libsmpeg0 has an executable stack
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
smpeg (Ubuntu) |
Fix Released
|
Wishlist
|
Kees Cook |
Bug Description
Binary package hint: libsmpeg0
smpeg seems to have an executable stack on Ubuntu. As determined by Gentoo, this is not necessary. In fact this particular case is the example for the Hardened Gentoo GNU Stack Quickstart[1], a guide to dealing with executable stacks.
Utilizing scanelf from paxutils, I have located several libraries with PT_GNU_STACK markings. Libraries with these markings cause any executable loading these libraries to get an executable stack, a failing in security best practices[1].
~$ scanelf -Retq /usr/lib
...
RWX --- --- /usr/lib/
Removal of this marking can simply be carried out with 'execstack -c'; however, if something else causes an executable stack later for "legitimate" reasons (i.e. code is executed on the stack... gcc nested functions?), we won't find out until programs mysteriously start crashing (and then we have to fix the program to NOT execute the stack).
Instead of blindly killing the flag after compilation, we should correctly mark each object by adding a PT_GNU_STACK header to each assembly (.S) file, at the end:
#endif /* i386 && USE_MMX */
/* Add these three lines to get us a PT_GNU_STACK header */
#ifdef __ELF__
.section .note.GNU-
#endif
This is as per patch at Gentoo CVS:
http://
Inline assembly is disabled by debian/rules; the two video/mmx*.S files output .o files containing no useful object code, but no .note.GNU-stack either, causing an executable stack.
Somebody should submit this fix upstream as well.
Changed in smpeg: | |
importance: | Untriaged → Wishlist |
John,
Gentoo seems to have moved their source repositories around. Could
you attach the proper patch to this bug?
Thanks.