diff options
author | Carlos O'Donell <carlos@redhat.com> | 2013-09-23 00:52:09 -0400 |
---|---|---|
committer | Carlos O'Donell <carlos@redhat.com> | 2013-09-23 00:52:09 -0400 |
commit | c61b4d41c9647a54a329aa021341c0eb032b793e (patch) | |
tree | c4a665c232a7d37786a6f3b5e3f56d0ae11480e8 /elf/Makefile | |
parent | 58a96064d193317236b740998e134b652d3d62ad (diff) | |
download | glibc-c61b4d41c9647a54a329aa021341c0eb032b793e.tar.gz glibc-c61b4d41c9647a54a329aa021341c0eb032b793e.tar.xz glibc-c61b4d41c9647a54a329aa021341c0eb032b793e.zip |
BZ #15754: CVE-2013-4788
The pointer guard used for pointer mangling was not initialized for static applications resulting in the security feature being disabled. The pointer guard is now correctly initialized to a random value for static applications. Existing static applications need to be recompiled to take advantage of the fix. The test tst-ptrguard1-static and tst-ptrguard1 add regression coverage to ensure the pointer guards are sufficiently random and initialized to a default value.
Diffstat (limited to 'elf/Makefile')
-rw-r--r-- | elf/Makefile | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/elf/Makefile b/elf/Makefile index aaa9534b2e..cb8da9398a 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -121,7 +121,8 @@ endif tests = tst-tls1 tst-tls2 tst-tls9 tst-leaks1 \ tst-array1 tst-array2 tst-array3 tst-array4 tst-array5 tests-static = tst-tls1-static tst-tls2-static tst-stackguard1-static \ - tst-leaks1-static tst-array1-static tst-array5-static + tst-leaks1-static tst-array1-static tst-array5-static \ + tst-ptrguard1-static ifeq (yes,$(build-shared)) tests-static += tst-tls9-static tst-tls9-static-ENV = \ @@ -145,7 +146,8 @@ tests += loadtest restest1 preloadtest loadfail multiload origtest resolvfail \ tst-audit1 tst-audit2 tst-audit8 \ tst-stackguard1 tst-addr1 tst-thrlock \ tst-unique1 tst-unique2 tst-unique3 tst-unique4 \ - tst-initorder tst-initorder2 tst-relsort1 tst-null-argv + tst-initorder tst-initorder2 tst-relsort1 tst-null-argv \ + tst-ptrguard1 # reldep9 test-srcs = tst-pathopt selinux-enabled := $(shell cat /selinux/enforce 2> /dev/null) @@ -1016,6 +1018,9 @@ LDFLAGS-order2mod2.so = $(no-as-needed) tst-stackguard1-ARGS = --command "$(host-test-program-cmd) --child" tst-stackguard1-static-ARGS = --command "$(objpfx)tst-stackguard1-static --child" +tst-ptrguard1-ARGS = --command "$(host-test-program-cmd) --child" +tst-ptrguard1-static-ARGS = --command "$(objpfx)tst-ptrguard1-static --child" + $(objpfx)tst-leaks1: $(libdl) $(objpfx)tst-leaks1-mem: $(objpfx)tst-leaks1.out $(common-objpfx)malloc/mtrace $(objpfx)tst-leaks1.mtrace > $@ |