Closed
Bug 283709
Opened 21 years ago
Closed 20 years ago
[execshield] libxpcom.so has executable stack on ia64 and ppc
Categories
(Core :: XPCOM, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: caillon, Assigned: caillon)
Details
(Keywords: fixed-aviary1.0.3, fixed1.7.7)
Attachments
(1 file)
|
2.54 KB,
patch
|
shaver
:
review+
shaver
:
superreview+
dbaron
:
approval-aviary1.0.3+
dbaron
:
approval1.7.7+
dbaron
:
approval1.8b2+
|
Details | Diff | Splinter Review |
> readelf -Wl libxpcom.so | grep GNU_STACK
GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4
The stack should be RW, not RWE. If someone can inject code into the stack
(using a buffer overflow, etc), it could be executed.
|
Assignee | |
Comment 1•21 years ago
|
||
Patch. Magic 8ball says shaver/brendan.
Attachment #175621 -
Flags: superreview?(brendan)
Attachment #175621 -
Flags: review?(shaver)
|
||
Comment 2•21 years ago
|
||
Comment on attachment 175621 [details] [diff] [review]
Patch
sr=me assuming nothing needs to trampoline off stack space code in our world.
/be
Attachment #175621 -
Flags: superreview?(brendan) → superreview+
|
||
Comment 3•20 years ago
|
||
Why is this confidential? This adds protection but revealing the bug doesn't
make anyone less safe.
|
||
Comment 4•20 years ago
|
||
Comment on attachment 175621 [details] [diff] [review]
Patch
sr=shaver
Attachment #175621 -
Flags: superreview+ → superreview?
|
|
||
Comment 5•20 years ago
|
||
Comment on attachment 175621 [details] [diff] [review]
Patch
Apparently, I screwed up the flags here. Adding my r, readding brendan's sr.
Attachment #175621 -
Flags: superreview?
Attachment #175621 -
Flags: superreview+
Attachment #175621 -
Flags: review?(shaver)
Attachment #175621 -
Flags: review+
|
|
Assignee | |
Comment 6•20 years ago
|
||
Comment on attachment 175621 [details] [diff] [review]
Patch
Looking for approval for this low-risk patch for a few ports to fix a potential
for trouble if someone can get code onto the stack. I have done respins for
this fix, so it would be great to get it on to the branch.
Attachment #175621 -
Flags: approval1.7.7?
Attachment #175621 -
Flags: approval-aviary1.0.3?
Comment on attachment 175621 [details] [diff] [review]
Patch
None of these files are compiled in any mozilla.org builds, so approving this
is fine with me, and some Linux distros do care.
Attachment #175621 -
Flags: approval1.7.7?
Attachment #175621 -
Flags: approval1.7.7+
Attachment #175621 -
Flags: approval-aviary1.0.3?
Attachment #175621 -
Flags: approval-aviary1.0.3+
Attachment #175621 -
Flags: approval1.8b2+
|
|
Assignee | |
Comment 8•20 years ago
|
||
Fixed on trunk and branches.
Status: NEW → RESOLVED
Closed: 20 years ago
Keywords: fixed-aviary1.0.3,
fixed1.7.7
Resolution: --- → FIXED
|
|
||
Comment 9•20 years ago
|
||
Is there any need for this to be security confidential still?
You need to log in
before you can comment on or make changes to this bug.
Description
•