SUGGEST: Patch for compiling unzip using hardened CFLAGS

Aki Tuomi cmouse at youzen.ext.b2.fi
Thu Oct 13 00:06:42 PDT 2005


On Wed, Oct 12, 2005 at 03:54:42PM +0200, Jaap Struyk wrote:
> Op wo 12-10-2005, om 11:27 schreef Aki Tuomi:
> 
> > You MUST use linux_noasm target, not linux, when compiling. If you
> > use linux, it'll use ASM code which causes TEXTREL to emerge. 
> 
> I used the comands you provided, when building the output doesn't show
> asm:
> 
> gcc -c -O3 -Wall -I. -DUSE_UNSHRINK -pie -fpie -DSFX unix_.c
> 
> and
> 
> gcc -c -O3 -Wall -I. -fPIC -DDLL -DUSE_ZLIB -DUSE_UNSHRINK -fpie -pie -o
> api.pic.o api.c
> 
> But on the check:
> 
> root:~/unzip-5.52# LD_LIBRARY_PATH=$PWD make check
> #####  This is a Unix-specific target.  (Just so you know.)
> #####     Make sure unzip, funzip and unzipsfx are compiled and
> #####     in this directory.
> #####  testing extraction
> ./unzip: error while loading shared libraries:
> /root/unzip-5.52/libunzip.so.0: cannot make segment writable for
> relocation: Permission denied
> make: *** [check] Error 127
> 
> > Try again, please. I just tested my patch and it works. Make sure it
> > does not use ASM code when compiling. 
> 
> I'am using gcc version 3.4.4 (ssp) on a 2.6.13-ck8s-grsec but I can't
> imagine that the kernel has to do something with build.
> Could it be that unzip was build against something that has TEXTREL?
> -- 
> Groetjes Japie
> 
> -- 
> http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
> FAQ: http://www.linuxfromscratch.org/faq/
> Unsubscribe: See the above information page

Two things come to mind:

 1) Check readelf -l ./libunzip.so.0 in the source directory
 2) Check readelf -l /usr/lib/libunzip.so.0

If 1) has TEXTREL, then the patch is not working properly
If 2) has TEXTREL, then remove it, and recompile

-- 
Aki Tuomi




More information about the hlfs-dev mailing list