Summary: | Openoffice uses malloc'ed (C++ "new") heap data for executable code without setting executable permissions | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Kevin F. Quinn (RETIRED) <kevquinn> |
Component: | Current packages | Assignee: | Gentoo Office Team <office> |
Status: | RESOLVED UPSTREAM | ||
Severity: | normal | CC: | hardened, pageexec |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openoffice.org/issues/show_bug.cgi?id=47132 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
copy of call.s - for verification that it indeed does not need executable stack
add GNU-stack marking to asm, and change 'new' to call to rtl_allocateMemory in cpp2uno.cxx for linux intel Updated patch application patch (!) |
Description
Kevin F. Quinn (RETIRED)
2006-01-29 04:39:07 UTC
Created attachment 78415 [details]
copy of call.s - for verification that it indeed does not need executable stack
attached here for easy reading - anyone please confirm this doesn't need executable stack :)
@Kevin: Isn't this something you should report upstream? As this is a general problem and nothing Gentoo-specific I think this should be discussed in OOo Issuezilla. Created attachment 78418 [details, diff]
add GNU-stack marking to asm, and change 'new' to call to rtl_allocateMemory in cpp2uno.cxx for linux intel
This patches just the linux_intel (i.e. x86) code. This is a quick patch that should work, however upstream may prefer it to look more like the x86_64 code.
Result is that the C++ to UNO bridge should work on PaX systems with just 'm', without this it needs 'psm' which is unnecessarily broad, especially since SSP isn't compatible with OOo.
I've compiled the individual objects and shared library ok with this patch, but it'll take me a while to build the whole of openoffice.
Created attachment 78419 [details]
Updated patch application patch (!)
This replaces files/2.0.1/gentoo-2.0.1.diff since it's much simpler that way than providing a patch to a patch.
(In reply to comment #2) > @Kevin: Isn't this something you should report upstream? Yes; I figured I'd post it here to make sure I'm not talking garbage before bugging upstream :) Just for the record: I've built OOo with your patch, looks good to me. Thanks; built successfully here as well (takes my little machine a bit longer!) I need to work out something that actually uses the cpp2uno bridge to test what I've done, I don't know if I have anything... @Kevin: Just a reminder to file this upstream, to get some feedback there. Otherwise I'm a little reluctant to add this to our ebuild, as I've not got that in-depth knowledge to see if it actually breaks something ;) Kevin, I've added myself to the upstream bug, so closing this bug here, best to keep it in one place The upstream bug I raised (http://www.openoffice.org/issues/show_bug.cgi?id=61537) has been marked a duplicate of http://www.openoffice.org/issues/show_bug.cgi?id=47132; changed the URL to reflect this. The assignee has set the target to 2.0.3, currently planned for May 2006. |