New issue
Advanced search Search tips

Issue 663487 link

Starred by 1 user
Status: Verified
Owner:
vapier@chromium.org
Closed: Nov 2016
Cc:
mnissler@chromium.org
vapier@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug



Sign in to add a comment

add a security autotest to reject objects with TEXTRELs

Project Member Reported by vapier@chromium.org, Nov 8 2016 
i just noticed another package that's had TEXTRELs in it (nyan opengl libs).  we warn about it, but those warnings are lost when you `emerge` as people easily ignore them.

any reason to keep allowing these things ?

we could update platform_ToolchainOptions as it already looks for relro/pie/W^X LOAD/etc... options.
Project Member

Comment 1 by bugdroid1@chromium.org, Nov 15 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/autotest/+/fb69daf0ecd1c3f215729df7b606adc3291d5342

commit fb69daf0ecd1c3f215729df7b606adc3291d5342
Author: Mike Frysinger <vapier@chromium.org>
Date: Wed Nov 09 18:46:37 2016

platform_ToolchainOptions: check & reject ELFs with TEXTRELs

We don't want to allow TEXTRELs for security & memory reasons,
so check for and reject them.

BUG= chromium:663487 
TEST=precq passes

Change-Id: I30e712a4267ad57da127c4d36416f85b946b86ef
Reviewed-on: https://chromium-review.googlesource.com/409590
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>

[modify] https://crrev.com/fb69daf0ecd1c3f215729df7b606adc3291d5342/client/site_tests/platform_ToolchainOptions/platform_ToolchainOptions.py
[add] https://crrev.com/fb69daf0ecd1c3f215729df7b606adc3291d5342/client/site_tests/platform_ToolchainOptions/textrel_whitelist
Project Member

Comment 2 by bugdroid1@chromium.org, Nov 15 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/autotest/+/fb69daf0ecd1c3f215729df7b606adc3291d5342

commit fb69daf0ecd1c3f215729df7b606adc3291d5342
Author: Mike Frysinger <vapier@chromium.org>
Date: Wed Nov 09 18:46:37 2016

platform_ToolchainOptions: check & reject ELFs with TEXTRELs

We don't want to allow TEXTRELs for security & memory reasons,
so check for and reject them.

BUG= chromium:663487 
TEST=precq passes

Change-Id: I30e712a4267ad57da127c4d36416f85b946b86ef
Reviewed-on: https://chromium-review.googlesource.com/409590
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Mattias Nissler <mnissler@chromium.org>

[modify] https://crrev.com/fb69daf0ecd1c3f215729df7b606adc3291d5342/client/site_tests/platform_ToolchainOptions/platform_ToolchainOptions.py
[add] https://crrev.com/fb69daf0ecd1c3f215729df7b606adc3291d5342/client/site_tests/platform_ToolchainOptions/textrel_whitelist

Comment 3 by vapier@chromium.org, Nov 15 2016

Owner: vapier@chromium.org
Status: Fixed (was: Available)

Comment 4 by dchan@google.com, Jan 21 2017

Labels: VerifyIn-57

Comment 5 by dchan@google.com, Mar 4 2017

Labels: VerifyIn-58

Comment 6 by dchan@google.com, Apr 17 2017

Labels: VerifyIn-59

Comment 7 by dchan@google.com, May 30 2017

Labels: VerifyIn-60

Comment 8 by dchan@chromium.org, Aug 1 2017

Labels: VerifyIn-61

Comment 9 by abod...@chromium.org, Aug 3 2017

Status: Verified (was: Fixed)
Closing. Please reopen it if its not fixed. Thanks!

Sign in to add a comment