Patches for the next release
Steve M. Robbins
steve at sumost.ca
Sat Aug 2 02:56:59 CEST 2008
On Fri, Aug 01, 2008 at 07:30:15PM +0200, Torbjorn Granlund wrote:
> "Steve M. Robbins" <steve at sumost.ca> writes:
> Hi Torbjörn,
> On Wed, Jul 23, 2008 at 05:18:11PM +0200, Torbjorn Granlund wrote:
> > I am preparing GMP 4.2.3, and if you have some safe C++ portability
> > changes for that release, please sedn them to the list.
> If you're making a new release, please consider the following patch.
> GMP builds several objects from assembly code that end up with an
> executable stack. The executable stack turns out to be a problem
> on systems with a security hardened kernel such as "grsec". See
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323944 for more
> After applying this patch, you need to run autoreconf.
> Why does only assmbly code suffer from this problem, why isn't C code
> also affected?
Good question. I hadn't considered this, but google led me to the
When you compile source code normally, gcc takes care of adding
the GNU_STACK markings so that the final object code is not marked
with an executable stack unless it actually needs it. However, if
you compile assembly code, gcc will not automatically add
GNU_STACK markings. So, the most common source of executable
stacks in ELF binaries are packages which include raw assembly
code. Note that we're not talking about inline assembly code, but
rather files like .S which are written in pure assembler.
We can either patch each source file written in assembler and send
the fixes upstream, or we can force the package build system to
assemble the source files with the GNU as option --noexecstack
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : http://gmplib.org/list-archives/gmp-bugs/attachments/20080801/4905af4d/attachment.bin
More information about the gmp-bugs