147943 – [PATCH] openssl-0.9.8c-r1 exec-stacks

Bug 147943 - [PATCH] openssl-0.9.8c-r1 exec-stacks

Summary: [PATCH] openssl-0.9.8c-r1 exec-stacks

Status:	RESOLVED NEEDINFO

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Other

Importance:	High normal (vote)
Assignee:	Gentoo's Team for Core System packages

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-09-17 08:13 UTC by Charlie Shepherd (RETIRED)
Modified:	2006-09-18 10:53 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Patch to fixe exec stacks in openssl (exec-stacks.patch,249 bytes, patch) 2006-09-17 08:14 UTC, Charlie Shepherd (RETIRED)	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Charlie Shepherd (RETIRED) gentoo-dev

2006-09-17 08:13:21 UTC

Attached patch adds a line to x86unix.pl (though it could probably be any relevant script in crypto/perlasm) which prints the necessary .section info to all .s files. This makes the 'append-flags -Wa,--no-exec-stacks' line in the ebuild redundant as well.

Comment 1 Charlie Shepherd (RETIRED) gentoo-dev

2006-09-17 08:14:37 UTC

Created attachment 97249 [details, diff]
Patch to fixe exec stacks in openssl

Comment 2 SpanKY gentoo-dev

2006-09-18 02:07:28 UTC

this should not be needed as -Wa,--noexecstack is forced into the build

Comment 3 Charlie Shepherd (RETIRED) gentoo-dev

2006-09-18 05:13:10 UTC

I removed it - surely it is better to fix the application?

Comment 4 SpanKY gentoo-dev

2006-09-18 07:12:22 UTC

that's how upstream preferred to handle it last time i checked

Comment 5 Charlie Shepherd (RETIRED) gentoo-dev

2006-09-18 10:53:53 UTC

Perhaps you could put a line in the ebuild stating this? Otherwise the Hardened exec stack guide seems to recommend patching the source instead of --no-exec-stack.