bugzilla-daemon at bugzilla.mindrot.org
2008-Nov-19 04:00 UTC
[Bug 1538] New: improve SSP detection
https://bugzilla.mindrot.org/show_bug.cgi?id=1538 Summary: improve SSP detection Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: unassigned-bugs at mindrot.org ReportedBy: vapier at gentoo.org the SSP test compiles this simple code: #include <stdlib.h> int main(void){exit(0);} while that works fine for testing the -fstack-protector-all flag, it's insufficient for testing the -fstack-protector flag. since it doesnt use any stack, no SSP markings will be added. so if the toolchain does not fully support SSP, the configure script will add the flag but the build will ultimately fail. a better test case seems to be: #include <stdio.h> int main(void){char foo[1024];return sprintf(foo, "moo cow");} patch: http://sources.gentoo.org/net-misc/openssh/files/openssh-5.1_p1-better-ssp-check.patch?rev=1.1 -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Nov-19 04:29 UTC
[Bug 1538] improve SSP detection
https://bugzilla.mindrot.org/show_bug.cgi?id=1538 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED AssignedTo|unassigned-bugs at mindrot.org |djm at mindrot.org Attachment #1579| |ok? Flag| | --- Comment #1 from Damien Miller <djm at mindrot.org> 2008-11-19 15:29:50 --- Created an attachment (id=1579) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1579) Fixed patch I think the referenced patch is incorrect: square brackets need escaping in autoconf, so the test program would always fail with a compile error. This patch uses autoconf "quadrigraph" escaping (don't ask) to avoid this. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Nov-19 04:30 UTC
[Bug 1538] improve SSP detection
https://bugzilla.mindrot.org/show_bug.cgi?id=1538 --- Comment #2 from Damien Miller <djm at mindrot.org> 2008-11-19 15:30:53 --- oops, ignore the changes to Makefile.in in that diff - they aren't supposed to be there. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Nov-19 05:57 UTC
[Bug 1538] improve SSP detection
https://bugzilla.mindrot.org/show_bug.cgi?id=1538 Tim Rice <tim at multitalents.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |tim at multitalents.net --- Comment #3 from Tim Rice <tim at multitalents.net> 2008-11-19 16:57:35 --- (In reply to comment #1)> I think the referenced patch is incorrect: square brackets need > escaping in autoconf, so the test program would always fail with a > compile error. This patch uses autoconf "quadrigraph" escaping (don't > ask) to avoid this.Or you can just double up on the square brackets. More readable? +int main(void){char x[[256]]; snprintf(x, sizeof(x), "XXX"); return 0;} -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Nov-19 06:11 UTC
[Bug 1538] improve SSP detection
https://bugzilla.mindrot.org/show_bug.cgi?id=1538 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1579|0 |1 is obsolete| | Attachment #1579|ok? | Flag| | Attachment #1580| |ok? Flag| | --- Comment #4 from Damien Miller <djm at mindrot.org> 2008-11-19 17:11:39 --- Created an attachment (id=1580) --> (http://bugzilla.mindrot.org/attachment.cgi?id=1580) simplified diff diff with Tim's suggestion and no extraneous crap -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Nov-20 00:17 UTC
[Bug 1538] improve SSP detection
https://bugzilla.mindrot.org/show_bug.cgi?id=1538 --- Comment #5 from Mike Frysinger <vapier at gentoo.org> 2008-11-20 11:17:30 --- indeed ... i should have checked the config.log rather than just verifying that SSP was detected as not supported -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Dec-07 22:36 UTC
[Bug 1538] improve SSP detection
https://bugzilla.mindrot.org/show_bug.cgi?id=1538 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED Blocks| |1481 --- Comment #6 from Damien Miller <djm at mindrot.org> 2008-12-08 09:36:02 --- patch applied, will be in openssh-5.2. Thanks! -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Feb-23 02:36 UTC
[Bug 1538] improve SSP detection
https://bugzilla.mindrot.org/show_bug.cgi?id=1538 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #7 from Damien Miller <djm at mindrot.org> 2009-02-23 13:36:37 --- Close bugs fixed/reviewed for openssh-5.2 release -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
Possibly Parallel Threads
- [Bug 1991] New: openssl version checking needs updating
- [Bug 1628] New: /var/run/sshd.pid file collisions...
- SSP now default for ports/packages, ssp/new_xorg repository EOL
- SSP now default for ports/packages, ssp/new_xorg repository EOL
- SSP now default for ports/packages, ssp/new_xorg repository EOL