Subject Buffer Overflow on Gentoo Linux Kernel 3.0.6
Author Matthias Hanft
Hi,

since many years, I've been using Firebird with Gentoo Linux kernels up to
2.6.38 without any problems - currently FB "2.0.3.12981.0-r6" (the newest
"stable" version which is available as a Gentoo package).

Now, I have built a new Gentoo system from scratch, of course with kernel
3.0.6 (different hardware, slightly different Linux .config). First,
Firebird runs just normal, but when calling some special functions (for
example, user rights management from IBExpert), it crashes because of a
buffer overflow.

syslog says:

Nov 13 18:43:41 n *** buffer overflow detected ***: fbserver - terminated
Nov 13 18:43:41 n fbserver: buffer overflow attack in function <unknown> - terminated
Nov 13 18:43:41 n Report to http://bugs.gentoo.org/

I did report to bugs.gentoo.org - https://bugs.gentoo.org/show_bug.cgi?id=390429 -
but I'm not quite sure if this is a Gentoo or a Firebird issue.

In addition, on the new system, in firebird.log, there are two messages at
server start which I have never seen on the old system:

n (Server) Sun Nov 13 18:43:41 2011
64 bit i/o support is on.

n (Server) Sun Nov 13 18:43:41 2011
Open file limit increased from 1024 to 4096

Perhaps this is a result of the slightly different Linux .config? There
must be some more differences because starting FB (with /etc/init.d/
firebird start) on the old server says:

* Starting Firebird server ...
* WARNING: -o/--oknodo is deprecated and will be removed in the future
* WARNING: -c/--chuid is deprecated and will be removed in the future, please use -u/--user instead
* WARNING: -a/--startas is deprecated and will be removed in the future, please use -x/--exec or
-n/--name instead
server has been successfully started [ ok ]

and on the new server

* Starting Firebird server ...
* WARNING: -o/--oknodo is deprecated and will be removed in the future
* WARNING: -c/--chuid is deprecated and will be removed in the future, please use -u/--user instead
* WARNING: -a/--startas is deprecated and will be removed in the future, please use -x/--exec or
-n/--name instead
check /var/log/firebird/firebird.log file for errors
can not start server [ ok ]

but the server is started anyway (sometimes the start scripts even hangs);
in firebird.log, there is
n (Client) Sun Nov 13 19:15:39 2011
INET/inet_error: connect errno = 111
(but only if the server is not listening on localhost; as it seems)

While it's just uncomfortable not using IBExpert's rights management
(GRANT etc. with "fbsql" *does* work), I'm afraid to put that FB
installation into a production environment - what if those buffer
overflows would also happen just in normal operation? This would
be _real_bad_ ...

Any hints?

Thank you,

-Matt