[New-bugs-announce] [issue36107] aarch64 python3 buffer overflow with stack protector on rpi3 (alpine linux)
Natanael Copa
report at bugs.python.org
Mon Feb 25 11:58:04 EST 2019
New submission from Natanael Copa <natanael.copa at docker.com>:
Alpine Linux's python 3.6.8 native build on aarch64 gets killed by stack protector when run on Raspberry Pi 3.
It does not happen when same binary runs on packet.net's aarch64 machine.
I was able to get a backtrace by copying the core.
Core was generated by `python3'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x0000007f86e85d9c in a_crash () at ./src/internal/atomic.h:250
250 ./src/internal/atomic.h: No such file or directory.
(gdb) bt
#0 0x0000007f86e85d9c in a_crash () at ./src/internal/atomic.h:250
#1 __stack_chk_fail () at src/env/__stack_chk_fail.c:17
#2 0x0000007f86cbc068 in _PyObject_CallMethodId_SizeT (o=o at entry=0x7f86bb1a98, name=name at entry=0x7f86e1cb88 <PyId_writable.lto_priv.58>,
format=format at entry=0x0) at Objects/abstract.c:2677
#3 0x0000007f86d2fbb0 in _io_TextIOWrapper___init___impl (write_through=0, line_buffering=1, newline=<optimized out>, errors=0x7f86d6d810 "strict",
encoding=<optimized out>, buffer=0x7f86bb1a98, self=<optimized out>) at ./Modules/_io/textio.c:1017
#4 _io_TextIOWrapper___init__ (self=0x7f86b5e630, args=<optimized out>, kwargs=<optimized out>) at ./Modules/_io/clinic/textio.c.h:173
#5 0x0000007f86cabf94 in type_call (type=<optimized out>, args=0x7f86b2c0a0, kwds=0x0) at Objects/typeobject.c:915
#6 0x0000007f86c5f25c in PyObject_Call (func=0x7f86e083b0 <PyTextIOWrapper_Type>, args=<optimized out>, kwargs=kwargs at entry=0x0)
at Objects/abstract.c:2261
#7 0x0000007f86c5f30c in call_function_tail (callable=callable at entry=0x7f86e083b0 <PyTextIOWrapper_Type>, args=<optimized out>, args at entry=0x7f86b2c0a0)
at Objects/abstract.c:2512
#8 0x0000007f86c96d5c in callmethod (func=func at entry=0x7f86e083b0 <PyTextIOWrapper_Type>, format=format at entry=0x7f86d7d4de "OsssO", va=...,
is_size_t=is_size_t at entry=0) at Objects/abstract.c:2596
#9 0x0000007f86cbc8c8 in _PyObject_CallMethodId (o=o at entry=0x7f86adf098, name=name at entry=0x7f86e1e0c0 <PyId_TextIOWrapper.12349>,
format=format at entry=0x7f86d7d4de "OsssO") at Objects/abstract.c:2640
#10 0x0000007f86cd8dec in create_stdio (io=<optimized out>, fd=<optimized out>, write_mode=<optimized out>, name=<optimized out>,
encoding=<optimized out>, errors=<optimized out>, io=<optimized out>, fd=<optimized out>, write_mode=<optimized out>, name=<optimized out>,
encoding=<optimized out>, errors=<optimized out>) at Python/pylifecycle.c:1154
#11 0x0000007f86cd91b4 in initstdio () at Python/pylifecycle.c:1277
#12 0x0000007f86d419cc in _Py_InitializeEx_Private (install_sigs=<optimized out>, install_importlib=<optimized out>, install_sigs=<optimized out>,
install_importlib=<optimized out>) at Python/pylifecycle.c:449
#13 0x0000007f86d41a70 in Py_InitializeEx (install_sigs=install_sigs at entry=1) at Python/pylifecycle.c:470
#14 0x0000007f86d41a78 in Py_Initialize () at Python/pylifecycle.c:476
#15 0x0000007f86d42c74 in Py_Main (argc=1, argv=0x7f86f10f60) at Modules/main.c:700
#16 0x000000558291db34 in main (argc=1, argv=0x7feb5b3e48) at ./Programs/python.c:69
Downstream reports:
https://bugs.alpinelinux.org/issues/9981
https://github.com/gliderlabs/docker-alpine/issues/486
----------
components: Interpreter Core
files: strace.out
messages: 336540
nosy: Natanael Copa
priority: normal
severity: normal
status: open
title: aarch64 python3 buffer overflow with stack protector on rpi3 (alpine linux)
versions: Python 3.6
Added file: https://bugs.python.org/file48168/strace.out
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue36107>
_______________________________________
More information about the New-bugs-announce
mailing list