dietlibc has own ssp

svn path=/; revision=348
author: Benedikt Boehm <hollow@gentoo.org> 2006-05-02 09:35:41 +0000
committer: Benedikt Boehm <hollow@gentoo.org> 2006-05-02 09:35:41 +0000
commit: dd2f75f7d8d5ed027e71408a9924128d6d8c9243 (patch)
tree: d849e0e8542f9bc6706a1152016e1292eebd5319 /dietlibc
parent: add missing prefix patch (diff)
download: misc-dd2f75f7d8d5ed027e71408a9924128d6d8c9243.tar.gz
misc-dd2f75f7d8d5ed027e71408a9924128d6d8c9243.tar.bz2
misc-dd2f75f7d8d5ed027e71408a9924128d6d8c9243.zip
3 files changed, 13 insertions, 368 deletions
diff --git a/dietlibc/patches/0.30_pre20060501-r0/05_all_want-stackgap.patch b/dietlibc/patches/0.30_pre20060501-r0/05_all_want-stackgap.patch
new file mode 100644
index 0000000..4a94426
--- /dev/null
+++ b/dietlibc/patches/0.30_pre20060501-r0/05_all_want-stackgap.patch
@@ -0,0 +1,13 @@
+Index: dietlibc-0.30_pre20060501/dietfeatures.h
+===================================================================
+--- dietlibc-0.30_pre20060501.orig/dietfeatures.h
++++ dietlibc-0.30_pre20060501/dietfeatures.h
+@@ -99,7 +99,7 @@
+ /* WARNING: this appears to break with some binutils versions.  Works
+  * for me with binutils 2.15.  The symptom is an error message that
+  * `main' can not be found. */
+-/* #define WANT_STACKGAP */
++#define WANT_STACKGAP
+ 
+ /* Include support for ProPolice/SSP, calls guard_setup */
+ /* ProPolice is part of gcc 4.1 and up, there were patches for earlier
diff --git a/dietlibc/patches/0.30_pre20060501-r0/60_all_ssp.patch b/dietlibc/patches/0.30_pre20060501-r0/60_all_ssp.patch
deleted file mode 100644
index a43fdb1..0000000
--- a/dietlibc/patches/0.30_pre20060501-r0/60_all_ssp.patch
+++ /dev/null
@@ -1,239 +0,0 @@
-Index: dietlibc-0.30_pre20060501/i386/start.S
-===================================================================
---- dietlibc-0.30_pre20060501.orig/i386/start.S
-+++ dietlibc-0.30_pre20060501/i386/start.S
-@@ -50,7 +50,9 @@ _start:
- 	PUT_VAR %edi, __vsyscall, %edx
- 1:
- #endif
--
-+#ifdef __dietlibc__
-+	call	__guard_setup
-+#endif
- #ifdef WANT_DYNAMIC
- 	call	_dyn_start
- #else
-Index: dietlibc-0.30_pre20060501/lib/ssp.c
-===================================================================
---- /dev/null
-+++ dietlibc-0.30_pre20060501/lib/ssp.c
-@@ -0,0 +1,129 @@
-+/*
-+ * Distributed under the terms of the GNU General Public License v2
-+ * $Header: /var/cvsroot/gentoo-x86/dev-libs/dietlibc/files/ssp.c,v 1.2 2004/12/05 19:25:40 solar Exp $
-+ *
-+ * This is a modified version of Hiroaki Etoh's stack smashing routines
-+ * implemented for glibc.
-+ *
-+ * The following people have contributed input to this code.
-+ * Ned Ludd - <solar[@]gentoo.org>
-+ * Alexander Gabert - <pappy[@]gentoo.org>
-+ * The PaX Team - <pageexec[@]freemail.hu>
-+ * Peter S. Mazinger - <ps.m[@]gmx.net>
-+ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
-+ * Robert Connolly - <robert[@]linuxfromscratch.org>
-+ * Cory Visi <cory@visi.name>
-+ *
-+ */
-+
-+#ifdef HAVE_CONFIG_H
-+# include <config.h>
-+#endif
-+
-+#include <stdio.h>
-+#include <string.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <signal.h>
-+#include <sys/types.h>
-+#include <sys/socket.h>
-+#include <sys/un.h>
-+#include <sys/time.h>
-+
-+#ifdef __PROPOLICE_BLOCK_SEGV__
-+#define SSP_SIGTYPE SIGSEGV
-+#elif __PROPOLICE_BLOCK_KILL__
-+#define SSP_SIGTYPE SIGKILL
-+#else
-+#define SSP_SIGTYPE SIGABRT
-+#endif
-+
-+unsigned long __guard = 0UL;
-+
-+void
-+__guard_setup (void)
-+{
-+  size_t size;
-+  if (__guard != 0UL)
-+    return;
-+
-+#ifndef __SSP_QUICK_CANARY__
-+  /*
-+   * Attempt to open kernel pseudo random device if one exists before
-+   * opening urandom to avoid system entropy depletion.
-+   */
-+  {
-+    int fd;
-+#ifdef HAVE_DEV_ERANDOM
-+    if ((fd = open ("/dev/erandom", O_RDONLY)) == (-1))
-+#endif
-+      fd = open ("/dev/urandom", O_RDONLY);
-+    if (fd != (-1))
-+      {
-+	size = read (fd, (char *) &__guard, sizeof (__guard));
-+	close (fd);
-+	if (size == sizeof (__guard))
-+	  return;
-+      }
-+  }
-+#endif
-+
-+  /* If sysctl was unsuccessful, use the "terminator canary". */
-+  __guard = 0xFF0A0D00UL;
-+
-+  {
-+    /* Everything failed? Or we are using a weakened model of the
-+     * terminator canary */
-+    struct timeval tv;
-+
-+    gettimeofday (&tv, NULL);
-+    __guard ^= tv.tv_usec ^ tv.tv_sec;
-+  }
-+}
-+
-+void
-+__stack_smash_handler (char func[], int damaged)
-+{
-+  struct sigaction sa;
-+  const char message[] = ": stack smashing attack in function ";
-+  int bufsz, len;
-+  char buf[512];
-+  static char *__progname = "dietapp";
-+
-+  sigset_t mask;
-+  sigfillset (&mask);
-+
-+  sigdelset (&mask, SSP_SIGTYPE);	/* Block all signal handlers */
-+  sigprocmask (SIG_BLOCK, &mask, NULL);	/* except SIGABRT */
-+
-+  bufsz = sizeof (buf);
-+  strcpy (buf, "<2>");
-+  len = 3;
-+
-+  strncat (buf, __progname, sizeof (buf) - 4);
-+  len = strlen (buf);
-+
-+  if (bufsz > len)
-+    {
-+      strncat (buf, message, bufsz - len - 1);
-+      len = strlen (buf);
-+    }
-+  if (bufsz > len)
-+    {
-+      strncat (buf, func, bufsz - len - 1);
-+      len = strlen (buf);
-+    }
-+
-+  /* print error message */
-+  write (STDERR_FILENO, buf + 3, len - 3);
-+  write (STDERR_FILENO, "()\n", 3);
-+
-+  /* Make sure the default handler is associated with the our signal handler */
-+  memset (&sa, 0, sizeof (struct sigaction));
-+  sigfillset (&sa.sa_mask);	/* Block all signals */
-+  sa.sa_flags = 0;
-+  sa.sa_handler = SIG_DFL;
-+  sigaction (SSP_SIGTYPE, &sa, NULL);
-+  (void) kill (getpid (), SSP_SIGTYPE);
-+  _exit (127);
-+}
-Index: dietlibc-0.30_pre20060501/sparc/start.S
-===================================================================
---- dietlibc-0.30_pre20060501.orig/sparc/start.S
-+++ dietlibc-0.30_pre20060501/sparc/start.S
-@@ -31,6 +31,9 @@ _start:
-    be NULL.  */
- 
- /* Let libc do the rest of the initialization, and call main.  */
-+#if 0 /* FIXME: __dietlibc__ */
-+	call    __guard_setup
-+#endif
- #ifdef WANT_DYNAMIC
- 	call	_dyn_start
- #else
-Index: dietlibc-0.30_pre20060501/sparc64/start.S
-===================================================================
---- dietlibc-0.30_pre20060501.orig/sparc64/start.S
-+++ dietlibc-0.30_pre20060501/sparc64/start.S
-@@ -31,6 +31,9 @@ _start:
-    be NULL.  */
- 
- /* Let libc do the rest of the initialization, and call main.  */
-+#if 0 /* FIXME: __dietlibc__ */
-+	call    __guard_setup
-+#endif
- #ifdef WANT_DYNAMIC
- 	call	_dyn_start
- #else
-Index: dietlibc-0.30_pre20060501/x86_64/start.S
-===================================================================
---- dietlibc-0.30_pre20060501.orig/x86_64/start.S
-+++ dietlibc-0.30_pre20060501/x86_64/start.S
-@@ -35,6 +35,10 @@ _start:
- 	popq	%rdi
- #endif
- 
-+#if 0 /* FIXME: __dietlibc__ */
-+	call	__guard_setup
-+#endif
-+
- #ifdef WANT_DYNAMIC
- 	call	_dyn_start
- #else
-Index: dietlibc-0.30_pre20060501/lib/stack_smash_handler2.c
-===================================================================
---- dietlibc-0.30_pre20060501.orig/lib/stack_smash_handler2.c
-+++ /dev/null
-@@ -1,12 +0,0 @@
--#include <unistd.h>
--#include <write12.h>
--
--void __stack_chk_fail(void);
--
--/* earlier versions of ProPolice actually gave the address and function
-- * name as arguments to the handler, so it could print some useful
-- * diagnostics.  No more. :-( */
--void __stack_chk_fail(void) {
--  __write2("smashed stack detected, program terminated.\n");
--  _exit(127);
--}
-Index: dietlibc-0.30_pre20060501/lib/stack_smash_handler.c
-===================================================================
---- dietlibc-0.30_pre20060501.orig/lib/stack_smash_handler.c
-+++ /dev/null
-@@ -1,25 +0,0 @@
--#include <write12.h>
--#include <unistd.h>
--
--/* this is only used with ProPolice in gcc 3.x */
--
--void __stack_smash_handler(char* func,unsigned int damaged);
--void __stack_smash_handler(char* func,unsigned int damaged) {
--  char buf[sizeof(char*)*2+1];
--  int i;
--  for (i=0; i<(int)sizeof(buf)-1; ++i) {
--    char c=damaged&0xf;
--    c+=c<10?'0':'a';
--    buf[sizeof(buf)-2-i]=c;
--    damaged>>=4;
--  }
--  buf[sizeof(buf)-1]=0;
--  __write2("stack smashed in ");
--  __write2(func);
--  __write2(" (value 0x");
--  __write2(buf);
--  __write2(")\n");
--  _exit(127);
--}
--
--
diff --git a/dietlibc/tools/ssp.c b/dietlibc/tools/ssp.c
deleted file mode 100644
index 9db8327..0000000
--- a/dietlibc/tools/ssp.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/*
- * Distributed under the terms of the GNU General Public License v2
- * $Header: /var/cvsroot/gentoo-x86/dev-libs/dietlibc/files/ssp.c,v 1.2 2004/12/05 19:25:40 solar Exp $
- *
- * This is a modified version of Hiroaki Etoh's stack smashing routines
- * implemented for glibc.
- *
- * The following people have contributed input to this code.
- * Ned Ludd - <solar[@]gentoo.org>
- * Alexander Gabert - <pappy[@]gentoo.org>
- * The PaX Team - <pageexec[@]freemail.hu>
- * Peter S. Mazinger - <ps.m[@]gmx.net>
- * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
- * Robert Connolly - <robert[@]linuxfromscratch.org>
- * Cory Visi <cory@visi.name>
- *
- */
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <signal.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <sys/time.h>
-
-#ifdef __PROPOLICE_BLOCK_SEGV__
-#define SSP_SIGTYPE SIGSEGV
-#elif __PROPOLICE_BLOCK_KILL__
-#define SSP_SIGTYPE SIGKILL
-#else
-#define SSP_SIGTYPE SIGABRT
-#endif
-
-unsigned long __guard = 0UL;
-
-void
-__guard_setup (void)
-{
-  size_t size;
-  if (__guard != 0UL)
-    return;
-
-#ifndef __SSP_QUICK_CANARY__
-  /*
-   * Attempt to open kernel pseudo random device if one exists before
-   * opening urandom to avoid system entropy depletion.
-   */
-  {
-    int fd;
-#ifdef HAVE_DEV_ERANDOM
-    if ((fd = open ("/dev/erandom", O_RDONLY)) == (-1))
-#endif
-      fd = open ("/dev/urandom", O_RDONLY);
-    if (fd != (-1))
-      {
-	size = read (fd, (char *) &__guard, sizeof (__guard));
-	close (fd);
-	if (size == sizeof (__guard))
-	  return;
-      }
-  }
-#endif
-
-  /* If sysctl was unsuccessful, use the "terminator canary". */
-  __guard = 0xFF0A0D00UL;
-
-  {
-    /* Everything failed? Or we are using a weakened model of the
-     * terminator canary */
-    struct timeval tv;
-
-    gettimeofday (&tv, NULL);
-    __guard ^= tv.tv_usec ^ tv.tv_sec;
-  }
-}
-
-void
-__stack_smash_handler (char func[], int damaged)
-{
-  struct sigaction sa;
-  const char message[] = ": stack smashing attack in function ";
-  int bufsz, len;
-  char buf[512];
-  static char *__progname = "dietapp";
-
-  sigset_t mask;
-  sigfillset (&mask);
-
-  sigdelset (&mask, SSP_SIGTYPE);	/* Block all signal handlers */
-  sigprocmask (SIG_BLOCK, &mask, NULL);	/* except SIGABRT */
-
-  bufsz = sizeof (buf);
-  strcpy (buf, "<2>");
-  len = 3;
-
-  strncat (buf, __progname, sizeof (buf) - 4);
-  len = strlen (buf);
-
-  if (bufsz > len)
-    {
-      strncat (buf, message, bufsz - len - 1);
-      len = strlen (buf);
-    }
-  if (bufsz > len)
-    {
-      strncat (buf, func, bufsz - len - 1);
-      len = strlen (buf);
-    }
-
-  /* print error message */
-  write (STDERR_FILENO, buf + 3, len - 3);
-  write (STDERR_FILENO, "()\n", 3);
-
-  /* Make sure the default handler is associated with the our signal handler */
-  memset (&sa, 0, sizeof (struct sigaction));
-  sigfillset (&sa.sa_mask);	/* Block all signals */
-  sa.sa_flags = 0;
-  sa.sa_handler = SIG_DFL;
-  sigaction (SSP_SIGTYPE, &sa, NULL);
-  (void) kill (getpid (), SSP_SIGTYPE);
-  _exit (127);
-}
author	Benedikt Boehm <hollow@gentoo.org>	2006-05-02 09:35:41 +0000
committer	Benedikt Boehm <hollow@gentoo.org>	2006-05-02 09:35:41 +0000
commit	dd2f75f7d8d5ed027e71408a9924128d6d8c9243 (patch)
tree	d849e0e8542f9bc6706a1152016e1292eebd5319 /dietlibc
parent	add missing prefix patch (diff)
download	misc-dd2f75f7d8d5ed027e71408a9924128d6d8c9243.tar.gz misc-dd2f75f7d8d5ed027e71408a9924128d6d8c9243.tar.bz2 misc-dd2f75f7d8d5ed027e71408a9924128d6d8c9243.zip