Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 98296 Details for
Bug 94325
USE="hardened" enables custom glibc-2.4 and -2.5 implementations of __stack_smash_handler and __stack_chk_fail for users of hardened gcc
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
modification to debug/stack_chk_fail.c based on kevquinn's patch
glibc.ssp.patch3 (text/plain), 7.24 KB, created by
Alexander Gabert (RETIRED)
on 2006-09-28 01:24:58 UTC
(
hide
)
Description:
modification to debug/stack_chk_fail.c based on kevquinn's patch
Filename:
MIME Type:
Creator:
Alexander Gabert (RETIRED)
Created:
2006-09-28 01:24:58 UTC
Size:
7.24 KB
patch
obsolete
>--- debug/stack_chk_fail.c.ORIG 2006-09-28 09:43:35.000000000 +0200 >+++ debug/stack_chk_fail.c 2006-09-28 09:44:42.000000000 +0200 >@@ -16,22 +16,267 @@ > Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA > 02111-1307 USA. */ > >+#if defined __SSP__ || defined __SSP_ALL__ >+ >+/* An SSP failure handler that: >+ * 1) does not use any function calls - which would >+ * otherwise lead to nested calls to stack_chk_fail() >+ * 2) uses no functions from the rest of libc, which >+ * can lead to build problems pulling in copies of >+ * swathes of libc into the other libraries. >+ * This handler would not be valid on architectures for >+ * which a pointer is not either a 32-bit or 64-bit >+ * integer. It's definitely ok for i386, x86_64, and ppc. >+ */ >+ >+#if defined __linux__ >+ >+/* When including headers, define out the function names used >+ * via syscalls, since the syscall macros require that the functions >+ * they declare have the predefined names. This prevents duplicate >+ * declaration issues, which are warnings on gcc-3 but have become >+ * errors on gcc-4. >+ */ >+#define exit lcexit >+#include <stdlib.h> >+#undef exit >+#define write lcwrite >+#define getpid lcgetpid >+#define close lcclose >+#include <unistd.h> >+#undef write >+#undef getpid >+#undef close >+#define kill lckill >+#include <signal.h> >+#undef kill >+#include <linux/unistd.h> >+#include <sys/types.h> >+ >+ >+#ifndef __dietlibc__ >+ >+#include <alloca.h> >+ >+/* from sysdeps */ >+#include <socketcall.h> >+ >+/* for the stuff in bits/socket.h */ >+#include <sys/socket.h> >+ >+#include <sys/un.h> >+ >+#endif >+ >+/* Re-configure errno to a local one */ >+#ifdef errno >+#undef errno >+#endif >+#define errno __stack_chk_fail_errno >+static unsigned long int __stack_chk_fail_errno; >+ >+static ssize_t write(int fd, const void *buf, size_t count) __attribute__ ((always_inline)); >+static _syscall3(ssize_t,write, int,fd, const void *,buf, size_t,count); >+ >+static void exit(int status) __attribute__ ((always_inline)); >+static _syscall1(void,exit, int,status); >+ >+static int kill(pid_t pid, int sig) __attribute__ ((always_inline)); >+static _syscall2(int,kill, pid_t,pid, int,sig); >+ >+static pid_t getpid(void) __attribute__ ((always_inline)); >+static _syscall0(pid_t,getpid); >+ >+#ifndef __dietlibc__ >+ >+static int close(int fd) __attribute__ ((always_inline)); >+static _syscall1(int,close, int,fd); >+ >+ >+/* socketcall is present on most arches (including x86, arm (some), ppc, ppc64, mips, mips64, sparc, sparc64) >+ * x86_86 and some arm do not have it, but does have socket and connect syscalls >+ * Assume this when socketcall is not available. >+ */ >+#ifdef __NR_socketcall >+ >+static long socketcall(int call, unsigned long *args) __attribute__ ((always_inline)); >+static _syscall2(long,socketcall, int,call, unsigned long *,args); >+ >+#define DO_SOCKET(result,domain,type,protocol) \ >+ socketargs[0] = domain; \ >+ socketargs[1] = type; \ >+ socketargs[2] = protocol; \ >+ socketargs[3] = 0; \ >+ result = socketcall(SOCKOP_socket, socketargs) >+ >+#define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ >+ socketargs[0] = sockfd; \ >+ socketargs[1] = (unsigned long int)serv_addr; \ >+ socketargs[2] = addrlen; \ >+ socketargs[3] = 0; \ >+ result = socketcall(SOCKOP_connect, socketargs) >+ >+#else >+ >+#ifndef __NR_local_inline_socket >+#define __NR_local_inline_socket __NR_socket >+#endif >+ >+#ifndef __NR_local_inline_connect >+#define __NR_local_inline_connect __NR_connect >+#endif >+ >+static int local_inline_socket(int domain, int type, int protocol) __attribute__ ((always_inline)) ; >+static _syscall3(int,local_inline_socket, int,domain, int,type, int,protocol); >+ >+#define DO_SOCKET(result,domain,type,protocol) \ >+ result = local_inline_socket(domain,type,protocol) >+ >+static int local_inline_connect(int sockfd, const struct sockaddr *serv_addr, socklen_t addrlen) __attribute__ ((always_inline)) ; >+static _syscall3(int,local_inline_connect, int,sockfd, const struct sockaddr *,serv_addr, socklen_t,addrlen); >+ >+#define DO_CONNECT(result,sockfd,serv_addr,addrlen) \ >+ result = local_inline_connect(sockfd,(struct sockaddr *)serv_addr, addrlen) >+ >+#endif >+ >+#ifndef _PATH_LOG >+#define _PATH_LOG "/dev/log" >+#endif >+ >+const char path_log[]=_PATH_LOG; >+ >+extern char *__progname; >+ >+#else >+ >+static char *__progname = "<dietapp>"; >+ >+#endif >+ >+#else >+/* not building on linux */ >+ >+#error "Gentoo SSP support: glibc can only be built with SSP on Linux" >+ >+#endif >+ >+#else >+/* not SSP */ >+ >+#warning "Gentoo SSP support: building standard upstream handler, glibc itself is not protected" >+ > #include <stdio.h> > #include <stdlib.h> > > > extern char **__libc_argv attribute_hidden; > >+#endif >+/* endif SSP */ >+ >+#if defined ENABLE_OLD_SSP_COMPAT > void > __attribute__ ((noreturn)) >+__attribute__ ((alias("__stack_smash_handler"))) > __stack_chk_fail (void) > { >+#else /* defined ENABLE_OLD_SSP_COMPAT */ >+void >+__attribute__ ((noreturn)) >+__stack_chk_fail (void) >+{ >+#endif /* defined ENABLE_OLD_SSP_COMPAT */ >+ >+#if defined __SSP__ || defined __SSP_ALL__ >+ >+ #define MESSAGE_BUFSIZ 512 >+ pid_t pid; >+ int plen, i; >+ char message[MESSAGE_BUFSIZ]; >+ const char msg_prefix[]="*** stack smashing detected ***: "; >+ const char msg_suffix[]=" terminated\n"; >+ const char msg_unknown[]="<unknown>"; >+#ifndef __dietlibc__ >+ int log_socket, connect_result; >+ struct sockaddr_un sock; >+#ifdef __NR_socketcall >+ unsigned long int *socketargs=(unsigned long int *)alloca(sizeof(unsigned long int)*4); >+#endif >+#endif >+ >+ /* build message */ >+#define strconcat(str) \ >+ i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) {\ >+ message[plen+i]=str[i];\ >+ i++;\ >+ }\ >+ plen+=i; >+ plen=0; >+ strconcat(msg_prefix); >+ if (__progname != (char *)0) { >+ strconcat(__progname); >+ } else { >+ strconcat(msg_unknown); >+ } >+ strconcat(msg_suffix); >+ message[plen++]='\0'; >+ >+ /* Write out error message to STDERR */ >+ write(STDERR_FILENO, message, plen); >+ >+#ifndef __dietlibc__ >+ /* Log to syslog; socket write to /dev/log */ >+ >+ /* Build socket address */ >+ sock.sun_family = AF_UNIX; >+ i=0; while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) { >+ sock.sun_path[i]=path_log[i]; >+ i++; >+ } >+ sock.sun_path[i]='\0'; >+ >+ /* Try SOCK_DGRAM connection to syslog */ >+ connect_result=-1; >+ DO_SOCKET(log_socket,AF_UNIX,SOCK_DGRAM,0); >+ if (log_socket != -1) { >+ DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); >+ } >+ if (connect_result == -1) { >+ if (log_socket != -1) { >+ close(log_socket); >+ } >+ /* Try SOCK_STREAM connection to syslog */ >+ DO_SOCKET(log_socket,AF_UNIX,SOCK_STREAM,0); >+ if (log_socket != -1) { >+ DO_CONNECT(connect_result,log_socket,(&sock),(sizeof(sock))); >+ } >+ } >+ /* If a successful connection was made, log the message */ >+ if (connect_result != -1) { >+ write(log_socket,message,plen); >+ } >+ if (log_socket != -1) { >+ close(log_socket); >+ } >+#endif >+ >+ /* Suicide - note; sigactions can't be added to SIGKILL, nor can it be masked */ >+ pid=getpid(); >+ kill(pid,SIGKILL); >+ >+ /* In case the kill didn't work, exit anyway >+ * The loop prevents gcc thinking this routine returns >+ */ >+ while (1) exit(EXIT_FAILURE); >+ >+#else >+ > /* The loop is added only to keep gcc happy. */ > while (1) > __libc_message (1, "*** stack smashing detected ***: %s terminated\n", > __libc_argv[0] ?: "<unknown>"); >-} > >-#ifdef ENABLE_OLD_SSP_COMPAT >-strong_alias (__stack_chk_fail, __stack_smash_handler) > #endif >+} >+
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=98296">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 94325
:
60042
|
98022
|
98119
|
98271
|
98296
|
98337
|
98453
|
98470
|
98567
|
102912
|
102913
|
102914
|
102915
|
102916
|
103032
|
103033
|
103441
|
103442
