NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kern/38982: PaX ASLR makes some programs crash

The following reply was made to PR kern/38982; it has been noted by GNATS.

From: Jean-Yves Migeon <>
Subject: Re: kern/38982: PaX ASLR makes some programs crash
Date: Sat, 12 Dec 2009 22:06:51 +0100

 I tracked down the issue a bit, and it is related to the setrlimit() 
 usage for the stack size. When setting the value to an insanely big size 
 (or infinity), all programs will end with a SIGABRT.
 In the case of useradd/vipw/libutil binaries, the:
 (void)setrlimit(RLIMIT_STACK, &rlim);
 found inside pw_init() (in lib/libutil/passwd.c) does the trick. If you 
 comment out the line, or at least, set the rlimit to a smaller size, 
 libutil functions start working again.
  From a more general PoV, using ulimit(3):
 # sysctl -w security.pax.aslr.enabled=1
 # ls
 CVS        conf       fs         modules    netinet6   netsmb     sys
 Makefile   crypto     gdbscripts net        netipsec   nfs        tags
 altq       ddb        ipkdb      net80211   netisdn    opencrypto ufs
 arch       dev        kern       netatalk   netiso     rump       uvm
 coda       dist       lib        netbt      netkey     secmodel
 compat     external   miscfs     netinet    netnatm    stand
 # ulimit -s unlimited
 # ls
 # vi
 ... and so forth. I guess that the gmake issue is the same, as it starts 
 by altering the stack ressource:
   17022      1 gmake    CALL  getrlimit(3,0xbf0b6644)
   17022      1 gmake    RET   getrlimit 0
   17022      1 gmake    CALL  setrlimit(3,0xbf0b6644)
   17022      1 gmake    RET   setrlimit 0
   17022      1 gmake    CALL  issetugid
   17022      1 gmake    RET   issetugid 0
 setrlimit(3, 0xbf0b6644) => setrlimit(RLIMIT_STACK, max) (called at the 
 beginning of the main of gmake). FWIW, max == 67108864 (65k). If you 
 invoke gmake from a simple user and not from superuser, it will work as 
 Jean-Yves Migeon

Home | Main Index | Thread Index | Old Index