On Wed, 02 Mar 2016 11:37:01 +0200 Mart Raudsepp <[email protected]> wrote:
> Ühel kenal päeval, K, 02.03.2016 kell 11:06, kirjutas Pekka Paalanen: > > From: Pekka Paalanen <[email protected]> > > > > Before this patch: > > $ scanelf -lpqe ./wayland-scanner > > RWX --- --- ./wayland-scanner > > > > That indicates the stack is executable, which is a bad thing for > > security. Wayland-scanner does not actually need an executable stack, > > it > > is just an oversight from using an .S file in the sources. > > > > Add a special incantation in dtddata.S to make it not cause the stack > > to > > become executable. > > > > Reported-by: [email protected] > > Signed-off-by: Pekka Paalanen <[email protected]> > > Confirmed that our QA warning is fixed with this and that basic DTD > validation still works (embedded DTD is readable by wayland-scanner). > > Tested-by: Mart Raudsepp <[email protected]> And pushed: 4a41d26..f8f3e54 master -> master Thanks, pq > > --- > > src/dtddata.S | 8 ++++++++ > > 1 file changed, 8 insertions(+) > > > > diff --git a/src/dtddata.S b/src/dtddata.S > > index 68e3435..ce51133 100644 > > --- a/src/dtddata.S > > +++ b/src/dtddata.S > > @@ -20,6 +20,14 @@ > > * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. > > */ > > > > +/* > > + * Avoid executable stack. > > + * from: https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart > > + */ > > +#if defined(__linux__) && defined(__ELF__) > > +.section .note.GNU-stack,"",%progbits > > +#endif > > + > > /* from: http://www.linuxjournal.com/content/embedding-file-executab > > le-aka-hello-world-version-5967#comment-348129 */ > > > > .macro binfile name file
pgppqQvvR8yFh.pgp
Description: OpenPGP digital signature
_______________________________________________ wayland-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/wayland-devel
