FS#43229 - [festival] missing RELRO / SSP because CFLAGS/LDFLAGS are not respected
Attached to Project:
Arch Linux
Opened by Daniel Micay (thestinger) - Friday, 26 December 2014, 06:38 GMT
Last edited by Jelle van der Waa (jelly) - Thursday, 01 June 2023, 20:31 GMT
Opened by Daniel Micay (thestinger) - Friday, 26 December 2014, 06:38 GMT
Last edited by Jelle van der Waa (jelly) - Thursday, 01 June 2023, 20:31 GMT
|
Details
All of the executables are missing RELRO because the build
system doesn't respect LDFLAGS. This can be solved either by
modifying the build system or by adding
makedepends=(hardening-wrapper).
Many of the executable are also missing stack canaries, but when I rebuild it the problem fixes itself. Perhaps it was built without -fstack-protector-strong in the makepkg configuration? |
This task depends upon
Closed by Jelle van der Waa (jelly)
Thursday, 01 June 2023, 20:31 GMT
Reason for closing: Implemented
Additional comments about closing: festival-2.5.0-5-x86_64.pkg.tar.zst
Thursday, 01 June 2023, 20:31 GMT
Reason for closing: Implemented
Additional comments about closing: festival-2.5.0-5-x86_64.pkg.tar.zst
Comment by Doug Newgard (Scimmia) -
Friday, 26 December 2014, 14:28 GMT
- Field changed: Status (Unconfirmed → Assigned)
- Task assigned to Andreas Radke (AndyRTR), Eric Belanger (Snowman)
Orphan, assigning to last two packagers.
Comment by loqs (loqs) - Tuesday,
29 September 2020, 13:50 GMT
- Field changed: Percent Complete (100% → 0%)
The hardening-wrapper was in festival 2.4-1
https://github.com/archlinux/svntogit-packages/commit/28fd9dbcd3cd3594f052f20969d85898a0a232aa http://sprunge.us/Zn0es1
contains the output of namcap festival-2.5.0-4-x86_64.pkg.tar.zst
Comment by loqs (loqs) - Tuesday,
29 September 2020, 15:20 GMT
The attached PKGBUILD.diff fixes RELRO. MAKE_SHARED_LIB may be
better changed using a patch.
PKGBUILD.diff
(0.8 KiB)