pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: minidlna buffer overflow on netbsd-8/amd64

On Sat, Oct 26, 2019 at 04:47:40PM -0500, John D. Baker wrote:
> For some time now I've seen meessages like the following on the machine
> that acts as DLNA server (also my file server) whenever I reboot it (and
> start minidlna from my "rc.local" script):
>   Oct 25 15:14:26 hostname -: hostname.domainname.tld minidlnad - - - buffer overflow detected; terminated
> As a result, while there is still a minidlnad process present and the
> minidlna server is visible to DNLA clients, no content is listed.
> Top-level directories are there, but no contents or subdirectories.
> I've been starting it with the "-R" switch so it will re-index the
> contents so that recently-added files will be visible.  (Before it
> started complaining about the overflow, It didn't seem to pick up new
> files by itself unless restarted with -R).
> Has anyone seen anything like this before?  Have I hit some limit of
> minidlna in terms of the number of files or something like that?

This failure is from stack protector.

I guess if you really wanted it to work right away, you could add to the
package makefile:

Stack protector is writing an unpredictable random value to the stack
and checking that the random value is the same later.

Failing this check means something overflows a buffer, and might be a
big security issue.

So far, in regular userland programs like minidlna, every time I had a
failure from SSP it was either an indication of very problematic code or
security issues. So I would hesitate to continue running it without an

Home | Main Index | Thread Index | Old Index