thr3ads.net - openssh bugs - [Bug 1538] New: improve SSP detection [Nov 2008]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at bugzilla.mindrot.org

2008-Nov-19 04:00 UTC

[Bug 1538] New: improve SSP detection

https://bugzilla.mindrot.org/show_bug.cgi?id=1538

           Summary: improve SSP detection
           Product: Portable OpenSSH
           Version: 5.1p1
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Build system
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: vapier at gentoo.org


the SSP test compiles this simple code:
#include <stdlib.h>
int main(void){exit(0);}

while that works fine for testing the -fstack-protector-all flag, it's
insufficient for testing the -fstack-protector flag.  since it doesnt
use any stack, no SSP markings will be added.  so if the toolchain does
not fully support SSP, the configure script will add the flag but the
build will ultimately fail.

a better test case seems to be:
#include <stdio.h>
int main(void){char foo[1024];return sprintf(foo, "moo cow");}

patch:
http://sources.gentoo.org/net-misc/openssh/files/openssh-5.1_p1-better-ssp-check.patch?rev=1.1

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2008-Nov-19 04:29 UTC

head link

[Bug 1538] improve SSP detection

https://bugzilla.mindrot.org/show_bug.cgi?id=1538


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
         AssignedTo|unassigned-bugs at mindrot.org |djm at mindrot.org
   Attachment #1579|                            |ok?
               Flag|                            |




--- Comment #1 from Damien Miller <djm at mindrot.org>  2008-11-19
15:29:50 ---
Created an attachment (id=1579)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1579)
Fixed patch

I think the referenced patch is incorrect: square brackets need
escaping in autoconf, so the test program would always fail with a
compile error. This patch uses autoconf "quadrigraph" escaping
(don't
ask) to avoid this.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2008-Nov-19 04:30 UTC

head link

[Bug 1538] improve SSP detection

https://bugzilla.mindrot.org/show_bug.cgi?id=1538





--- Comment #2 from Damien Miller <djm at mindrot.org>  2008-11-19
15:30:53 ---
oops, ignore the changes to Makefile.in in that diff - they aren't
supposed to be there.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2008-Nov-19 05:57 UTC

head link

[Bug 1538] improve SSP detection

https://bugzilla.mindrot.org/show_bug.cgi?id=1538


Tim Rice <tim at multitalents.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |tim at multitalents.net




--- Comment #3 from Tim Rice <tim at multitalents.net>  2008-11-19
16:57:35 ---
(In reply to comment #1)> I think the referenced patch is incorrect: square brackets need
> escaping in autoconf, so the test program would always fail with a
> compile error. This patch uses autoconf "quadrigraph" escaping
(don't
> ask) to avoid this.
Or you can just double up on the square brackets. More readable?
+int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return
0;}

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2008-Nov-19 06:11 UTC

head link

[Bug 1538] improve SSP detection

https://bugzilla.mindrot.org/show_bug.cgi?id=1538


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1579|0                           |1
        is obsolete|                            |
   Attachment #1579|ok?                         |
               Flag|                            |
   Attachment #1580|                            |ok?
               Flag|                            |




--- Comment #4 from Damien Miller <djm at mindrot.org>  2008-11-19
17:11:39 ---
Created an attachment (id=1580)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1580)
simplified diff

diff with Tim's suggestion and no extraneous crap

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2008-Nov-20 00:17 UTC

head link

[Bug 1538] improve SSP detection

https://bugzilla.mindrot.org/show_bug.cgi?id=1538





--- Comment #5 from Mike Frysinger <vapier at gentoo.org>  2008-11-20
11:17:30 ---
indeed ... i should have checked the config.log rather than just
verifying that SSP was detected as not supported

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2008-Dec-07 22:36 UTC

head link

[Bug 1538] improve SSP detection

https://bugzilla.mindrot.org/show_bug.cgi?id=1538


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|                            |FIXED
             Blocks|                            |1481




--- Comment #6 from Damien Miller <djm at mindrot.org>  2008-12-08
09:36:02 ---
patch applied, will be in openssh-5.2. Thanks!

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

bugzilla-daemon at bugzilla.mindrot.org

2009-Feb-23 02:36 UTC

head link

[Bug 1538] improve SSP detection

https://bugzilla.mindrot.org/show_bug.cgi?id=1538


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED




--- Comment #7 from Damien Miller <djm at mindrot.org>  2009-02-23
13:36:37 ---
Close bugs fixed/reviewed for openssh-5.2 release

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

Seemingly Similar Threads

Search for more seemingly similar threads

openssh bugs - Nov 2008 - [Bug 1538] New: improve SSP detection

[Bug 1538] New: improve SSP detection

[Bug 1538] improve SSP detection

[Bug 1538] improve SSP detection

[Bug 1538] improve SSP detection

[Bug 1538] improve SSP detection

[Bug 1538] improve SSP detection

[Bug 1538] improve SSP detection

[Bug 1538] improve SSP detection

Seemingly Similar Threads