Bug 147943

Summary:	[PATCH] openssl-0.9.8c-r1 exec-stacks
Product:	Gentoo Linux	Reporter:	Charlie Shepherd (RETIRED) <masterdriverz>
Component:	New packages	Assignee:	Gentoo's Team for Core System packages <base-system>
Status:	RESOLVED NEEDINFO
Severity:	normal	CC:	sgtphou
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Other
Whiteboard:
Package list:		Runtime testing required:	---
Attachments:	Patch to fixe exec stacks in openssl

Description Charlie Shepherd (RETIRED) gentoo-dev

2006-09-17 08:13:21 UTC

Attached patch adds a line to x86unix.pl (though it could probably be any relevant script in crypto/perlasm) which prints the necessary .section info to all .s files. This makes the 'append-flags -Wa,--no-exec-stacks' line in the ebuild redundant as well.

Comment 1 Charlie Shepherd (RETIRED) gentoo-dev

2006-09-17 08:14:37 UTC

Created attachment 97249 [details, diff]
Patch to fixe exec stacks in openssl

Comment 2 SpanKY gentoo-dev

2006-09-18 02:07:28 UTC

this should not be needed as -Wa,--noexecstack is forced into the build

Comment 3 Charlie Shepherd (RETIRED) gentoo-dev

2006-09-18 05:13:10 UTC

I removed it - surely it is better to fix the application?

Comment 4 SpanKY gentoo-dev

2006-09-18 07:12:22 UTC

that's how upstream preferred to handle it last time i checked

Comment 5 Charlie Shepherd (RETIRED) gentoo-dev

2006-09-18 10:53:53 UTC

Perhaps you could put a line in the ebuild stating this? Otherwise the Hardened exec stack guide seems to recommend patching the source instead of --no-exec-stack.