Attachment #45338 for bug #73112

View | Details | Raw Unified | Return to bug 73112
Collapse All | Expand All

Lines 32-50 src_unpack() { Link Here

(-)dietlibc-0.27.ebuild (-3 / +9 lines)
32	# ${FILESDIR}/ssp.c is integrated with upstream as of dietlibc-0.26	32	# ${FILESDIR}/ssp.c is integrated with upstream as of dietlibc-0.26
33	# - robbat2 (Oct 01 2004)	33	# - robbat2 (Oct 01 2004)
34		34
		35	# Ok so let's make dietlibc ssp aware (Aug 7 2004) -solar
		36	# ${FILESDIR}/ssp.c does not appear to be integrated with
		37	# upstream as of dietlibc-0.27 bug 73112 - solar (Dec 05 2004)
		38	cp ${FILESDIR}/ssp.c ${S}/lib/ \|\| die "Failed to copy ssp.c into lib for compile"
		39
35	# start with sparc/sparc64/x86_64/i386 for now.	40	# start with sparc/sparc64/x86_64/i386 for now.
36	# apply to all arches for crazy cross-compiling - robbat2 (Oct 01 2004)	41	# apply to all arches for crazy cross-compiling - robbat2 (Oct 01 2004)
37	epatch ${FILESDIR}/dietlibc-0.26-ssp.patch	42	epatch ${FILESDIR}/dietlibc-0.26-ssp.patch
38	append-flags -D__dietlibc__
39	# end ssp block code
40		43
41	# Fix for 45716	44	# Fix for 45716
42	replace-sparc64-flags	45	replace-sparc64-flags
43		46
44	# be very careful to only effect the CFLAGS used for optimization	47	# be very careful to only effect the CFLAGS used for optimization
45	# and not any of the other CFLAGS. - robbat2 (Oct 01 2004)	48	# and not any of the other CFLAGS. - robbat2 (Oct 01 2004)
		49
		50	# Shifted ssp exclusion logic into sed expression. - solar (Dec 05 2004)
46	sed -i \	51	sed -i \
47	-e "s:^CFLAGS+=-O -fomit-frame-pointer:CFLAGS += ${CFLAGS}:" \	52	-e "s:^CFLAGS+=-O -fomit-frame-pointer:CFLAGS += ${CFLAGS} -D__dietlibc__:" \
		53	-e "s:^CFLAGS=-pipe -nostdinc:CFLAGS=-pipe -nostdinc -D__dietlibc__ -fno-stack-protector-all -fno-stack-protector:" \
48	-e "s:^prefix.*:prefix=/usr/diet:" \	54	-e "s:^prefix.*:prefix=/usr/diet:" \
49	Makefile \	55	Makefile \
50	\|\| die "sed Makefile failed"	56	\|\| die "sed Makefile failed"




#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/syslog.h>
#include <sys/time.h>
#include <sys/sysctl.h>

#ifndef _PATH_LOG
#define _PATH_LOG "/dev/log"
#endif

#ifdef __PROPOLICE_BLOCK_SEGV__
#define SSP_SIGTYPE SIGSEGV

__guard_setup (void)
{
  size_t size;
#ifdef HAVE_DEV_ERANDOM
  int mib[3];
#endif

  if (__guard != 0UL)
    return;

#ifndef __SSP_QUICK_CANARY__
#ifdef HAVE_DEV_ERANDOM
  /* Random is another depth in Linux, hence an array of 3. */
  mib[0] = CTL_KERN;
  mib[1] = KERN_RANDOM;
  mib[2] = RANDOM_ERANDOM;

  size = sizeof (unsigned long);
  if (__sysctl (mib, 3, &__guard, &size, NULL, 0) != (-1))
    if (__guard != 0UL)
      return;
#endif
  /* 
   * Attempt to open kernel pseudo random device if one exists before 
   * opening urandom to avoid system entropy depletion.

  const char message[] = ": stack smashing attack in function ";
  int bufsz, len;
  char buf[512];
#ifndef __dietlibc__
  struct sockaddr_un sock;	/* AF_UNIX address of local logger */
  int log;
  extern char *__progname;
#else
  static char *__progname = "dietapp";
#endif

  sigset_t mask;
  sigfillset (&mask);

  /* print error message */
  write (STDERR_FILENO, buf + 3, len - 3);
  write (STDERR_FILENO, "()\n", 3);
#ifndef __dietlibc__
  if ((log = socket (AF_UNIX, SOCK_DGRAM, 0)) != -1)
    {
      /* Send "found" message to the "/dev/log" path */
      sock.sun_family = AF_UNIX;
      (void) strncpy (sock.sun_path, _PATH_LOG, sizeof (sock.sun_path) - 1);
      sock.sun_path[sizeof (sock.sun_path) - 1] = '\0';
      sendto (log, buf, len, 0, (struct sockaddr *) &sock, sizeof (sock));
    }
#endif
  /* Make sure the default handler is associated with the our signal handler */

  /* Make sure the default handler is associated with the our signal handler */
  memset (&sa, 0, sizeof (struct sigaction));
  sigfillset (&sa.sa_mask);	/* Block all signals */
  sa.sa_flags = 0;

Return to bug 73112

Lines 28-40 Link Here

(-)files/ssp.c (-38 / +1 lines)
28	#include <sys/types.h>	28	#include <sys/types.h>
29	#include <sys/socket.h>	29	#include <sys/socket.h>
30	#include <sys/un.h>	30	#include <sys/un.h>
31	#include <sys/syslog.h>
32	#include <sys/time.h>	31	#include <sys/time.h>
33	#include <sys/sysctl.h>
34
35	#ifndef _PATH_LOG
36	#define _PATH_LOG "/dev/log"
37	#endif
38		32
39	#ifdef __PROPOLICE_BLOCK_SEGV__	33	#ifdef __PROPOLICE_BLOCK_SEGV__
40	#define SSP_SIGTYPE SIGSEGV	34	#define SSP_SIGTYPE SIGSEGV
Lines 50-74 void Link Here
50	__guard_setup (void)	44	__guard_setup (void)
51	{	45	{
52	size_t size;	46	size_t size;
53	#ifdef HAVE_DEV_ERANDOM
54	int mib[3];
55	#endif
56
57	if (__guard != 0UL)	47	if (__guard != 0UL)
58	return;	48	return;
59		49
60	#ifndef __SSP_QUICK_CANARY__	50	#ifndef __SSP_QUICK_CANARY__
61	#ifdef HAVE_DEV_ERANDOM
62	/* Random is another depth in Linux, hence an array of 3. */
63	mib[0] = CTL_KERN;
64	mib[1] = KERN_RANDOM;
65	mib[2] = RANDOM_ERANDOM;
66
67	size = sizeof (unsigned long);
68	if (__sysctl (mib, 3, &__guard, &size, NULL, 0) != (-1))
69	if (__guard != 0UL)
70	return;
71	#endif
72	/*	51	/*
73	* Attempt to open kernel pseudo random device if one exists before	52	* Attempt to open kernel pseudo random device if one exists before
74	* opening urandom to avoid system entropy depletion.	53	* opening urandom to avoid system entropy depletion.
Lines 109-121 __stack_smash_handler (char func[], int Link Here
109	const char message[] = ": stack smashing attack in function ";	88	const char message[] = ": stack smashing attack in function ";
110	int bufsz, len;	89	int bufsz, len;
111	char buf[512];	90	char buf[512];
112	#ifndef __dietlibc__
113	struct sockaddr_un sock; /* AF_UNIX address of local logger */
114	int log;
115	extern char *__progname;
116	#else
117	static char *__progname = "dietapp";	91	static char *__progname = "dietapp";
118	#endif
119		92
120	sigset_t mask;	93	sigset_t mask;
121	sigfillset (&mask);	94	sigfillset (&mask);
Lines 144-161 __stack_smash_handler (char func[], int Link Here
144	/* print error message */	117	/* print error message */
145	write (STDERR_FILENO, buf + 3, len - 3);	118	write (STDERR_FILENO, buf + 3, len - 3);
146	write (STDERR_FILENO, "()\n", 3);	119	write (STDERR_FILENO, "()\n", 3);
147	#ifndef __dietlibc__
148	if ((log = socket (AF_UNIX, SOCK_DGRAM, 0)) != -1)
149	{
150	/* Send "found" message to the "/dev/log" path */
151	sock.sun_family = AF_UNIX;
152	(void) strncpy (sock.sun_path, _PATH_LOG, sizeof (sock.sun_path) - 1);
153	sock.sun_path[sizeof (sock.sun_path) - 1] = '\0';
154	sendto (log, buf, len, 0, (struct sockaddr *) &sock, sizeof (sock));
155	}
156	#endif
157	/* Make sure the default handler is associated with the our signal handler */
158		120
		121	/* Make sure the default handler is associated with the our signal handler */
159	memset (&sa, 0, sizeof (struct sigaction));	122	memset (&sa, 0, sizeof (struct sigaction));
160	sigfillset (&sa.sa_mask); /* Block all signals */	123	sigfillset (&sa.sa_mask); /* Block all signals */
161	sa.sa_flags = 0;	124	sa.sa_flags = 0;