Bug 164814

Comment 1 SpanKY 2007-02-01 19:34:53 UTC

not interested in hacking wine apart

(In reply to comment #1)
> not interested in hacking wine apart
> 

Well, i'm not taking about hacking wine, just changing the ebuild to honor hardened users, so they get a workable wine. Setting -fno-stack-protector on hardened profiles in the ebuild and deactivating PAX is only a small patch to the ebuild.

Comment 3 Kevin F. Quinn (RETIRED) 2007-02-03 11:40:54 UTC

SpanKy's point was just to let us (hardened) know that he won't accept patches from us that muck around with wine internally.  He'll accept a PaX marking (which incidentally is only needed on /usr/bin/wine and /usr/bin/wine-preloader).

At the moment, I want to find out why the stack protection is triggered; wine should be fine with SSP.  I get an apparent stack overflow in wine_nt_to_unix_file_name, which indicates there may be a bug in the code - so we should work to fix that (and send it upstream) before just switching off SSP:

$ wine cmd.exe /c dir
*** stack smashing detected ***:  - terminated
: stack smashing attack in function wine_nt_to_unix_file_name - terminated
Report to http://bugs.gentoo.org/
Aborted

Could you post details of the stack smash(es) that you see?

(In reply to comment #3)

I see:
$ wine cmd.exe /c dir
: stack smashing attack in function load_dll()
Aborted

Maybe there are more than one bugs, so probably it would be ok to deactivate SSP for wine for now.

Comment 5 solar (RETIRED) 2007-02-05 19:26:55 UTC

Please do not comment on this bug if you are simply going to suggest to disable SSP on something that is not known to contain a security flaw. 
ReRead comment #3 if you do not understand.

(In reply to comment #5)
I have just proposed it, i'm not saying it's the preferred solution. But as SpanKY said, hacking wine seems not to be a preferred solution. And then the only alternative would be that wine would not be available on hardened.

I am having difficulty with an AMD64 hardened system and wine. The complaint is about incorrect push and pop arguments. Using the -fno-stack-protector option above didn't manage to fix this. I just want that to be noted should someone else have the same problem.

x86_64-pc-linux-gnu-gcc -c -I. -I. -I../../include -I../../include  -D__WINESRC__ -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing -Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith  -march=k8 -O2 -pipe -mno-tls-direct-seg-refs -fno-stack-protector -D__i386__  -o interlocked.o interlocked.c
{standard input}: Assembler messages:
{standard input}:30: Error: suffix or operands invalid for `push'
{standard input}:31: Error: suffix or operands invalid for `push'
{standard input}:38: Error: suffix or operands invalid for `pop'
{standard input}:39: Error: suffix or operands invalid for `pop'
make[2]: *** [interlocked.o] Error 1
make[2]: Leaving directory `/var/tmp/portage/app-emulation/wine-0.9.39/work/wine-0.9.39/libs/port'

My suggestion (for the 32-bit case) would be to rework the ebuild to check for hardened and make sure that correct CFLAGS options are set. The ebuild should at least warn the user before continuing to build.

I believe this 64-bit related problem may require modifications to wine. This build was attempted with vanilla gcc and a hardened gcc (both 3.4.6)

Comment 8 solar (RETIRED) 2007-11-28 14:57:43 UTC

hardened is lacking in manpower and wine is about the last thing on the list we will be focusing any efforts on. Please take this issue up with the wine maintainer at gentoo and or upstream.. Reassigning to maintainer to handle 
bug resolution.

(In reply to comment #8)
> wine is about the last thing on the list we
> will be focusing any efforts on.

Just to let you know (not that I believe it will really interest you) that the lack of wine ends my 2 days field trip into the hardened profile for my servers. Several of them need wine so I can't adopt the hardened profile.

I don't need it to be the lastest and grestest, nor that it is easy to install but I need it. As it's the last thing on the list, I have to walk away from hardened.

Yeah, I know, it's my problem and my problem only but I wanted to let you know because not having any solution at all for a package can be a road blocker for some, even if the package is wine.

(In reply to comment #9)
Hello Rodrigo,

it is possible to use wine in a portage-overlay. I'm using some small changes in the ebuild. In most cases it is enough to disable PIE or stack-protection in packages which fail to work on hardened. I know it's not the best solution but it works and you don't have to change to a non-hardened system. Here my changes to a wine-ebuild, other versions can be handled the same:
$ diff -u /usr/portage/app-emulation/wine/wine-0.9.49.ebuild /usr/local/portage/app-emulation/wine/wine-0.9.49.ebuild
--- /usr/portage/app-emulation/wine/wine-0.9.49.ebuild  2007-11-20 21:35:41.000000000 +0100
+++ /usr/local/portage/app-emulation/wine/wine-0.9.49.ebuild    2007-11-24 01:08:38.000000000 +0100
@@ -2,7 +2,13 @@
 # Distributed under the terms of the GNU General Public License v2
 # $Header: /var/cvsroot/gentoo-x86/app-emulation/wine/wine-0.9.49.ebuild,v 1.2 2007/11/20 20:21:39 lavajoe Exp $

-inherit eutils flag-o-matic multilib
+#
+# FIX: set -fno-stack-protector and disable PAX for wine/winepreloader
+#
+
+#
+inherit eutils flag-o-matic multilib pax-utils
+#

 DESCRIPTION="free implementation of Windows(tm) on Unix"
 HOMEPAGE="http://www.winehq.com/"
@@ -10,7 +16,7 @@

 LICENSE="LGPL-2.1"
 SLOT="0"
-KEYWORDS="-* ~amd64 ~x86 ~x86-fbsd"
+KEYWORDS="-* ~amd64 x86 ~x86-fbsd"
 IUSE="alsa cups dbus esd hal jack jpeg lcms ldap nas ncurses opengl oss scanner xml X"
 RESTRICT="test" #72375

@@ -100,6 +106,10 @@

        strip-flags

+#
+       append-flags -fno-stack-protector
+#
+
        use amd64 && multilib_toolchain_setup x86

        #       $(use_enable amd64 win64)
@@ -117,6 +127,9 @@
 src_install() {
        make DESTDIR="${D}" install || die
        dodoc ANNOUNCE AUTHORS ChangeLog README
+#
+       pax-mark perms ${D}/usr/bin/{wine,wine-preloader}
+#
 }

 pkg_postinst() {

(In reply to comment #10)
> (In reply to comment #9)
> 
> I know it's not the best solution but
> it works and you don't have to change to a non-hardened system. Here my changes
> to a wine-ebuild, other versions can be handled the same:

First of all I would like to thank you for your help.

I have just tried the patch. Unfortunatelly it didn't solve the problem, I still get the error below (the same I get without the patch). Any ideas?


x86_64-pc-linux-gnu-gcc -c -I. -I. -I../../include -I../../include  -D__WINESRC__ -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing -Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith  -O2 -march=k8 -pipe -fno-stack-protector -D__i386__  -o memmove.o memmove.c
{standard input}: Assembler messages:
{standard input}:30: Error: suffix or operands invalid for `push'
{standard input}:31: Error: suffix or operands invalid for `push'
{standard input}:38: Error: suffix or operands invalid for `pop'
{standard input}:39: Error: suffix or operands invalid for `pop'
make[2]: *** [interlocked.o] Error 1

(In reply to comment #11)
This seems more like a binutils incompatibility (newer "as" versions change sometimes the syntax). Have you tried newer versions of wine?

(In reply to comment #12)
> (In reply to comment #11)
> This seems more like a binutils incompatibility (newer "as" versions change
> sometimes the syntax). Have you tried newer versions of wine?

I did without your patch.

With your patch I tried the mentioned 0.9.49.

I will try the newer one with your patch and report the results.

(In reply to comment #12)
> (In reply to comment #11)
> This seems more like a binutils incompatibility (newer "as" versions change
> sometimes the syntax). Have you tried newer versions of wine?

Just tried the newest one available in portage, 0.9.53 with your patch.

Unfortunatelly I got the same exact error:

x86_64-pc-linux-gnu-gcc -c -I. -I. -I../../include -I../../include  -D__WINESRC__ -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing -Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith  -O2 -march=k8 -pipe -fno-stack-protector -D__i386__  -o interlocked.o interlocked.c
flex  -oppl.yy.c ppl.l
x86_64-pc-linux-gnu-gcc -c -I. -I. -I../../include -I../../include  -D__WINESRC__ -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing -Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith  -O2 -march=k8 -pipe -fno-stack-protector -D__i386__  -o lstat.o lstat.c
{standard input}: Assembler messages:
{standard input}:30: Error: suffix or operands invalid for `push'
{standard input}:31: Error: suffix or operands invalid for `push'
{standard input}:38: Error: suffix or operands invalid for `pop'
{standard input}:39: Error: suffix or operands invalid for `pop'
make[2]: *** [interlocked.o] Error 1
make[2]: *** Waiting for unfinished jobs....
make[2]: Leaving directory `/var/tmp/portage/app-emulation/wine-0.9.53-r1/work/wine-0.9.53/libs/port'
make[1]: *** [port] Error 2
make[1]: *** Waiting for unfinished jobs....

Any ideas?

(In reply to comment #14)
Well, this is a bug in wine's assembly. I would additionally add -m32 to append-flags and therefor compile it in 32Bit, you need multilib for this to work. Reporting this bug upstream could help the wine devs :) Would you do it?

(In reply to comment #15)
> (In reply to comment #14)
> Well, this is a bug in wine's assembly. I would additionally add -m32 to
> append-flags and therefor compile it in 32Bit,

This part seems quite simple.
> you need multilib for this to
> work. 

What should I do to get multilib (I don't know what multilib is)?

> Reporting this bug upstream could help the wine devs :) Would you do it?

Sure. But first I must understand what is this bug exactly. I mean, wine works with the 2007.0/server on this same amd64 machine so I need to know what exactly is causing the bug when I use the hardened profile.

I don't want to report a bug like "wine works well on amd64 except when I change to the hardened Gentoo profile". They will probably ask me WTF is hardened Gentoo profile?

Do you know which setting of the hardened profile is causing this bug?

Comment 17 SpanKY 2008-08-30 03:15:15 UTC

*** Bug 236137 has been marked as a duplicate of this bug. ***

wine 1.1.2 compiled fine for me on hardened without resorting to any hacks. winecfg starts fine, but if I click on the Drives tab, or cycle through the tabs with the arrow keys to the Drives tab, winecfg will crash.

*** stack smashing detected ***:  - terminated
: stack smashing attack in function wine_nt_to_unix_file_name - terminated
Report to http://bugs.gentoo.org/
Killed

running on a headless server with tightvnc 1.3.10

Portage 2.1.6.7 (hardened/linux/amd64/2008.0, gcc-3.4.6, glibc-2.6.1-r0, 2.6.28-gentoo-r5 x86_64)
=================================================================
System uname: Linux-2.6.28-gentoo-r5-x86_64-Intel-R-_Core-TM-2_Quad_CPU_Q8300_@_2.50GHz-with-glibc2.3.2
Timestamp of tree: Sun, 26 Apr 2009 11:45:03 +0000
app-shells/bash:     3.2_p17-r1
dev-lang/python:     2.4.4-r6
dev-python/pycrypto: 2.0.1-r6
sys-apps/baselayout: 1.12.11.1
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.63
sys-devel/automake:  1.7.9-r1, 1.9.6-r2, 1.10
sys-devel/binutils:  2.18-r1
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.23-r3
ACCEPT_KEYWORDS="amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=nocona -O2 -pipe -fforce-addr"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-march=nocona -O2 -pipe -fforce-addr"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://gentoo.mirrors.pair.com/ http://gentoo.cites.uiuc.edu/pub/gentoo/ "
LDFLAGS="-Wl,-O1"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage"
USE="acl amd64 berkdb bzip2 cli cracklib crypt cups curl dri gd gdbm gpm hardened iconv imap isdnlog justify libwww maildir midi mmx mudflap multilib mysql ncurses nptl nptlonly pam pam-mysql pcre perl pic pppd python readline reflection sasl session snmp spl sse sse2 ssl ssse3 sysfs tcpd truetype urandom xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="access auth authz_host auth_basic mime_magic auth_dbm auth_anon auth_digest alias file-cache echo charset-lite cache disk-cache mem-cache ext-filter case_filter case-filter-in filter deflate mime-magic cern-meta expires headers usertrack unique-id proxy proxy-connect proxy-ftp proxy-http info include cgi cgid dav dav-fs vhost-alias speling rewrite log_config logio env setenvif mime status autoindex asis negotiation dir imap actions userdir so" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="fbdev glint i810 intel mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa vga via vmware voodoo"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 19 Gordon Malm (RETIRED) 2009-08-10 23:03:28 UTC

*** Bug 199301 has been marked as a duplicate of this bug. ***

Comment 20 SpanKY 2009-11-15 02:03:39 UTC

*** This bug has been marked as a duplicate of bug 255055 ***

Comment 21 SpanKY 2009-11-15 02:03:53 UTC

*** Bug 271807 has been marked as a duplicate of this bug. ***