 |
 |
Hi Ulf, OK, after remapping the addresses in your stack trace to get the exact code path, I did indeed discover where the stack corruption came from. It is not caused by any user data so it cannot be used to compromise a server. It's simply that a too small buffer was passed to an internal function. Additionally, the problem would only manifest itself at log file rotation time (usually midnight). This is now fixed in git head. Since you have compiled 4.0.3 from source, you can apply the following source fix: XrdSysLogger.cc:418: char tbuff[24]; should be changed to XrdSysLogger.cc:418: char tbuff[32]; I will check with Lukasz whether we will back port this. Thank you for bringing this to our attention. Andy ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-L list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1