Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#26435 - [namcap] Print notice when GNU_RELRO is missing in ELF file.

Attached to Project: Arch Linux
Opened by Sverd Johnsen (sjohnsen) - Friday, 14 October 2011, 01:22 GMT
Last edited by Gerardo Exequiel Pozzi (djgera) - Wednesday, 30 January 2013, 16:03 GMT
Task Type Feature Request
Category Arch Projects
Status Assigned
Assigned To Rémy Oudompheng (remyoudompheng)
Architecture All
Severity Very Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 2
Private No

Details

When GNU_RELRO is missing in a ELF file, namcap should print a notice informing the packager that LDFLAGS have been ignored during the build.

Besides highlighting issues in upstream build configuration, RELRO is desirable for various reasons and has been in our LDFLAGS for quite a while now by default.

readelf -p /bin/foo | grep GNU_RELRO
This task depends upon

Comment by Jason William Walton (jasonww) - Saturday, 12 May 2012, 07:10 GMT
Since namcap is using pyelftools now, checking for PT_GNU_RELRO in addition to PT_GNU_STACK (?) shouldn't slow it down too much.

Bumped.
Comment by Daniel Micay (thestinger) - Friday, 26 December 2014, 07:23 GMT
There are no false positives for this check at packaging time, so +1.

Sadly, there's no viable way to do a reliable check for missing SSP (-fstack-protector-strong) because many small executables simply don't have viable candidate functions for it to protect.

Loading...