Hi!
On Mon, 23 Sep 2024, I wrote:
So from my perspective there is some problem with the compile options
or hardening in Ubuntu 24.04, which breaks the xymon package, while
4.3.30-1build3 used a different build system (Ubuntu 23.10), which
wasn't that strict and didn't run into issues.
Maybe I should compare compiler options between Ubuntu 24.04 and
Debian 12 (and/or Debian unstable) and try to reproduce the issue on
Debian.
Or I should try to find out, where the "buffer overflow detected"
messages come from and fix the root cause.
But that's a job for another day...
Today I dug a bit deeper and found out that the relevant difference
between Debian unstable and Ubuntu 24.04 is, that Ubuntu uses
-D_FORTIFY_SOURCE=3 since 24.04, while Debian still uses
-D_FORTIFY_SOURCE=2.
dpkg-dpkg-buildflags --get CPPFLAGS shows this difference:
Debian unstable: -Wdate-time -D_FORTIFY_SOURCE=2
Ubuntu 24.04: -Wdate-time -D_FORTIFY_SOURCE=3
To change this behavior just set environment variable
DEB_CPPFLAGS_MAINT_SET="-Wdate-time -D_FORTIFY_SOURCE=2" on Ubuntu
or
DEB_CPPFLAGS_MAINT_SET="-Wdate-time -D_FORTIFY_SOURCE=3" on Debian
This doesn't fix the issue bug shows the problem trigger:
FORTIFY_SOURCE=3 implements better fortification and more security
regarding to buffer overflows, but there seem to be some bugs in xymon
sources, that trigger these checks and stop some modules working.
Next step would be digging deeper and finding the root causes of these
buffer overflows and to fix them, maybe some upstream xymon developer,
since my C skills are quite limited :-(
Greetings
Roland