcc_s-4.1.1-20060525.so.1
b7d38000-b7d40000 r-xp 00000000 03:05 76947      /lib/libnss_files-2.4.so
b7d40000-b7d41000 r--p 00007000 03:05 76947      /lib/libnss_files-2.4.so
b7d41000-b7d42000 rw-p 00008000 03:05 76947      /lib/libnss_files-2.4.so
b7d48000-b7d4a000 rw-p b7d48000 00:00 0
b7d4a000-b7d5c000 r-xp 00000000 03:08 66093      /usr/lib/libz.so.1.2.3
b7d5c000-b7d5d000 rw-p 00011000 03:08 66093      /usr/lib/libz.so.1.2.3
b7d5d000-b7d5f000 r-xp 00000000 03:05 20286      /lib/libdl-2.4.so
b7d5f000-b7d60000 r--p 00001000 03:05 20286      /lib/libdl-2.4.so
b7d60000-b7d61000 rw-p 00002000 03:05 20286      /lib/libdl-2.4.so
b7d61000-b7e82000 r-xp 00000000 03:05 76970      /lib/libc-2.4.so
b7e82000-b7e84000 r--p 00121000 03:05 76970      /lib/libc-2.4.so
b7e84000-b7e85000 rw-p 00123000 03:05 76970      /lib/libc-2.4.so
b7e85000-b7e88000 rw-p b7e85000 00:00 0
b7e88000-b7e8b000 r-xp 00000000 03:05 20351      /lib/libcap.so.1.10
b7e8b000-b7e8c000 rw-p 00002000 03:05 20351      /lib/libcap.so.1.10
b7e8c000-b7fb4000 r-xp 00000000 03:05 20316      /lib/libcrypto.so.0.9.8a
b7fb4000-b7fc6000 rw-p 00128000 03:05 20316      /lib/libcrypto.so.0.9.8a
b7fc6000-b7fca000 rw-p b7fc6000 00:00 0
b7fca000-b7fee000 r-xp 00000000 03:05 76973      /lib/libm-2.4.so
b7fee000-b7fef000 r--p 00023000 03:05 76973      /lib/libm-2.4.so
b7fef000-b7ff0000 rw-p 00024000 03:05 76973      /lib/libm-2.4.so
b7ff0000-b7ff1000 rw-p b7ff0000 00:00 0
b7ff6000-b7ff7000 rw-p b7ff6000 00:00 0
bff65000-bff7b000 rw-p bff65000 00:00 0          [stack]
ffffe000-fffff000 ---p 00000000 00:00 0          [vdso]
Aborted

More information about the LinuxPPS mailing list