Open MPI logo

Open MPI Development Mailing List Archives

  |   Home   |   Support   |   FAQ   |   all Development mailing list

From: Brian Barrett (brbarret_at_[hidden])
Date: 2006-08-31 17:56:49


What facilities are you using to detect the buffer overflow? We've seen
no such issues in our testing and I'd be surprised if there was an issue
in that code path. Valgrind and friends don't show any issues on our
test machines, so without more detail, I'm afraid we really can't fix
the issue you are seeing.

Brian

On Thu, 2006-08-24 at 13:53 -0400, Dave Rogers wrote:
> I just compiled the latest version on my machine and ran a dumb test -
> mpirun without any arguments.
> This generated a buffer overflow error!
>
> Error message (reproducible with different mem. addr.s):
> [ /home/dave/rpmbuild ] $ mpirun
> *** buffer overflow detected ***: mpirun terminated
> ======= Backtrace: =========
> /lib64/libc.so.6(__chk_fail+0x2f)[0x31669dee3f]
> /lib64/libc.so.6[0x31669de69b]
> /lib64/libc.so.6(__snprintf_chk+0x7b)[0x31669de56b]
> /usr/lib64/libopal.so.0(opal_cmd_line_get_usage_msg
> +0x20a)[0x2aaaaac1088a]
> mpirun[0x403c53]
> mpirun(orterun+0xa0)[0x402798]
> mpirun(main+0x1b)[0x4026f3]
> /lib64/libc.so.6(__libc_start_main+0xf4)[0x316691d084]
> mpirun[0x402649]
> ======= Memory map: ========
> 00400000-00408000 r-xp 00000000 09:01
> 2697992 /usr/bin/orterun
> ...
> 7fff20e92000-7fff20ea8000 rw-p 7fff20e92000 00:00 0
> [stack]
> ffffffffff600000-ffffffffffe00000 ---p 00000000 00:00 0
> [vdso]
> Aborted
>
> Installation details: System: FC5 AMD Opteron x86_64
> downloaded SRPM version 1.1.1
>
> rpm -ivh /usr/local/src/dist/libs/openmpi- 1.1-1.src.rpm
> rpmbuild -ba SPECS/openmpi-1.1.spec --target x86_64
> - generates an error from check-rpaths stating that the /usr/lib64
> prefix is unnecessary and may cause problems
> QA_RPATHS=$[ 0x0001|0x0010 ] rpmbuild -ba SPECS/openmpi- 1.1.spec
> --target x86_64
> - suggessted workaround - ignores as warnings
> rpm -ivh ~dave/rpmbuild/RPMS/x86_64/openmpi-1.1-1.x86_64.rpm
> - generates a package conflict -- file /usr/lib64/libopal.so from
> install of openmpi-1.1-1 conflicts with file from package opal-2.2.1-1
> - apparently, this comes from opal, the open phone abstraction
> library... so I uninstalled opal
> rpm -ivh ~dave/rpmbuild/RPMS/x86_64/openmpi-1.1-1.x86_64.rpm
> - worked!
>
> The strange thing is that mpirun with normal arguments works as
> expected without any sorts of mem. errors.
> mpirun with flags -h or --help also buffer overflows, but not mpirun
> with an unrecognized argument, to which it spits out a "you must
> specify how many processes to launch, via the -np argument." error.
>
> I hope this gets fixed soon, buffer overflows are potential security
> vulnerabilities.
>
> ~ David Rogers
> _______________________________________________
> devel mailing list
> devel_at_[hidden]
> http://www.open-mpi.org/mailman/listinfo.cgi/devel