Problem with Hardened Linux version.

Other talk that doesn't fit elsewhere.
This is for General Discussion, not General chat.
Post Reply
2_Late
Rookie
Rookie
Posts: 29
Joined: 06 Sep 2007, 23:21

Problem with Hardened Linux version.

Post by 2_Late »

My problem: I want to disable the timer, I like taking my time to build up my bases and methodically pick my enemy apart, simultaneous bombing, bombardment, and hit and run attacks to pick apart my target's defensive wall. Well, before sending in two commanders with 20ish rank 5 or more tanks /w short range artillery and repair units. The pathing AI is a nightmare, but that's neither here nor there.

Anyrate, from what I gather the .rpm provider for Fedora Linux hardens the source when he/she compiles it to prevent buffer overruns among other things. The problem is the way the chat system is built, from what I gather, the array that holds the chat text is written in such a way it's no kosher with this(My guess something the in the way it's dynamically declared, or the way the stack is written) and I can't enter more then one character at a time when trying to chat.

My question: I know the --cheat command adds a line to the conf(~/.Warzone2100/config) file, but can the cheats themselves be enabled there?

Some random links, just in case you cared or want to know what I'm babbling about:
http://en.wikipedia.org/wiki/SELinux
http://en.wikipedia.org/wiki/Comparison ... y_features
User avatar
DevUrandom
Regular
Regular
Posts: 1690
Joined: 31 Jul 2006, 23:14

Re: Problem with Hardened Linux version.

Post by DevUrandom »

Hm, maybe we should fix the cause instead of the symptoms.

That you say this is hardened related is extremely interesting. Till now I knew there were issues with the chat on some machines, but I had no clue how that could happen. Especially when it worked perfectly well on most machines.

I'll see if I can find anything in that direction. If you can give any more information, it is greatly appreciated. (How did you find out it's the hardened toolchain causing this? And which function do you talk about? src/keybind.c:kf_SendTextMessage?)

I can not reproduce this with -fstack-protector and GCC 4.1.2 on our trunk, so this does not seem to be the ssp part of the hardened toolchain...
2_Late
Rookie
Rookie
Posts: 29
Joined: 06 Sep 2007, 23:21

Re: Problem with Hardened Linux version.

Post by 2_Late »

Forgive, I sound like I know more then I do("A lot of general stuff about a lot of specific things"  :P) I read too many Wiki pages and watched too much Discovery channel back when it was interesting :)

As for the function that is failing I have no idea right now, last time I looked at sourse code I got a headache :P The reason this is my guess are two posts, the first one I saw on this it was suggested that it was some security feature going over bored which brought back something I read about code "hardening" with Fedora that computed what size(s) a array would or use and set boundrys to prevent buffer overflows.

The second someone had the same problem, but pulled down the same source, iirc, and compiled the same code locally without this problem. Which is why I guess it was issue with the way it was compiled and not the code directly. I do not think this it was a library issue because, presumably, if they if they do have access to a .rpm of Warzone2100 the same software that knows how to use one of them would keep any relevant libraries up to date, or at least inform you when they where not in sync with the .rpm package.

Basically the theory is that who ever makes the .rpm package for Fedora either a added header somewhere that overrides the standard libraries with the same function but with security features -OR- the SELinux kernel doesn't like that the character array? that stores the chat line has no limit and caps it at a default of one character. The idea behind that is to prevent "bad" code from reading information beyond what it should be able too, a overflow. (Reading the 90th byte of information, that's really a credit card number or something in memory, in what is a 80 byte array.)

The first set of posts, I can't find the second again.
Giel August 09, 2007, 02:55:37 pm wrote:
NachoGomez on August 09, 2007, 09:11:56 am wrote:Hi, I'm using openSUSE Linux 10.2 and WZ (2.0.7) is working pretty fine, but when I enable cheat mode I can't activate any cheat, when I press 't' I can type just one letter, at the time I type another the first one dissapears, so the whole word never gets typed, what can I do???
Sounds like some kind of buffer overflow protection gone nuts. You might want to try & disable whatever piece of software that attempts to prevent buffer overflows with warzone.
Giel August 13, 2007, 03:57:25 pm wrote:I remember reading about some kind of "security" library which does this kind of stuff some time ago. Not sure how it's called though. It might just as well be an entirely different problem though.
openSUSE uses the SELinux kernel just like Fedora. One sec, now that you made me think about it, thanks, let duck, cover, and disable the SE functions and see what happens.

Edit: Nope, whatever it is it's a function of the program not getting along with the openSUSE and Fedora distributions, or the way it was compiled. Which I will try to compile 2.0.7? tomorrow when I have time(to make sure it doesn't overwrite something else I have on my hard drive) and see what happens.

Edit2: Something to report after staying up too late,

Fedora 7 does not currently officially offer the PhysicsFS library in its repository. There is a old version 1.0.0 left over from Fedora Core 6, but not for 7. The Alpha tech release, Fedora 8, offers 1.0.1 at last look. The current version is 1.1.1 . openSUSE 10.2 is in same bout, It's repository only goes up to 1.0.1 .

Anything in in the chat system link to the libphysfs library?
Last edited by 2_Late on 07 Sep 2007, 10:02, edited 1 time in total.
User avatar
DevUrandom
Regular
Regular
Posts: 1690
Joined: 31 Jul 2006, 23:14

Re: Problem with Hardened Linux version.

Post by DevUrandom »

PhysFS 1.1 are development versions. Something like a preview for devs. We don't use that and 1.0 is enough for Warzone.
And PhysFS is not used for the chat console, no. It just can do filesystem abstraction. (I.e. access content inside zipfiles just as you would access a normal file.)

As for the overflow protection:
As far as I know this is what is also called SSP (stack smashing protection).
If you happen to have an array local to a function (which will thus end up on the stack) the compiler adds an extra byte with a specific content (i.e. a specific number) before and after the return address on the stack. Before the function uses that address to return to its caller, it will first check whether the guard-bytes are still correct and it will raise an error when it is not.
So when you would accidentially overwrite the return address (because you don't pay attention to the array bounds) you can't accidentially jump into a wrong location.

An attacker could load program code into an application like Warzone (eg. by loading making it load a manipulated texture) and then try to make the application fill an array with the location (in memory) of his malicious code (in the image). When we overflow the array on the stack, we would accidentially write the address over our return address.
When we would try to return to our calling function now, we would instead land in the malicious code, which would get executed. With all the permissions the user running the application has. That is why you should run as little as possible under the root account.

If this is what you and Giel were talking about, I wonder why it would cause such funny behaviour instead of crashing...
Giel
Regular
Regular
Posts: 725
Joined: 26 Dec 2006, 19:18
Contact:

Re: Problem with Hardened Linux version.

Post by Giel »

I do know that the way how the chat system handles its textbuffer is nasty, very, very nasty. In trunk it could first cause a buffer overflow (just typing about 60~80 characters would give you a segfault), I fixed that overflow though. That doesn't fix the nasty&bad buffer handling there (I believe that code also takes some SDL keyevents out of the main event loop, either way it does way too much in just one function).
"First make sure it works good, only then make it look good." -- Giel
Want to tip/donate? bitcoin:1EaqP4ZPMvUffazTxm7stoduhprzeabeFh
2_Late
Rookie
Rookie
Posts: 29
Joined: 06 Sep 2007, 23:21

Re: Problem with Hardened Linux version.

Post by 2_Late »

I bring good news, the your code is most likely, almost certainly, not at fault so you can breath easy there. Whatever the issue is with the Fedora/openSUSE of Warzone2100 is it's not the dev teams doing. I did a ./configure and make. Warzone2100 ran fine from the src directory.

...After trying to avoid it I finally had to pull the development packages of PhysicsFS* from the Fedora 8 repository and install them on my Fedora 7 box. After that and hunting down a few other development RPMs in the repository I was able to compile Warzone2100 without the chat bug. So whatever the issue is it's with whom ever is currently up-keeping the package. Which is a shame because they they're on the ball, they sent out the last hot fix update before I even knew I needed, the day of if I remember correctly.

At some point I'm going pull their contact information off the RPM but right now it's too much trouble for me to remember how:P I'm working on reconstructing the .rpm, but the last source rpm was 2.0.6. So I'm relearning a few things before I start messing with it. Seeing that not all the library's are not hard but not simple to get. I'm cataloging all the code from the ground up to include in one massive stand alone 2.0.7 source rpm so anyone can just grab it, start compiling, grab something to drink, and sit back down to play:) If I post it just don't expect me to upkeep it, I'm not done yet and there looks to be at least 20 separate programs/library I have to organize into a usable format. It would be simple to EMail who ever is maintain the PhysicsFS library for red hat and tell them to get it in gear.

*physfs-1.0.1-6.fc8.i386.rpm & physfs-devel-1.0.1-6.fc8.i386.rpm I didn't see any conflicts with fc7 but that doesn't mean there are not any.

Edit: Btw, a little bit of a easier read on SELinux

and if I may write another essay when a paragraph will do:P There is no way to disable the timer from the configuration file?

Edit 2: More oddities. The binary, warzone2100, that the package installed is only 1.6 MB (1645436 bytes). The one I compiled, 4.5 MB (4725214 bytes). Whomever is compile it may have a not so hot "optimization" that's optimizing the wrong thing.
Last edited by 2_Late on 08 Sep 2007, 06:27, edited 1 time in total.
Giel
Regular
Regular
Posts: 725
Joined: 26 Dec 2006, 19:18
Contact:

Re: Problem with Hardened Linux version.

Post by Giel »

2_Late wrote: and if I may write another essay when a paragraph will do:P There is no way to disable the timer from the configuration file?
Nope.
2_Late wrote: Edit 2: More oddities. The binary, warzone2100, that the package installed is only 1.6 MB (1645436 bytes). The one I compiled, 4.5 MB (4725214 bytes). Whomever is compile it may have a not so hot "optimization" that's optimizing the wrong thing.
Either that or they stripped their binary, of debugging symbols, while you didn't.
"First make sure it works good, only then make it look good." -- Giel
Want to tip/donate? bitcoin:1EaqP4ZPMvUffazTxm7stoduhprzeabeFh
2_Late
Rookie
Rookie
Posts: 29
Joined: 06 Sep 2007, 23:21

Re: Problem with Hardened Linux version.

Post by 2_Late »

Anything enabled or disable is by default in the http://download.gna.org/warzone/release ... .7.tar.bz2 download. I just compiled it(./configure;make) after remembering it doesn't overwrite anything until after the 'make install' command.
Post Reply