From brian@Awfulhak.org  Tue Sep 22 11:41:32 1998
Received: from awfulhak.org (awfulhak.force9.co.uk [195.166.136.63])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA29278
          for <FreeBSD-gnats-submit@freebsd.org>; Tue, 22 Sep 1998 11:39:19 -0700 (PDT)
          (envelope-from brian@Awfulhak.org)
Received: from woof.lan.awfulhak.org (brian@woof.lan.awfulhak.org [172.16.0.7])
	by awfulhak.org (8.8.8/8.8.8) with ESMTP id TAA19605
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 22 Sep 1998 19:38:12 +0100 (BST)
	(envelope-from brian@Awfulhak.org)
Received: (from brian@localhost)
	by woof.lan.awfulhak.org (8.9.1/8.9.1) id PAA10422;
	Tue, 22 Sep 1998 15:23:58 +0100 (BST)
	(envelope-from brian)
Message-Id: <199809221423.PAA10422@woof.lan.awfulhak.org>
Date: Tue, 22 Sep 1998 15:23:58 +0100 (BST)
From: Brian Somers <brian@Awfulhak.org>
Reply-To: brian@Awfulhak.org
To: FreeBSD-gnats-submit@freebsd.org
Subject: __warn_references() overflows under ELF
X-Send-Pr-Version: 3.2

>Number:         8028
>Category:       bin
>Synopsis:       __warn_references() overflows under ELF
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Sep 22 11:50:00 PDT 1998
>Closed-Date:    Wed Sep 23 21:42:43 PDT 1998
>Last-Modified:  Wed Sep 23 21:43:47 PDT 1998
>Originator:     Brian Somers
>Release:        FreeBSD 3.0-CURRENT i386
>Organization:
Awfulhak Ltd.
>Environment:

	Cold and damp....

	FreeBSD woof.lan.awfulhak.org 3.0-CURRENT FreeBSD 3.0-CURRENT #2: Fri Sep 18 14:53:49 BST 1998     brian@woof.lan.awfulhak.org:/usr/src/sys/compile/WOOF  i386
	cvsup done ~Sep 17
	[ECP]-Day done, /etc/objformat says OBJFORMAT=elf

	$ fgrep Id /usr/include/sys/cdefs.h
	* $Id: cdefs.h,v 1.21 1998/08/24 06:17:01 bde Exp $

>Description:

	The use of __warn_references causes an overflow

>How-To-Repeat:

	ln -s AJ /etc/malloc.conf
	echo '#include <sys/cdefs.h>' >foo.c
	echo '__warn_references(foo, "foo called !");' >>foo.c
	echo 'void foo() {}' >>foo.c
	echo 'int main() { foo(); }' >main.c
	cc main.c foo.c

	Produces:

	/var/tmp/ccJ103741.o: In function `main':
	/var/tmp/ccU103831.o(.text+0x4): foo called !!
ELF```

>Fix:
	
	Don't use __warn_references().  This only really breaks the use of
	programs that use gets() which has a __warn_references() call.

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: jdp 
State-Changed-When: Wed Sep 23 21:42:43 PDT 1998 
State-Changed-Why:  
Already fixed in src/contrib/binutils/bfd/elflink.h revision 1.2. 
Note, this PR is the same as bin/7980. 
>Unformatted:
