rsync 3.3.0 still crashes with "*** buffer overflow detected ***: terminated"

[heitbaum]

• ref exclude: fix crashes with fortified strlcpy() #513, rsync crashes with "*** buffer overflow detected ***: terminated" #511, rsync crashes with "*** buffer overflow detected ***: terminated" #511 (comment)

Using rsync 3.3.0 compiled on Ubuntu:jammy and gcc-12 I have had no issue. But compiling the same rsync with gcc-13 on Ubuntu:noble. And then using rsync in a kernel build gives me the same error. (This is with the patch #513) included. So there must be another code with a similar issue. With rsync-3.2.7 I did not get this error (on either jammy or noble.)

execve("/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/bin/rsync", ["rsync", "-mrl", "--include=*/", "--include=*\\.h", "--exclude=*", "usr/include", "dest"], 0x7ffdfa601810 /* 192 vars */) = 0
brk(NULL)                               = 0x557effc6f000
arch_prctl(0x3001 /* ARCH_??? */, 0x7ffc110f5cd0) = -1 EINVAL (Invalid argument)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0c407c000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/glibc-hwcaps/x86-64-v3/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/glibc-hwcaps/x86-64-v3/", 0x7ffc110f4f00, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/glibc-hwcaps/x86-64-v2/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/glibc-hwcaps/x86-64-v2/", 0x7ffc110f4f00, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/libz.so.1", O_RDONLY|O_CLOEXEC) = 5
read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
newfstatat(5, "", {st_mode=S_IFREG|0644, st_size=109392, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 102792, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7fc0c4062000
mmap(0x7fc0c4065000, 57344, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x3000) = 0x7fc0c4065000
mmap(0x7fc0c4073000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x11000) = 0x7fc0c4073000
mmap(0x7fc0c407a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x17000) = 0x7fc0c407a000
close(5)                                = 0
openat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 5
newfstatat(5, "", {st_mode=S_IFREG|0644, st_size=13153, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 13153, PROT_READ, MAP_PRIVATE, 5, 0) = 0x7fc0c405e000
close(5)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 5
read(5, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\202\2\0\0\0\0\0"..., 832) = 832
pread64(5, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
newfstatat(5, "", {st_mode=S_IFREG|0755, st_size=2104632, ...}, AT_EMPTY_PATH) = 0
pread64(5, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
mmap(NULL, 2149776, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7fc0c3e51000
mmap(0x7fc0c3e77000, 1568768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x26000) = 0x7fc0c3e77000
mmap(0x7fc0c3ff6000, 348160, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x1a5000) = 0x7fc0c3ff6000
mmap(0x7fc0c404b000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x1f9000) = 0x7fc0c404b000
mmap(0x7fc0c4051000, 52624, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc0c4051000
close(5)                                = 0
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0c3e4e000
arch_prctl(ARCH_SET_FS, 0x7fc0c3e4e740) = 0
set_tid_address(0x7fc0c3e4ea10)         = 130915
set_robust_list(0x7fc0c3e4ea20, 24)     = 0
rseq(0x7fc0c3e4f060, 0x20, 0, 0x53053053) = 0
mprotect(0x7fc0c404b000, 16384, PROT_READ) = 0
mprotect(0x7fc0c407a000, 4096, PROT_READ) = 0
mprotect(0x557efde5d000, 8192, PROT_READ) = 0
mprotect(0x7fc0c40b3000, 8192, PROT_READ) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
munmap(0x7fc0c405e000, 13153)           = 0
rt_sigaction(SIGUSR1, {sa_handler=0x557efde0db40, sa_mask=[], sa_flags=SA_RESTORER|SA_NOCLDSTOP, sa_restorer=0x7fc0c3e93900}, NULL, 8) = 0
rt_sigaction(SIGUSR2, {sa_handler=0x557efde0e620, sa_mask=[], sa_flags=SA_RESTORER|SA_NOCLDSTOP, sa_restorer=0x7fc0c3e93900}, NULL, 8) = 0
rt_sigaction(SIGCHLD, {sa_handler=0x557efde0daa0, sa_mask=[], sa_flags=SA_RESTORER|SA_NOCLDSTOP, sa_restorer=0x7fc0c3e93900}, NULL, 8) = 0
rt_sigaction(SIGVTALRM, {sa_handler=0x557efde0e030, sa_mask=[], sa_flags=SA_RESTORER|SA_NOCLDSTOP, sa_restorer=0x7fc0c3e93900}, NULL, 8) = 0
geteuid()                               = 1000
getegid()                               = 1000
umask(000)                              = 022
umask(022)                              = 000
getrandom("\x60\x15\x56\xc1\x7d\xdd\x6f\x81", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x557effc6f000
brk(0x557effc90000)                     = 0x557effc90000
openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 5
newfstatat(5, "", {st_mode=S_IFREG|0644, st_size=3052896, ...}, AT_EMPTY_PATH) = 0
mmap(NULL, 3052896, PROT_READ, MAP_PRIVATE, 5, 0) = 0x7fc0c3b64000
close(5)                                = 0
openat(AT_FDCWD, "/etc/popt", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/home/docker/.popt", O_RDONLY) = -1 ENOENT (No such file or directory)
writev(2, [{iov_base="*** ", iov_len=4}, {iov_base="buffer overflow detected", iov_len=24}, {iov_base=" ***: terminated\n", iov_len=17}], 3*** buffer overflow detected ***: terminated
) = 45
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0c4061000
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
gettid()                                = 130915
getpid()                                = 130915
tgkill(130915, 130915, SIGABRT)         = 0
--- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=130915, si_uid=1000} ---
+++ killed by SIGABRT +++

[heitbaum]

Failing line in kernel build - this is with a current apt update;apt upgrade noble

quiet_cmd_headers_install = INSTALL $(INSTALL_HDR_PATH)/include
      cmd_headers_install = \
        mkdir -p $(INSTALL_HDR_PATH); \
        strace rsync -mrl --include='*/' --include='*\.h' --exclude='*' \
        usr/include $(INSTALL_HDR_PATH)

strace output

INSTALL dest/include
execve("/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/bin/rsync", ["rsync", "-mrl", "--include=*/", "--include=*\\.h", "--exclude=*", "usr/include", "dest"], 0x7ffef8947da0 /* 192 vars */) = 0
brk(NULL)                               = 0x55854adc8000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc193725000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/glibc-hwcaps/x86-64-v3/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/glibc-hwcaps/x86-64-v3/", 0x7ffed253b0b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/glibc-hwcaps/x86-64-v2/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
newfstatat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/glibc-hwcaps/x86-64-v2/", 0x7ffed253b0b0, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/libz.so.1", O_RDONLY|O_CLOEXEC) = 5
read(5, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
fstat(5, {st_mode=S_IFREG|0644, st_size=109424, ...}) = 0
mmap(NULL, 102792, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7fc19370b000
mmap(0x7fc19370e000, 57344, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x3000) = 0x7fc19370e000
mmap(0x7fc19371c000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x11000) = 0x7fc19371c000
mmap(0x7fc193723000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x17000) = 0x7fc193723000
close(5)                                = 0
openat(AT_FDCWD, "/var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 5
fstat(5, {st_mode=S_IFREG|0644, st_size=13317, ...}) = 0
mmap(NULL, 13317, PROT_READ, MAP_PRIVATE, 5, 0) = 0x7fc193707000
close(5)                                = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 5
read(5, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\243\2\0\0\0\0\0"..., 832) = 832
pread64(5, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
fstat(5, {st_mode=S_IFREG|0755, st_size=2125328, ...}) = 0
pread64(5, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
mmap(NULL, 2170256, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 5, 0) = 0x7fc1934f5000
mmap(0x7fc19351d000, 1605632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x28000) = 0x7fc19351d000
mmap(0x7fc1936a5000, 323584, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x1b0000) = 0x7fc1936a5000
mmap(0x7fc1936f4000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 5, 0x1fe000) = 0x7fc1936f4000
mmap(0x7fc1936fa000, 52624, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc1936fa000
close(5)                                = 0
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc1934f2000
arch_prctl(ARCH_SET_FS, 0x7fc1934f2740) = 0
set_tid_address(0x7fc1934f2a10)         = 430393
set_robust_list(0x7fc1934f2a20, 24)     = 0
rseq(0x7fc1934f3060, 0x20, 0, 0x53053053) = 0
mprotect(0x7fc1936f4000, 16384, PROT_READ) = 0
mprotect(0x7fc193723000, 4096, PROT_READ) = 0
mprotect(0x55854a1fe000, 8192, PROT_READ) = 0
mprotect(0x7fc19375d000, 8192, PROT_READ) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
munmap(0x7fc193707000, 13317)           = 0
rt_sigaction(SIGUSR1, {sa_handler=0x55854a1aeb40, sa_mask=[], sa_flags=SA_RESTORER|SA_NOCLDSTOP, sa_restorer=0x7fc19353a320}, NULL, 8) = 0
rt_sigaction(SIGUSR2, {sa_handler=0x55854a1af620, sa_mask=[], sa_flags=SA_RESTORER|SA_NOCLDSTOP, sa_restorer=0x7fc19353a320}, NULL, 8) = 0
rt_sigaction(SIGCHLD, {sa_handler=0x55854a1aeaa0, sa_mask=[], sa_flags=SA_RESTORER|SA_NOCLDSTOP, sa_restorer=0x7fc19353a320}, NULL, 8) = 0
rt_sigaction(SIGVTALRM, {sa_handler=0x55854a1af030, sa_mask=[], sa_flags=SA_RESTORER|SA_NOCLDSTOP, sa_restorer=0x7fc19353a320}, NULL, 8) = 0
geteuid()                               = 1000
getegid()                               = 1000
umask(000)                              = 022
umask(022)                              = 000
getrandom("\x23\xc3\xb8\x30\xc8\x44\x17\x04", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55854adc8000
brk(0x55854ade9000)                     = 0x55854ade9000
openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 5
fstat(5, {st_mode=S_IFREG|0644, st_size=3055776, ...}) = 0
mmap(NULL, 3055776, PROT_READ, MAP_PRIVATE, 5, 0) = 0x7fc193207000
close(5)                                = 0
openat(AT_FDCWD, "/etc/popt", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/home/docker/.popt", O_RDONLY) = -1 ENOENT (No such file or directory)
writev(2, [{iov_base="*** ", iov_len=4}, {iov_base="buffer overflow detected", iov_len=24}, {iov_base=" ***: terminated\n", iov_len=17}], 3*** buffer overflow detected ***: terminated
) = 45
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc19370a000
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
gettid()                                = 430393
getpid()                                = 430393
tgkill(430393, 430393, SIGABRT)         = 0
--- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=430393, si_uid=1000} ---
+++ killed by SIGABRT +++
Aborted

[thesamesam]

Please get a backtrace from gdb. syscalls aren't so relevant here.

[heitbaum]

Hope this helps

Starting program: /var/media/DATA/home-rudi/LibreELEC.tv/build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/bin/rsync -mrl --include=\*/ --include=\*\\.h --exclude=\* usr/include dest
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
*** buffer overflow detected ***: terminated

Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
warning: 44     ./nptl/pthread_kill.c: No such file or directory
(gdb) bt
#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
#1  __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
#2  __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
#3  0x00007ffff7dd226e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#4  0x00007ffff7db58ff in __GI_abort () at ./stdlib/abort.c:79
#5  0x00007ffff7db67b6 in __libc_message_impl (fmt=fmt@entry=0x7ffff7f5b765 "*** %s ***: terminated\n")
    at ../sysdeps/posix/libc_fatal.c:132
#6  0x00007ffff7ec3c19 in __GI___fortify_fail (msg=msg@entry=0x7ffff7f5b74c "buffer overflow detected")
    at ./debug/fortify_fail.c:24
#7  0x00007ffff7ec35d4 in __GI___chk_fail () at ./debug/chk_fail.c:28
#8  0x00007ffff7ec5019 in __strlcpy_chk (s1=<optimized out>, s2=<optimized out>, n=<optimized out>, 
    s1len=<optimized out>) at ./debug/strlcpy_chk.c:28
#9  0x00005555555b13d6 in poptDupArgv ()
#10 0x0000555555588258 in parse_arguments ()
#11 0x000055555555cd9e in main ()

[thesamesam]

Hm. What version of the popt library is this?

[tridge]

@heitbaum can you try with valgrind?

[heitbaum]

With -ggdb -Og

getting valgrind now.

(gdb) bt
#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
#1  __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
#2  __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
#3  0x00007ffff7dd226e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#4  0x00007ffff7db58ff in __GI_abort () at ./stdlib/abort.c:79
#5  0x00007ffff7db67b6 in __libc_message_impl (fmt=fmt@entry=0x7ffff7f5b765 "*** %s ***: terminated\n")
    at ../sysdeps/posix/libc_fatal.c:132
#6  0x00007ffff7ec3c19 in __GI___fortify_fail (msg=msg@entry=0x7ffff7f5b74c "buffer overflow detected")
    at ./debug/fortify_fail.c:24
#7  0x00007ffff7ec35d4 in __GI___chk_fail () at ./debug/chk_fail.c:28
#8  0x00007ffff7ec5019 in __strlcpy_chk (s1=s1@entry=0x5555555ddbe8 "", s2=<optimized out>, n=n@entry=41, 
    s1len=s1len@entry=17) at ./debug/strlcpy_chk.c:28
#9  0x00005555555a8e79 in strlcpy (__n=41, __src=<optimized out>, __dest=0x5555555ddbe8 "")
    at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:156
#10 poptDupArgv (argc=argc@entry=2, argv=argv@entry=0x5555555dd6d0, argcPtr=argcPtr@entry=0x7fffffffa25c, 
    argvPtr=argvPtr@entry=0x7fffffffa250) at ../popt/poptparse.c:41
#11 0x0000555555584af6 in parse_arguments (argc_p=argc_p@entry=0x7fffffffa25c, 
    argv_p=argv_p@entry=0x7fffffffa250) at ../options.c:2083
#12 0x000055555557a2ad in main (argc=<optimized out>, argv=<optimized out>) at ../main.c:1780

[heitbaum]

valgrind

==118918== Memcheck, a memory error detector
==118918== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==118918== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info
==118918== Command: rsync -mrl --include=*/ --include=*\\.h --exclude=* usr/include dest
==118918== 
*** buffer overflow detected ***: terminated
==118918== 
==118918== Process terminating with default action of signal 6 (SIGABRT): dumping core
==118918==    at 0x4915B1C: __pthread_kill_implementation (pthread_kill.c:44)
==118918==    by 0x4915B1C: __pthread_kill_internal (pthread_kill.c:78)
==118918==    by 0x4915B1C: pthread_kill@@GLIBC_2.34 (pthread_kill.c:89)
==118918==    by 0x48BC26D: raise (raise.c:26)
==118918==    by 0x489F8FE: abort (abort.c:79)
==118918==    by 0x48A07B5: __libc_message_impl.cold (libc_fatal.c:132)
==118918==    by 0x49ADC18: __fortify_fail (fortify_fail.c:24)
==118918==    by 0x49AD5D3: __chk_fail (chk_fail.c:28)
==118918==    by 0x49AF018: __strlcpy_chk (strlcpy_chk.c:28)
==118918==    by 0x15CE78: strlcpy (string_fortified.h:156)
==118918==    by 0x15CE78: poptDupArgv (poptparse.c:41)
==118918==    by 0x138AF5: parse_arguments (options.c:2083)
==118918==    by 0x12E2AC: main (main.c:1780)
==118918== 
==118918== HEAP SUMMARY:
==118918==     in use at exit: 5,380 bytes in 46 blocks
==118918==   total heap usage: 52 allocs, 6 frees, 5,630 bytes allocated
==118918== 
==118918== 10 bytes in 3 blocks are definitely lost in loss record 9 of 25
==118918==    at 0x484E0EA: realloc (vg_replace_malloc.c:1690)
==118918==    by 0x1591D8: expandNextArg (popt.c:638)
==118918==    by 0x15A54E: poptGetNextOpt (popt.c:882)
==118918==    by 0x136F27: parse_arguments (options.c:1378)
==118918==    by 0x12E2AC: main (main.c:1780)
==118918== 
==118918== LEAK SUMMARY:
==118918==    definitely lost: 10 bytes in 3 blocks
==118918==    indirectly lost: 0 bytes in 0 blocks
==118918==      possibly lost: 0 bytes in 0 blocks
==118918==    still reachable: 5,370 bytes in 43 blocks
==118918==         suppressed: 0 bytes in 0 blocks
==118918== Reachable blocks (those to which a pointer was found) are not shown.
==118918== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==118918== 
==118918== For lists of detected and suppressed errors, rerun with: -s
==118918== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Aborted

[thesamesam]

Hm. What version of the popt library is this?

Ah, upstream popt doesn't use strlcpy in its poptDupArgv, but rsync's bundled copy does: https://github.com/RsyncProject/rsync/blob/master/popt/poptparse.c#L39. The bundled copy of popt looks like it needs a sync with upstream too.

With regard to Valgrind: note that _FORTIFY_SOURCE, in particular _FORTIFY_SOURCE=3 is aggressive on aborting where the sizes are possibly too small (output buffer may be too small even if it isn't in this case), not necessarily too small. So the Valgrind output isn't illustrative here, unfortunately. See #511 (comment).

[heitbaum]

Here is the output from the build host - VERSION="24.04 LTS (Noble Numbat)" - we are using --with-included-popt for the rsync build.

$ ldd ./build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/bin/rsync
        linux-vdso.so.1 (0x00007ffcbd18d000)
        libz.so.1 => ./build.LibreELEC-Generic.x86_64-12.0-devel/toolchain/lib/libz.so.1 (0x00007f6a2b060000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f6a2ae4a000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f6a2b104000)

$ apt list --installed | grep -e libc6 -e opt
libc6-dev/noble,now 2.39-0ubuntu8 amd64 [installed]
libc6/noble,now 2.39-0ubuntu8 amd64 [installed]

[tridge]

fixed in this PR: #592

[heitbaum]

tested and working