0

I am currently (trying) maintaining a small server/client system. The author abandoned the project 2 years ago. I don't really know C as I'm more at home with Swift.

So far it compiles/runs on a modern Linux. However when it comes to a file transfer the server crashes with the error *** stack smashing detected ***: terminated. I could fix this error by giving the gcc the flag -fno-stack-protector. But then I have the problem that the server runs permanently with a CPU load of 100% at some point. The task goes crazy.

The file which should be responsible for this is this one (I thinks so):

https://github.com/ProfDrLuigi/wired/blob/master/wired/transfers.c

To be honest I have no idea where to start. I think the server does this only since the OpenSSL libs were updated from 1.0 to 1.1 in the distro repos. Does anyone have an idea where to start?

Sascha7777
  • 89
  • 8
  • https://stackoverflow.com/questions/37970758/how-to-use-addresssanitizer-with-gcc – pm100 Jan 05 '23 at 19:39
  • 3
    additionally you could run it in a debugger which will mostly likely tell you where it's crashing. – yano Jan 05 '23 at 19:45
  • Consider running a sanitized build using ASan or MSan (preferably the former for buffer overflows) and seeing if you can get a useful stack trace to help pinpoint the cause. It's also worth noting that if you're overflowing buffers and smashing the stack, there may be a security vulnerability here, and disabling the stack protector is not a suitable band aid solution. – nanofarad Jan 05 '23 at 19:48
  • Here is the Debug output: https://pastebin.com/EZNy5viK – Sascha7777 Jan 05 '23 at 19:54

0 Answers0