Open MPI logo

Open MPI Development Mailing List Archives

  |   Home   |   Support   |   FAQ   |   all Development mailing list

From: Dave Rogers (wantye_at_[hidden])
Date: 2006-08-24 13:53:02


I just compiled the latest version on my machine and ran a dumb test -
mpirun without any arguments.
This generated a buffer overflow error!

Error message (reproducible with different mem. addr.s):
[ /home/dave/rpmbuild ] $ mpirun
*** buffer overflow detected ***: mpirun terminated
======= Backtrace: =========
/lib64/libc.so.6(__chk_fail+0x2f)[0x31669dee3f]
/lib64/libc.so.6[0x31669de69b]
/lib64/libc.so.6(__snprintf_chk+0x7b)[0x31669de56b]
/usr/lib64/libopal.so.0(opal_cmd_line_get_usage_msg+0x20a)[0x2aaaaac1088a]
mpirun[0x403c53]
mpirun(orterun+0xa0)[0x402798]
mpirun(main+0x1b)[0x4026f3]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x316691d084]
mpirun[0x402649]
======= Memory map: ========
00400000-00408000 r-xp 00000000 09:01 2697992
/usr/bin/orterun
...
7fff20e92000-7fff20ea8000 rw-p 7fff20e92000 00:00 0
[stack]
ffffffffff600000-ffffffffffe00000 ---p 00000000 00:00 0
[vdso]
Aborted

Installation details: System: FC5 AMD Opteron x86_64
downloaded SRPM version 1.1.1

rpm -ivh /usr/local/src/dist/libs/openmpi-1.1-1.src.rpm
rpmbuild -ba SPECS/openmpi-1.1.spec --target x86_64
 - generates an error from check-rpaths stating that the /usr/lib64 prefix
is unnecessary and may cause problems
QA_RPATHS=$[ 0x0001|0x0010 ] rpmbuild -ba SPECS/openmpi-1.1.spec --target
x86_64
 - suggessted workaround - ignores as warnings
rpm -ivh ~dave/rpmbuild/RPMS/x86_64/openmpi-1.1-1.x86_64.rpm
 - generates a package conflict -- file /usr/lib64/libopal.so from install
of openmpi-1.1-1 conflicts with file from package opal-2.2.1-1
 - apparently, this comes from opal, the open phone abstraction library...
so I uninstalled opal
rpm -ivh ~dave/rpmbuild/RPMS/x86_64/openmpi-1.1-1.x86_64.rpm
 - worked!

The strange thing is that mpirun with normal arguments works as expected
without any sorts of mem. errors.
mpirun with flags -h or --help also buffer overflows, but not mpirun with an
unrecognized argument, to which it spits out a "you must specify how many
processes to launch, via the -np argument." error.

I hope this gets fixed soon, buffer overflows are potential security
vulnerabilities.

~ David Rogers