Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* security.c: allow faccessat2 syscall in seccomt filters (take 2)v1.2.9Sergei Trofimovich2021-02-031-0/+5
| | | | | | | | | | | Under glibc-2.33 sandox uses faccessat2 to stat symlinks. Unfortunately libseccomp does not yet provide syscall definition for faccessat2. Define it locally. Reported-by: Cănărău Constantin Bug: https://bugs.gentoo.org/768435 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* Revert "security.c: allow faccessat2 syscall in seccomt filters"Sergei Trofimovich2021-02-031-1/+0
| | | | | | | | | | libseccomp does not yet provide faccessat2. I tested the commit without seccomp enabled. This reverts commit e2378b8c6bef5d94805444797e7fe35c07f54783. Bug: https://bugs.gentoo.org/768435 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* security.c: allow faccessat2 syscall in seccomt filtersSergei Trofimovich2021-02-031-0/+1
| | | | | | | | Under glibc-2.33 sandox uses faccessat2 to stat symlinks. Reported-by: Cănărău Constantin Bug: https://bugs.gentoo.org/768435 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* scanmacho: add support for dumping UUIDsFabian Groffen2021-01-012-6/+56
| | | | | | | | | Add flag -U/--uuid to dump the object's UUID. (This is in particular useful when comparing against TextAPI stubs, .tbd files.) Signed-off-by: Fabian Groffen <grobian@gentoo.org>
* {,pax}macho: add support for arm64 archFabian Groffen2021-01-012-3/+7
| | | | Signed-off-by: Fabian Groffen <grobian@gentoo.org>
* BUGS: update email addressesv1.2.8Sergei Trofimovich2020-12-201-1/+2
| | | | | Reported-by: Leah Neukirchen <leah@vuxu.org> Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* Fix typo in module docstringv1.2.7Georg Brandl2020-10-051-1/+1
| | | | | Closes: https://github.com/gentoo/pax-utils/pull/4 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* scanelg: add --ldcache=<arg> option to ease testingSergei Trofimovich2020-10-034-1/+16
| | | | Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* lddtree.sh: drop /lib extraction heuristicsSergei Trofimovich2020-08-141-9/+1
| | | | | | | | | | Avoid using 'strings' to extract libpaths. Let's use hardcoded fallback values unconditionally until we get more robust way to fetch default libpath. Reported-by: Kent Fredric Bug: https://bugs.gentoo.org/736601 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* security.c: allow 'statx' in seccomp sandbox (musl-1.1.24)v1.2.6Sergei Trofimovich2020-04-131-0/+1
| | | | | | | | | | | | | | musl-1.1.24 starting from dfc81828f7ab41da08f744c "implement fstatat with SYS_statx, conditional on undersized kstat time" changed fstatat() to use statx(). This caused scanelf to crash under seccomp sandbox. The change whitelists 'statx' syscall. Bug: https://bugs.gentoo.org/717300 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* Add RISC-V to the list of architectures in ELFGöktürk Yüksek2020-04-062-1/+3
| | | | | Signed-off-by: Göktürk Yüksek <gokturk@gentoo.org> Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* pylint: load python via $PATHMike Frysinger2020-03-261-2/+2
| | | | Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* lddtree: Put ldso interpreter library path at endManoj Gupta2020-03-261-1/+2
| | | | | | | | | | | | | | Put ldso interpreter library path at end of libpaths search. It is supposed to be a final fallback path in case library search was incomplete. As a side effect, it currently mitigates the incorrect libbfd being loaded for aarch64 standalone toolchain. Bug: https://crbug.com/917193 Reviewed-on: https://crrev.com/c/1920643 Signed-off-by: Manoj Gupta <manojgupta@chromium.org> Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* pylintrc: enable more warningsMike Frysinger2020-03-262-1/+28
| | | | Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* scanelf.c: be more verbose at saying what all the addresses meanSergei Trofimovich2020-03-181-3/+4
| | | | | | | | | | | | | | | | | | | | | Print out relocation type and explain addresses: ``` $ ./scanelf -T -v gdb TYPE TEXTRELS FILE gdb: (memory/data?) [r_offset=0x0] r_type=0 in (optimized out?) [closest_prev_sym=0x0] gdb: (memory/data?) [r_offset=0x0] r_type=0 in (optimized out?) [closest_prev_sym=0x0] gdb: (memory/data?) [r_offset=0x0] r_type=0 in (optimized out?) [closest_prev_sym=0x0] gdb: (memory/data?) [r_offset=0x0] r_type=0 in (optimized out?) [closest_prev_sym=0x0] gdb: (memory/data?) [r_offset=0x0] r_type=0 in (optimized out?) [closest_prev_sym=0x0] gdb: (memory/data?) [r_offset=0x0] r_type=0 in (optimized out?) [closest_prev_sym=0x0] ``` Note: it's now more obvious that suspicious relocations are not real and just zero-initialized leftovers of R_*_NONE type. Bug: https://bugs.gentoo.org/713082 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* scanelf.c: don't srash in -v mode on non-functionsSergei Trofimovich2020-03-181-1/+1
| | | | | | | | | | Fix crash when running in verbose mode on bad files: $ ./scanelf -T -v gdb The file is taken from bug #713082. Bug: https://bugs.gentoo.org/713082 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* Makefile.am: refresh against current gnulibv1.2.5Sergei Trofimovich2020-02-161-4/+6
| | | | Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* lddtree.py: resolve python location through PATHSergei Trofimovich2020-02-161-1/+1
| | | | | | This allows running testsuite as-is on prefix. Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* security.c: allow 'semtimedop' in seccomp sandbox (glibc-2.31)Sergei Trofimovich2020-02-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | glibc-2.31 switched semop() libc implementation from semop() to semtimedop() in https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=765cdd0bffd77960a ("sysvipc: Implement semop based on semtimedop") This caused pax-utils to fail under fakeroot as: ``` $ fakeroot scanelf -yqRBF '#k%F' -k '.symtab' /bin/bash .../usr/bin/fakeroot: line 178: 103268 Bad system call ... Program terminated with signal SIGSYS, Bad system call. 33 ../sysdeps/unix/sysv/linux/semtimedop.c: No such file or directory. (gdb) bt (gdb) ``` The change whitelists 'semtimedop' syscall. Reported-by: Patrick McLean Bug: https://bugs.gentoo.org/709794 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* dumpelf.c: add missing break when decoding SHT_GNU_LIBLISTSergei Trofimovich2020-02-161-0/+1
| | | | | | | | | | | | Detected by gcc-10 as: ``` dumpelf.c: In function 'dump_shdr': dumpelf.c:462:4: warning: this statement may fall through [-Wimplicit-fallthrough=] 462 | printf("\t */\n"); \ | ^~~~~~~~~~~~~~~~~ ``` Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* security.c: whitelist ipc() syscall for fakeroot on ppc64 and friendsv1.2.4Sergei Trofimovich2019-01-141-0/+6
| | | | | | | | | | | | | | | | | | On amd64 and friends msgget() and similar syscalls are standalone syscalls. On i386 and friends msgget() is a subcall of ipc() syscall. This makes fakechroot break 'scanelf' as: $ LANG=C fakeroot scanelf -t /bin/bash /usr/bin/fakeroot: line 178: 6820 Bad system call (core dumped) The change whitelists ipc() call which allows all sysv syscalls, namely: - semop, semget, semctl, semtimedop - msgsnd, msgrcv, msgget, msgctl - shmat, shmdt, shmget, shmctl Reported-and-fixed-by: Samuel Holland Bug: https://bugs.gentoo.org/675378 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* lddtree.py: use errno properlyOleksandr Natalenko2018-11-191-1/+1
| | | | | | | | | | | | os.errno interface is removed [1], thus should not be used. In fact, it is not used in other places of lddtree.py, so fix this one too, because it breaks --copy-to-tree on systems with Python 3.7. [1] https://bugs.python.org/issue33666 Bug: https://bugs.gentoo.org/671522 Signed-off-by: Oleksandr Natalenko <oleksandr@natalenko.name> Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* paxelf: constify elfobj pointersMike Frysinger2018-06-073-19/+30
| | | | | | We rarely need to modify the memory from our input ELFs, so constify all the buffers. We end up having to cast away the const in the "fix" paths in scanelf (which is a bit ugly), but otherwise everything else works.
* scanelf: add general const markings to Elf pointersMike Frysinger2018-06-071-36/+36
|
* scanelf: use asprintf instead of manual malloc/sprintfMike Frysinger2018-06-071-5/+7
| | | | | This makes the code a bit nicer to deal with. For portable targets, we already include asprintf from gnulib.
* paxelf: constify elfobj pointer in helpersMike Frysinger2018-06-072-18/+18
| | | | This helper funcs only read data, so mark elfobj as const.
* paxelf: constify misc pointersMike Frysinger2018-06-071-4/+4
| | | | Mark internal pointers as const that we don't modify anywhere.
* dumpelf: constify misc pointersMike Frysinger2018-06-071-7/+7
| | | | Mark all possible pointers const since we don't modify anything.
* paxldso: constify elf structsMike Frysinger2018-06-071-2/+2
|
* pspax: constify all the pointersMike Frysinger2018-06-071-15/+15
|
* build: support clang a bit betterMike Frysinger2018-06-071-4/+6
| | | | | Use the -Werror=unknown-warning-option option if available so clang will reject some of the extra -W flags we add ourselves.
* paxelf: constify elf_findsecbynameMike Frysinger2018-06-073-26/+26
| | | | | We need to also constify scanelf_file_get_symtabs due to cascading const markings.
* scanelf: constify most scanelf_file_* helpersMike Frysinger2018-06-071-7/+7
| | | | Just house keeping -- all of these pointers are already used as const mem.
* scanelf: constify rpath_security_checksMike Frysinger2018-06-071-1/+1
|
* scanelf.c: fix TEXTREL parsing for files with non-zero load addressv1.2.3Sergei Trofimovich2018-02-181-5/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In bug #566118 scanelf failed to decode TEXTRELs on gcc binaries where program headers have absolute addresses: $ dumpelf ia64_bug_gcc/cc1plus /* Dynamic tag #25 'DT_RELA' 0x2099518 */ { .d_tag = 0x7 , .d_un = { .d_val = 0x4000000000104B08 , .d_ptr = 0x4000000000104B08 , }, }, /* Section Header #8 '.rela.dyn' 0x20AA610 */ { .sh_type = 4 , /* [SHT_RELA] */ .sh_addr = 0x4000000000104B08 , .sh_offset = 1067784 , /* (bytes) */ }, Before the change scanelf assumed DT_RELA.d_ptr is a relative offset. This is not true in general case but good-enough for DSOs as they have zero load address. This change extends the check for executables. To make addresses relative again we find load address of first byte from program header with 'p_offset'. /* Program Header #2 0xB0 */ { .p_type = 1 , /* [PT_LOAD] */ .p_offset = 0 , /* (bytes into file) */ .p_vaddr = 0x4000000000000000 , /* (virtual addr at runtime) */ .p_paddr = 0x4000000000000000 , /* (physical addr at runtime) */ }, Bug: https://bugs.gentoo.org/566118 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
* autogen.sh: add gnulib modules for SolarisMichael Haubenwallner2017-09-182-1/+3
| | | | | | | Need gnulib modules stpcpy, euidaccess for Solaris 10, where euidaccess uses eaccess when available, probably via LIB_EACCESS. Signed-off-by: Fabian Groffen <grobian@gentoo.org>
* check for linux/securebits.h, missing on Linux 2.6.32Michael Haubenwallner2017-09-182-1/+5
| | | | Signed-off-by: Fabian Groffen <grobian@gentoo.org>
* scanelf: fix out-of-bounds access in ia64Sergei Trofimovich2017-09-181-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commit 2eb852129394f97dae89c0ff1f9f48637edcb0e9 slightly changed decoder and added unchecked read from elf header: ``` switch (EGET(dpltrel->d_un.d_val)) { \ case DT_REL: \ rel = REL##B(elf->vdata + EGET(drel->d_un.d_val)); \ ``` On ia64 'EGET(drel->d_un.d_val)' returns absolute address: ``` $ dumpelf bug/luatex ... /* Dynamic tag #31 'DT_RELA' 0x97E310 */ { .d_tag = 0x7 , .d_un = { .d_val = 0x4000000000031C30 , .d_ptr = 0x4000000000031C30 , }, }, ``` That causes 'scanelf' crash on binaries like 'luatex'. This change restores check and loudly skips such sections: scanelf: bug/luatex: DT_RELA is out of file range Bug: https://bugs.gentoo.org/624356 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> Signed-off-by: Fabian Groffen <grobian@gentoo.org>
* paxelf: constify pax_short_* helpersMike Frysinger2017-03-033-9/+8
|
* lddtree: move parser logic into a funcMike Frysinger2017-02-161-2/+8
| | | | This keeps the main func a bit cleaner.
* pylint: add a helper to keep python code cleanMike Frysinger2017-02-163-5/+94
| | | | Fix up some lddtree logic at the same time so it's warning free.
* tests: rename files to avoid ".py" suffix on non-python filesMike Frysinger2017-02-167-7/+7
|
* add helper for checking memory/elf rangesMike Frysinger2017-02-113-25/+19
| | | | Less likely to screw up the logic this way.
* scanelf: check range of hash bucketMike Frysinger2017-02-111-1/+2
| | | | | | | Make sure we don't walk off the end of the ELF with a corrupt hash table. URL: https://bugs.gentoo.org/608766 Reported-by: Agostino Sarubbo <ago@gentoo.org>
* dumpelf: check for invalid notesMike Frysinger2017-02-011-7/+16
| | | | | | | Handle cases where the size fields would overflow the additions. URL: https://bugs.gentoo.org/607898 Reported-by: Agostino Sarubbo <ago@gentoo.org>
* dumpelf: check for invalid program headersMike Frysinger2017-02-012-4/+9
| | | | | URL: https://bugs.gentoo.org/607896 Reported-by: Agostino Sarubbo <ago@gentoo.org>
* dumpelf: check for invalid section entry sizesMike Frysinger2017-02-011-22/+28
| | | | | URL: https://bugs.gentoo.org/607894 Reported-by: Agostino Sarubbo <ago@gentoo.org>
* TODO: drop fixed issues and add some new onesv1.2.2Mike Frysinger2017-01-241-7/+4
|
* scanelf: revert back to looking at .dynstr directlyMike Frysinger2017-01-242-6/+25
| | | | | | The rpath/needed/soname strings are only listed in .dynstr, so trying to locate them in .strtab fails. Which means using the lookup helper breaks behavior on non-stripped files.
* scanelf: switch all string table lookups to scanelf_file_get_symtabsv1.2.1Mike Frysinger2017-01-231-23/+23
| | | | | | We don't care about the .strtab-vs-.dynstr, but we do want to fall back to tables that can only be found via dynamic tags and program headers.