FS#66940 - [mupdf] Binary shipped with executable stack
Attached to Project:
Community Packages
Opened by Anonymous (reallybmn) - Monday, 08 June 2020, 12:16 GMT
Last edited by Doug Newgard (Scimmia) - Monday, 08 June 2020, 13:33 GMT
Opened by Anonymous (reallybmn) - Monday, 08 June 2020, 12:16 GMT
Last edited by Doug Newgard (Scimmia) - Monday, 08 June 2020, 13:33 GMT
|
Details
Description:
The mupdf binary requests an executable stack from the loader. The readelf tool shows the GNU_STACK segment requests "RWE" permissions: $ readelf -l /usr/bin/mupdf This is both unnecessary and risky, especially considering that this program parses untrusted, complex inputs (PDFs). The program gets an executable stack only because it fails to consistently request an non-executable stack during linking. This is due to the use of the linker ("ld -r -b binary") to embed data, and such data object files do not, by default, include the necessary .note.GNU-stack section. The fix is to add "-z noexecstack" when using the linker this way. Additional info: * package version: mupdf 1.17.0-1 (previous versions too) * dmesg message: process '/usr/bin/mupdf' started with executable stack * Analogous bug report in Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944817 Steps to reproduce: * Install Arch Linux's mupdf package * Run mupdf |
This task depends upon
Closed by Doug Newgard (Scimmia)
Monday, 08 June 2020, 13:33 GMT
Reason for closing: Duplicate
Additional comments about closing: FS#66695
Monday, 08 June 2020, 13:33 GMT
Reason for closing: Duplicate
Additional comments about closing: