[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
executable stacks in gmp 4.1.4
From: |
Daniel |
Subject: |
executable stacks in gmp 4.1.4 |
Date: |
Thu, 29 Dec 2005 22:31:57 +1100 |
User-agent: |
KMail/1.8.2 |
gmp-4.1.4 compiles with executable stacks.
This occurs in the gmp-4.1.2-r2 gentoo ebuild:
http://www.gentoo.org/cgi-bin/viewcvs.cgi/dev-libs/gmp/gmp-4.1.4-r2.ebuild?view=markup
The patches used by this ebuild are added are here:
http://www.gentoo.org/cgi-bin/viewcvs.cgi/dev-libs/gmp/files/
I recently attached the nostackexec patch (attached) to fix bug 115038
http://bugs.gentoo.org/show_bug.cgi?id=115038. I understand it is probably not
how you want to apply it however I was unsure as to what form you would like it.
Nature of fault:
When compiled the ELF markings of the gmp library have executable stacks.
As described http://www.gentoo.org/proj/en/hardened/gnu-stack.xml (Section 4 -
Check objects by hand)
$ readelf -S /var/tmp/portage/gmp-4.1.4-r2/image/usr/lib/libgmp.so.3.3.3
There are 34 section headers, starting at offset 0xe1f234:
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .hash HASH 000000f4 0000f4 000b08 04 A 2 0 4
[ 2] .dynsym DYNSYM 00000bfc 000bfc 001b90 10 A 3 12 4
[ 3] .dynstr STRTAB 0000278c 00278c 001927 00 A 0 0 1
[ 4] .gnu.version VERSYM 000040b4 0040b4 000372 02 A 2 0 2
[ 5] .gnu.version_r VERNEED 00004428 004428 000060 00 A 3 1 4
[ 6] .rel.dyn REL 00004488 004488 000280 08 A 2 0 4
[ 7] .rel.plt REL 00004708 004708 0005a0 08 A 2 9 4
[ 8] .init PROGBITS 00004ca8 004ca8 000017 00 AX 0 0 4
[ 9] .plt PROGBITS 00004cc0 004cc0 000b50 04 AX 0 0 4
[10] .text PROGBITS 00005820 005820 0319d0 00 AX 0 0 32
[11] .fini PROGBITS 000371f0 0371f0 00001b 00 AX 0 0 4
[12] .rodata PROGBITS 00037220 037220 003dc8 00 A 0 0 32
[13] .eh_frame PROGBITS 0003afe8 03afe8 000004 00 A 0 0 4
[14] .ctors PROGBITS 0003ba50 03ba50 000008 00 WA 0 0 4
[15] .dtors PROGBITS 0003ba58 03ba58 000008 00 WA 0 0 4
[16] .jcr PROGBITS 0003ba60 03ba60 000004 00 WA 0 0 4
[17] .data.rel.ro PROGBITS 0003ba80 03ba80 00014c 00 WA 0 0 32
[18] .dynamic DYNAMIC 0003bbcc 03bbcc 0000d8 08 WA 3 0 4
[19] .got PROGBITS 0003bca4 03bca4 000358 04 WA 0 0 4
[20] .data PROGBITS 0003c000 03c000 000018 00 WA 0 0 4
[21] .bss NOBITS 0003c018 03c018 000024 00 WA 0 0 4
[22] .comment PROGBITS 00000000 03c018 006eca 00 0 0 1
[23] .debug_aranges PROGBITS 00000000 042ee8 002a38 00 0 0 8
[24] .debug_pubnames PROGBITS 00000000 045920 003216 00 0 0 1
[25] .debug_info PROGBITS 00000000 048b36 044766 00 0 0 1
[26] .debug_abbrev PROGBITS 00000000 08d29c 00fbce 00 0 0 1
[27] .debug_line PROGBITS 00000000 09ce6a 016b5e 00 0 0 1
[28] .debug_frame PROGBITS 00000000 0b39c8 0045e4 00 0 0 4
[29] .debug_str PROGBITS 00000000 0b7fac 001419 00 0 0 1
[30] .debug_macinfo PROGBITS 00000000 0b93c5 d65d3b 00 0 0 1
[31] .shstrtab STRTAB 00000000 e1f100 000131 00 0 0 1
[32] .symtab SYMTAB 00000000 e1f784 003ae0 10 33 513 4
[33] .strtab STRTAB 00000000 e23264 002a7d 00 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
$ readelf -S /var/tmp/portage/gmp-4.1.4-r2/image/usr/lib/libmp.so.3.1.7
There are 33 section headers, starting at offset 0x307bd8:
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .hash HASH 000000f4 0000f4 000160 04 A 2 0 4
[ 2] .dynsym DYNSYM 00000254 000254 000310 10 A 3 11 4
[ 3] .dynstr STRTAB 00000564 000564 000160 00 A 0 0 1
[ 4] .gnu.version VERSYM 000006c4 0006c4 000062 02 A 2 0 2
[ 5] .gnu.version_r VERNEED 00000728 000728 000050 00 A 3 1 4
[ 6] .rel.dyn REL 00000778 000778 0000c0 08 A 2 0 4
[ 7] .rel.plt REL 00000838 000838 000078 08 A 2 9 4
[ 8] .init PROGBITS 000008b0 0008b0 000017 00 AX 0 0 4
[ 9] .plt PROGBITS 000008c8 0008c8 000100 04 AX 0 0 4
[10] .text PROGBITS 000009e0 0009e0 014350 00 AX 0 0 32
[11] .fini PROGBITS 00014d30 014d30 00001b 00 AX 0 0 4
[12] .rodata PROGBITS 00014d60 014d60 001eec 00 A 0 0 32
[13] .eh_frame PROGBITS 00016c4c 016c4c 000004 00 A 0 0 4
[14] .ctors PROGBITS 00017e80 016e80 000008 00 WA 0 0 4
[15] .dtors PROGBITS 00017e88 016e88 000008 00 WA 0 0 4
[16] .jcr PROGBITS 00017e90 016e90 000004 00 WA 0 0 4
[17] .dynamic DYNAMIC 00017e94 016e94 0000d8 08 WA 3 0 4
[18] .got PROGBITS 00017f6c 016f6c 000094 04 WA 0 0 4
[19] .data PROGBITS 00018000 017000 000014 00 WA 0 0 4
[20] .bss NOBITS 00018014 017014 00000c 00 WA 0 0 4
[21] .comment PROGBITS 00000000 017014 001821 00 0 0 1
[22] .debug_aranges PROGBITS 00000000 018838 000a98 00 0 0 8
[23] .debug_pubnames PROGBITS 00000000 0192d0 000aa5 00 0 0 1
[24] .debug_info PROGBITS 00000000 019d75 0101c0 00 0 0 1
[25] .debug_abbrev PROGBITS 00000000 029f35 003439 00 0 0 1
[26] .debug_line PROGBITS 00000000 02d36e 006524 00 0 0 1
[27] .debug_frame PROGBITS 00000000 033894 0010f0 00 0 0 4
[28] .debug_str PROGBITS 00000000 034984 000548 00 0 0 1
[29] .debug_macinfo PROGBITS 00000000 034ecc 2d2be6 00 0 0 1
[30] .shstrtab STRTAB 00000000 307ab2 000124 00 0 0 1
[31] .symtab SYMTAB 00000000 308100 001250 10 32 255 4
[32] .strtab STRTAB 00000000 309350 000d61 00 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
Note missing .note.GNU-stack
Pax-utils (which is more of a general ELF utils package now) is available in
source code format here: http://dev.gentoo.org/~solar/pax/
The attached patch adds a stack segement to all asm code eliminating the
executable stack problem.
Configure options:
./configure --prefix=/usr --host=i686-pc-linux-gnu --mandir=/usr/share/man
--infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc
--localstatedir=/var/lib --localstatedir=/var/state/gmp --disable-mpfr
--enable-cxx --enable-mpbsd --build=i686-pc-linux-gnu
using GMPABI="standard"
CC="gcc"
CFLAGS="-ggdb3"
CPPFLAGS=""
CXX="i686-pc-linux-gnu-g++"
CXXFLAGS="-march=athlon-xp -O2 -pipe"
MPN_PATH=" x86/p6 x86 generic
Portage 2.1_pre2 (hardened/x86/2.6, gcc-3.4.4, glibc-2.3.5-r2, 2.6.14-gentoo-r5
i686)
=================================================================
System uname: 2.6.14-gentoo-r5 i686 AMD Athlon(tm)
Gentoo Base System version 1.12.0_pre11
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632)
[disabled]
ccache version 2.3 [disabled]
dev-lang/python: 2.3.5-r2, 2.4.2
sys-apps/sandbox: 1.2.17
sys-devel/autoconf: 2.13, 2.59-r6
sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils: 2.16.1-r1
sys-devel/libtool: 1.5.20
virtual/os-headers: 2.6.11-r3
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS=" -ggdb3"
CHOST="i686-pc-linux-gnu"
gcc -v
Reading specs from /usr/lib/gcc/i686-pc-linux-gnu/3.4.4/specs
Configured with: /var/tmp/portage/gcc-3.4.4-r1/work/gcc-3.4.4/configure
--prefix=/usr --bindir=/usr/i686-pc-linux-gnu/gcc-bin/3.4.4
--includedir=/usr/lib/gcc/i686-pc-linux-gnu/3.4.4/include
--datadir=/usr/share/gcc-data/i686-pc-linux-gnu/3.4.4
--mandir=/usr/share/gcc-data/i686-pc-linux-gnu/3.4.4/man
--infodir=/usr/share/gcc-data/i686-pc-linux-gnu/3.4.4/info
--with-gxx-include-dir=/usr/lib/gcc/i686-pc-linux-gnu/3.4.4/include/g++-v3
--host=i686-pc-linux-gnu --build=i686-pc-linux-gnu --disable-altivec
--disable-nls --with-system-zlib --disable-checking --disable-werror
--disable-libunwind-exceptions --disable-multilib --disable-libgcj
--enable-languages=c,c++,objc,f77 --enable-shared --enable-threads=posix
--enable-__cxa_atexit --enable-clocale=gnu
Thread model: posix
gcc version 3.4.4 (Gentoo Hardened 3.4.4-r1, HTB-3.4.4-1.00, ssp-3.4.4-1.0,
pie-8.7.8)
--
Daniel Black <address@hidden>
Gentoo Crypto/PPC/dev-embedded/Forensics/NetMon
gmp-4.1.4-nostackexec.patch
Description: Text Data
pgp41DWtaEnAB.pgp
Description: PGP signature
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- executable stacks in gmp 4.1.4,
Daniel <=