From 099650a3e5fe5b3f5f44cd58cc33e95d0de899d4 Mon Sep 17 00:00:00 2001 From: Mike Frysinger Date: Tue, 7 Jun 2005 01:38:58 +0000 Subject: Make sure we dont build ssp.c with stack-protector and disable syslog() until we have a better fix #94325. (Portage version: 2.0.51.22-r1) --- sys-libs/glibc/ChangeLog | 8 ++++- .../glibc-2.3.5-propolice-guard-functions.patch | 40 ++++++++++++++++++++++ sys-libs/glibc/files/2.3.5/ssp.c | 27 ++++++++++----- sys-libs/glibc/glibc-2.3.5.ebuild | 4 +-- 4 files changed, 68 insertions(+), 11 deletions(-) create mode 100644 sys-libs/glibc/files/2.3.5/glibc-2.3.5-propolice-guard-functions.patch (limited to 'sys-libs') diff --git a/sys-libs/glibc/ChangeLog b/sys-libs/glibc/ChangeLog index 433385a5cc5c..031593d0a9d8 100644 --- a/sys-libs/glibc/ChangeLog +++ b/sys-libs/glibc/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-libs/glibc # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.347 2005/06/05 08:55:42 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.348 2005/06/07 01:38:58 vapier Exp $ + + 07 Jun 2005; Mike Frysinger files/2.3.5/ssp.c, + +files/2.3.5/glibc-2.3.5-propolice-guard-functions.patch, + glibc-2.3.5.ebuild: + Make sure we dont build ssp.c with stack-protector and disable syslog() + until we have a better fix #94325. 05 Jun 2005; Mike Frysinger +files/2.3.4/glibc234-alpha-xstat.patch, glibc-2.3.4.20041102.ebuild, diff --git a/sys-libs/glibc/files/2.3.5/glibc-2.3.5-propolice-guard-functions.patch b/sys-libs/glibc/files/2.3.5/glibc-2.3.5-propolice-guard-functions.patch new file mode 100644 index 000000000000..9b05ed65fc67 --- /dev/null +++ b/sys-libs/glibc/files/2.3.5/glibc-2.3.5-propolice-guard-functions.patch @@ -0,0 +1,40 @@ +--- glibc-2.3.5/sysdeps/generic/libc-start.c ++++ glibc-2.3.5/sysdeps/generic/libc-start.c +@@ -188,6 +188,9 @@ + GLRO(dl_debug_printf) ("\ntransferring control: %s\n\n", argv[0]); + #endif + ++ /* call the __guard_setup to set up the random __guard value */ ++ __guard_setup (); /* pappy@gentoo.org (pappy rules) */ ++ + #ifdef HAVE_CLEANUP_JMP_BUF + /* Memory for the cancellation buffer. */ + struct pthread_unwind_buf unwind_buf; +--- glibc-2.3.5/sysdeps/unix/sysv/linux/Dist ++++ glibc-2.3.5/sysdeps/unix/sysv/linux/Dist +@@ -1,3 +1,4 @@ ++ssp.c + bits/initspin.h + cmsg_nxthdr.c + dl-brk.c +--- glibc-2.3.5/sysdeps/unix/sysv/linux/Makefile ++++ glibc-2.3.5/sysdeps/unix/sysv/linux/Makefile +@@ -1,5 +1,6 @@ + ifeq ($(subdir),csu) +-sysdep_routines += errno-loc ++sysdep_routines += errno-loc ssp ++CFLAGS-ssp.c += -fno-stack-protector + endif + + ifeq ($(subdir),assert) +--- glibc-2.3.5/sysdeps/unix/sysv/linux/Versions ++++ glibc-2.3.5/sysdeps/unix/sysv/linux/Versions +@@ -108,6 +108,8 @@ + GLIBC_2.3.2 { + # New kernel interfaces. + epoll_create; epoll_ctl; epoll_wait; ++ # global objects and functions for the propolice patch in gcc - moved from libgcc by pappy@gentoo.org ++ __guard; __guard_setup; __stack_smash_handler; + } + GLIBC_2.3.3 { + gnu_dev_major; gnu_dev_minor; gnu_dev_makedev; diff --git a/sys-libs/glibc/files/2.3.5/ssp.c b/sys-libs/glibc/files/2.3.5/ssp.c index 47453c585624..880158d5cd31 100644 --- a/sys-libs/glibc/files/2.3.5/ssp.c +++ b/sys-libs/glibc/files/2.3.5/ssp.c @@ -1,6 +1,6 @@ /* * Distributed under the terms of the GNU General Public License v2 - * $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/2.3.5/ssp.c,v 1.2 2005/05/27 22:12:17 vapier Exp $ + * $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/2.3.5/ssp.c,v 1.3 2005/06/07 01:38:58 vapier Exp $ * * This is a modified version of Hiroaki Etoh's stack smashing routines * implemented for glibc. @@ -20,9 +20,9 @@ # include #endif -//#ifdef __SSP__ -//# error ssp.c has to be built w/ -fno-stack-protector -//#endif +#ifdef __SSP__ +# error ssp.c has to be built w/ -fno-stack-protector +#endif #include #include @@ -60,13 +60,13 @@ extern int __libc_close(int fd); # define __libc_open(file, flags) __open(file, flags) # define __libc_read(fd, buf, count) __read(fd, buf, count) # define __libc_close(fd) __close(fd) +# define __libc_write(fd, buf, count) __write(fd, buf, count) #endif void __guard_setup(void) __attribute__ ((constructor)); void __guard_setup(void) { size_t size; - struct timeval tv; if (__guard != 0UL) return; @@ -111,9 +111,11 @@ void __guard_setup(void) /* Everything failed? Or we are using a weakened model of the * terminator canary */ - - gettimeofday(&tv, NULL); - __guard ^= tv.tv_usec ^ tv.tv_sec; + { + struct timeval tv; + __gettimeofday(&tv, NULL); + __guard ^= tv.tv_usec ^ tv.tv_sec; + } } void __stack_smash_handler(char func[], int damaged __attribute__ ((unused))); @@ -130,8 +132,17 @@ void __stack_smash_handler(char func[], int damaged) sigprocmask(SIG_BLOCK, &mask, NULL); /* except SSP_SIGTYPE */ /* Print error message to stderr and syslog */ +#if 1 /* syslog() causes issues with glibc #94325 */ + __libc_write(STDERR_FILENO, __progname, strlen(__progname)); + __libc_write(STDERR_FILENO, message, strlen(message)); + __libc_write(STDERR_FILENO, func, strlen(func)); + __libc_write(STDERR_FILENO, "()\n", 3); + //_syscall3(int, _ssp_syslog, int, type, char *, bufp, int, len) + //_ssp_syslog(LOG_INFO, +#else fprintf(stderr, "%s%s%s()\n", __progname, message, func); syslog(LOG_INFO, "%s%s%s()", __progname, message, func); +#endif /* Make the default handler associated with the signal handler */ memset(&sa, 0, sizeof(struct sigaction)); diff --git a/sys-libs/glibc/glibc-2.3.5.ebuild b/sys-libs/glibc/glibc-2.3.5.ebuild index 70309657d699..962d5eed753e 100644 --- a/sys-libs/glibc/glibc-2.3.5.ebuild +++ b/sys-libs/glibc/glibc-2.3.5.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.3.5.ebuild,v 1.23 2005/06/06 04:51:41 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.3.5.ebuild,v 1.24 2005/06/07 01:38:58 vapier Exp $ # Here's how the cross-compile logic breaks down ... # CTARGET - machine that will target the binaries @@ -210,7 +210,7 @@ toolchain-glibc_src_unpack() { cd "${S}" cp "${FILESDIR}"/2.3.5/ssp.c sysdeps/unix/sysv/linux/ || die "could not find ssp.c" rm -f "${WORKDIR}"/patches/2* - epatch "${FILESDIR}"/2.3.3/glibc-2.3.2-propolice-guard-functions-v3.patch + epatch "${FILESDIR}"/2.3.5/glibc-2.3.5-propolice-guard-functions.patch epatch "${FILESDIR}"/2.3.5/glibc-2.3.5-frandom-detect.patch if [[ -n ${PATCH_VER} ]] ; then -- cgit v1.2.3-65-gdbad