summaryrefslogtreecommitdiff
path: root/gnu/usr.bin
AgeCommit message (Collapse)Author
2003-02-06use common elf.sc instead of own hppaobsd.sc, catch up w/ dale's elf work ↵Michael Shalayeff
for hppa; drahn@ lots of helps and ok
2003-02-02pass BSDSRCDIR in environment to submakes.Marc Espie
This `repairs' setting up BSDSRCDIR in /etc/mk.conf and nowhere else.
2003-02-02I've been guaranteed that guaranteed is better than guarenteed.Miod Vallat
2003-01-30Again this comment was not updated. now we have 7 load sections.Dale Rahn
2003-01-30ELF security enhancement: put .rodata into it's own load section insteadDale Rahn
of putting it with the text. This removes the execute permission from readonly data. This constrains the executable region to portions of the executable which need to be executable. Note: not all processors or mmus are capable of -X protection at the page level, but should handle ELF images which specify specific RWX protections on each section.
2003-01-24This is a project to modify executables so that they do not have anyDale Rahn
executable regions which are writable. If a section of an executable is writable and executable, it is much easier for errant code to modify the executable's behavior. Two current areas in shared library environments which have this critical problem are the GOT (Global Offset Table) and PLT (Procedure Linkage Table). The PLT is required to be executable and both GOT and PLT are writable on most architectures. On most ELF architecture machines this would cause shared libraries to have data and BSS marked as executable. Padding to the linker script for programs and shared libraries/objects to isolate the GOT and PLT into their own load sections in the executables. This allows only the text(readonly) region and the PLT region to be marked executable with the normal data and BSS not marked as executable. The PLT region is still marked executable on most architectures because the PLT lives in the "data" or "BSS" regions and the dynamic loader will need to modify it. Since the GOT and PLT should only ever be written by the dynamic linker, it will be modified to mprotect those regions so that they are not writable during normal execution. If the dynamic linker needs to modify the regions later, (eg for lazy binding), it will mprotect the region, make the necessary changes, and mprotect it back. Since it is possible to receive a signal which would interrupt the program flow and perhaps cause the dynamic linker to modify the same (or nearby) PLT references, it is now necessary for signals to be blocked for the duration of the mprotect. This diff was omitted from the original commit, this implements the -Z option to produce traditional (non protected) executables.
2003-01-23Add a "DisableXProg" option to CVSROOT/config that can be used toTodd C. Miller
disable support for Update-prog and Checkin-prog. This is a good idea for anonymouse cvs servers or anyone who doesn't need this feature. From Stefan Esser.
2003-01-20In dirswitch(), don't free dir_name until right before allocatingTodd C. Miller
it again. This removes a potential double-free problem, whereby this function could free dir_name and then immediately return due to invalid directory syntax (without ever reassigning dir_name), then re-enter and free dir_name again. Fix from Stefan Esser.
2003-01-20No more libc_r and don't link explicitly with -lpthread Not havingTodd C. Miller
-lpthread may confuse perl's Configure since it wants to nm libs to see what is in them butu I haven't noticed any problems with this (yet).
2003-01-19give a second chance for loading dependent modules:Marc Espie
look in the path of the main map before giving up. ok deraadt@. (This fixes a few kde issues, and removes loads of needs for ldconfig)
2003-01-19revamp .init call code to be saner:Marc Espie
- build a tree of modules inter-dependencies. - make sure dependent modules are .init'ed before depending modules. - flag initialization so that cycles don't bork ld.so. okay deraadt@, drahn@.
2003-01-19In error message from dependent libraries, mention which dependent libraryMarc Espie
is trying to load another library.
2003-01-17Update comment for linker change which just committed.Dale Rahn
2003-01-17This is a project to modify executables so that they do not have anyDale Rahn
executable regions which are writable. If a section of an executable is writable and executable, it is much easier for errant code to modify the executable's behavior. Two current areas in shared library environments which have this critical problem are the GOT (Global Offset Table) and PLT (Procedure Linkage Table). The PLT is required to be executable and both GOT and PLT are writable on most architectures. On most ELF architecture machines this would cause shared libraries to have data and BSS marked as executable. Padding to the linker script for programs and shared libraries/objects to isolate the GOT and PLT into their own load sections in the executables. This allows only the text(readonly) region and the PLT region to be marked executable with the normal data and BSS not marked as executable. The PLT region is still marked executable on most architectures because the PLT lives in the "data" or "BSS" regions and the dynamic loader will need to modify it. Since the GOT and PLT should only ever be written by the dynamic linker, it will be modified to mprotect those regions so that they are not writable during normal execution. If the dynamic linker needs to modify the regions later, (eg for lazy binding), it will mprotect the region, make the necessary changes, and mprotect it back. Since it is possible to receive a signal which would interrupt the program flow and perhaps cause the dynamic linker to modify the same (or nearby) PLT references, it is now necessary for signals to be blocked for the duration of the mprotect.
2003-01-13Add a compatibilty flag '-Z' for upcoming elf changes, does nothing currentlyDale Rahn
but will produce old style executables when the other changes appear.
2003-01-06syncronous -> synchronousMiod Vallat
2003-01-06typo: s/specifed/specifiedChad Loder
2003-01-05fix for PR3053 - NULL deref when fd == NULL in first dlsym() argPeter Valchev
ok miod drahn marc
2003-01-04spellingTheo de Raadt
2003-01-04Remove the support to force linking against a specific shlib major.minor.Dale Rahn
This behavior broke libraries which were named libN-X.Y.so.A.B. ok pval, espie
2003-01-03fix typo; jmcTodd C. Miller
2002-12-31Typoes; jmc AT prioris DoT mini DoT pw DoT edu DoT plTodd C. Miller
2002-12-23Bug Fixmargarida
Update Safe module to version 2.09 millert@ ok
2002-12-19Add a second keep-locals entry to stop getopt from treating -k as anFederico G. Schwindt
abbreviation for --keep-locals. from binutils-current. millert@ ok.
2002-12-19build LYMainLoop.o -O0 as a workaround for gcc on hppaMichael Shalayeff
2002-12-13Reverse the order of a test in the loop invariant. It makes moreTodd C. Miller
sense this way and works around an apparent gcc optimizer bug on macppc related to inline functions. OK drahn@
2002-12-13Two more places where we can use the libc getopt_long() instead of GNU getopt()Todd C. Miller
2002-12-12don't link LIBCRT0 into ld.so (for DESTDIR builds); PR2928; ok fgsch@, millert@Markus Friedl
2002-12-11o Check mmap() return value against MAP_FAILED, not -1.Todd C. Miller
o Prevent close() from clobbering errno. Patch from Peter Werner; closes PR 2995
2002-12-11Remove bc/libmath.h from CLEANFILES since we don't generate it at buildTodd C. Miller
time anymore.
2002-12-10No need to disable stack protection on alpha anymore.Miod Vallat
2002-12-09We now have getopt_long() in libc, no need to build a private copy.Todd C. Miller
2002-12-09We now have getopt_long() in libc, no need to build a private copy.Todd C. Miller
2002-12-09From Andrushock, s/sucess/success/gTodd C. Miller
2002-12-08correct lcall opcode. fix provided by Hans-Joerg HoexerFederico G. Schwindt
<hshoexer at yerbouti dot franken dot de> via pr/3014. mickey@ and weingart@ ok.
2002-12-08getopt returns -1, not EOFTodd C. Miller
2002-12-03bc can now use the libc getoptTodd C. Miller
2002-12-03Don't generate libmath.h in the obj dir each time we build since itTodd C. Miller
is already in the src dir. miod@ OK
2002-12-03Temporarily disable stack protection on alpha, it breaks fbc if compiledMiod Vallat
with optimization.
2002-12-03Crank all library major numbers. Needed due to the fact that weTodd C. Miller
now build libraries with propolice enabled. Without this, existing binaries (such as ports/packages) that link with any system library other than libc will fail with an undefined symbol of "___guard" (__guard on ELF). Pointed out by markus@ and discussed with deraadt@
2002-12-02KNF; openbsd@davidkrause.comTheo de Raadt
2002-12-02xstrdup the return value of basename() before recording it in the bfd,Peter Valchev
fixes the "NEEDED crtend.o" problem that appeared in varios ports and had to be workarounded. from thorpej@NetBSD, thanks to drahn@ for pointing it out; ok drahn espie
2002-12-02Import propolice (http://www.trl.ibm.com/projects/security/ssp), a stackMiod Vallat
attack protection scheme, into gcc. This protection is enabled by default. It can be turned off by using the -fno-stack-protector flag. Code by Hiroaki Etoh (etoh at jp dot ibm dot com); work on openbsd-specific integration by fgsch@, deraadt@ and myself; tests by fgsch@, naddy@ and myself; beer drinking by myself. Please note that system upgrades with this new code will require a new libc and ld.so to be build and installed before the propolice-enabled compiler can be installed.
2002-11-29do not redefine NULLTheo de Raadt
2002-11-27Kill some alloca. Reduces temp allocation for big static libraries drastically,Marc Espie
allow, e.g., linking against static debug qt (or debug static mozilla for that matter). okay miod@
2002-11-25Fix URL CRLF Injection bug.margarida
-- A CRLF injection vulnerability has been reported for Lynx that may allow an attacker to include extra HTTP headers when viewing web pages. If Lynx is called from the command line, carriage return and line feed (CRLF) characters may be included in the specified URL. These characters are not escaped when the input is used to construct a HTTP request. URL: http://www.flora.org/lynx-dev/html/month082002/msg00211.html henning@ fgs@ pjanzen@ pvalchev@ ok
2002-11-18More printf format paranoia; noticed by David KrauseTodd C. Miller
2002-11-06Fix obnoxious makeinfo warnings during build.Miod Vallat
2002-11-05-bytes_in/_out and total_in/_out are off_t, not long. fixes a few displayingHenning Brauer
problems with files > 2GB. -print bytes in/out to stderr in verbose mode ok millert@ fgsch@
2002-11-04Put back the bits disabling setre[ug]id(). Perl will use setres[ug]idTodd C. Miller
instead so we don't need to use the (emulated) setre[ug]id() in libc.