emo/openrc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,876 Commits 1 Branch 0 Tags 7.8 MiB
C 65.8%
Shell 29.7%
Meson 4.3%
Perl 0.2%
0ddee9b7d2
Go to file
Sergei Trofimovich 0ddee9b7d2 openrc-init: fix buffer overflow in init.ctl 
How to reproduce 1-byte overflow:

```
$ FEATURES=-test CFLAGS="-fsanitize=address -O0 -ggdb3" emerge -1 openrc

=================================================================
==1==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fff0efd8710
    at pc 0x000000402076 bp 0x7fff0efd7d50 sp 0x7fff0efd7d40
WRITE of size 1 at 0x7fff0efd8710 thread T0
    #0 0x402075  (/sbin/openrc-init+0x402075)
    #1 0x3cf6e2070f in __libc_start_main (/lib64/libc.so.6+0x3cf6e2070f)
    #2 0x4013b8  (/sbin/openrc-init+0x4013b8)

Address 0x7fff0efd8710 is located in stack of thread T0 at offset 2432 in frame
    #0 0x401cfb  (/sbin/openrc-init+0x401cfb)

  This frame has 3 object(s):
    [32, 160) 'signals'
    [192, 344) 'sa'
    [384, 2432) 'buf' <== Memory access at offset 2432 overflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow ??:0 ??
```

The problem here is in the code handling reads from 'init.ctl':

```
int main(int argc, char **argv) {
...
    char buf[2048];
    for (;;) {
        /* This will block until a command is sent down the pipe... */
        fifo = fopen(RC_INIT_FIFO, "r");
        count = fread(buf, 1, 2048, fifo);
        buf[count] = 0;
        ...
    }
```

`buf[count] = 0;` writes outside the buffer when `fread()` returns non-truncated read.

This fixes #138.
2017-05-30 16:21:23 -05:00
conf.d typo fix 2017-05-22 12:52:58 -05:00
etc add init process 2017-04-06 17:13:59 -05:00
init.d typo fix 2017-05-22 12:52:58 -05:00
local.d local.d/README: typo fix 2016-08-15 13:47:06 -05:00
man openrc-shutdown: add dry-run option 2017-05-22 12:42:37 -05:00
mk mk/cc.mk: make implicit function declarations fatal (#136) 2017-05-30 03:51:42 -04:00
pkgconfig Revert "Make einfo routines private" 2013-10-21 13:49:41 -05:00
runlevels runlevels: remove bad trailing backslash 2016-12-12 15:13:26 -05:00
scripts scripts: make sure the rc-sstat symlink is always replaced 2017-02-22 14:25:02 -06:00
sh supervise-daemon:create multiple options from --respawn-limit 2017-05-10 18:13:23 -05:00
src openrc-init: fix buffer overflow in init.ctl 2017-05-30 16:21:23 -05:00
support move init.d examples under support and install them 2017-02-22 14:45:16 -06:00
sysctl.d sysctl.d: fix README 2012-02-10 09:17:22 -06:00
test test/setup_env: ensure that eval_ecolors is available on the path. 2017-01-31 17:27:13 -06:00
.gitignore dist: convert to tar.gz 2016-09-23 15:28:56 -05:00
agetty-guide.md agetty-guide: typo fix 2017-03-31 10:34:41 -05:00
AUTHORS Convert OpenRC to a centralized copyright/license structure 2015-12-21 12:16:06 -06:00
BUSYBOX.md init.d/loopback: drop scope on loopback 2016-10-25 10:49:14 -05:00
ChangeLog update ChangeLog 2017-05-11 22:00:41 -05:00
FEATURE-REMOVAL-SCHEDULE.md Fix typo 2016-01-19 16:30:41 -06:00
guide.md Fix typo in guide.md 2017-01-26 17:07:01 -06:00
HISTORY.md Convert OpenRC to a centralized copyright/license structure 2015-12-21 12:16:06 -06:00
LICENSE Convert OpenRC to a centralized copyright/license structure 2015-12-21 12:16:06 -06:00
Makefile install support files 2017-02-18 15:52:28 -06:00
Makefile.inc version 0.27 2017-05-12 17:14:15 -05:00
NEWS.md add init process 2017-04-06 17:13:59 -05:00
README.md move init.d examples under support and install them 2017-02-22 14:45:16 -06:00
README.newnet Remove gentoo's net.* scripts 2013-08-13 16:33:41 -05:00
runit-guide.md Add support for runit 2016-07-27 16:26:26 -05:00
s6-guide.md s6-guide: fix typo 2016-07-25 13:52:38 -05:00
STYLE-GUIDE.md Convert style guide to markdown 2015-04-22 15:54:40 -05:00
supervise-daemon-guide.md supervise-daemon: clarify documentation about configuring daemon not to fork 2016-05-24 12:55:50 -05:00
TODO Add a potential future problem I can see with metric calculation and interfaces that change often. 2012-03-02 19:51:09 +00:00

README.md

OpenRC README

OpenRC is a dependency-based init system that works with the system-provided init program, normally /sbin/init. Currently, it does not have an init program of its own.

Installation

OpenRC requires GNU make.

Once you have GNU Make installed, the default OpenRC installation can be executed using this command:

make install

Configuration

You may wish to configure the installation by passing one or more of the below arguments to the make command

PROGLDFLAGS=-static
LIBNAME=lib64
DESTDIR=/tmp/openrc-image
MKNET=no
MKPAM=pam
MKPREFIX=yes
MKPKGCONFIG=no
MKSELINUX=yes
MKSTATICLIBS=no
MKTERMCAP=ncurses
MKTERMCAP=termcap
PKG_PREFIX=/usr/pkg
LOCAL_PREFIX=/usr/local
PREFIX=/usr/local
BRANDING=\"Gentoo/$(uname -s)\"

Notes

We don't support building a static OpenRC with PAM.

You may need to use PROGLDFLAGS=-Wl,-Bstatic on glibc instead of just -static.

If you are building OpenRC for a Gentoo Prefix installation, add MKPREFIX=yes.

PKG_PREFIX should be set to where packages install to by default.

LOCAL_PREFIX should be set when to where user maintained packages are. Only set LOCAL_PREFIX if different from PKG_PREFIX.

PREFIX should be set when OpenRC is not installed to /.

If any of the following files exist then we do not overwrite them

/etc/devd.conf
/etc/rc
/etc/rc.shutdown
/etc/conf.d/*

rc and rc.shutdown are the hooks from the BSD init into OpenRC.

devd.conf is modified from FreeBSD to call /etc/rc.devd which is a generic hook into OpenRC.

inittab is the same, but for SysVInit as used by most Linux distributions. This can be found in the support folder.

Obviously, if you're installing this onto a system that does not use OpenRC by default then you may wish to backup the above listed files, remove them and then install so that the OS hooks into OpenRC.

Reporting Bugs

If you are using Gentoo Linux, bugs can be filed on their bugzilla under the gentoo hosted projects product and the openrc component [1]. Otherwise, you can report issues on our github [2].

Better yet, if you can contribute code, please feel free to submit pull requests [3].

IRC Channel

We have an official irc channel, #openrc on freenode, feel free to join us there.

[1] https://bugs.gentoo.org/ [2] https://github.com/openrc/openrc/issues [3] https://github.com/openrc/openrc/pulls