On 09/01/2014 04:53 PM, Mikulas Patocka wrote: > > > On Mon, 1 Sep 2014, Richard Henderson wrote: > >> On 09/01/2014 08:09 AM, Mikulas Patocka wrote: >>> So, what exactly should be done? Can we hack ld so that if filename is >>> "libots.so", lazy binding for symbols in this library is turned off >>> automatically? >> >> Not hack ld.so. >> >> Modify the libots.so binary such that _OtsZero is STT_NOTYPE. The linker >> will >> not create a plt entry unless the symbol is STT_FUNC. >> >> I see that most of the _Ots symbols are already NOTYPE. I wonder if this is >> intentional and _OtsZero just got forgotten, or if it's a happy oversight in >> that they forgot to annotate them entirely. >> >> r~ > > It is legally questionable if we can redistribute the modified library. > > Even if I could distribute it, where would I upload it so that other > people will find it? Obviously I can't upload it to ftp.compaq.com where > the compiler is located. > > So, I think a better solution would be to change ld so that it would > recognize "libots.so" filename and act as if symbols in this file were > defined with STT_NOTYPE attribute. > > Or, turn off that "secure plt" feature at all if "libots.so" is used - > Alpha is so rare that I doubt anybody will put any effort into writing > exploits for Alpha.
Well, you're the only person left using the compaq c compiler, so it's not like you have to distribute the modified binary at all. So, for that matter, rebuilding your ld --without-secureplt certainly works too. But you'll not get a hack into glibc or ld to recognize libots.so and do anything silly with that. r~ _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
