Closed Bug 283709 Opened 19 years ago Closed 19 years ago

[execshield] libxpcom.so has executable stack on ia64 and ppc

Categories

(Core :: XPCOM, defect)

Product:
Core
Component:
XPCOM
Platform:
Other
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: caillon, Assigned: caillon)

Details

(Keywords: fixed-aviary1.0.3, fixed1.7.7)

Attachments

(1 file)

Patch
2.54 KB, patch
shaver
: review+
shaver
: superreview+
dbaron
: approval-aviary1.0.3+
dbaron
: approval1.7.7+
dbaron
: approval1.8b2+
Details | Diff | Splinter Review 
> readelf -Wl libxpcom.so | grep GNU_STACK
  GNU_STACK          0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4

The stack should be RW, not RWE.  If someone can inject code into the stack
(using a buffer overflow, etc), it could be executed.
Attached patch PatchSplinter Review 
Patch.	Magic 8ball says shaver/brendan.
Attachment #175621 - Flags: superreview?(brendan)
Attachment #175621 - Flags: review?(shaver)
Comment on attachment 175621 [details] [diff] [review]
Patch

sr=me assuming nothing needs to trampoline off stack space code in our world.

/be
Attachment #175621 - Flags: superreview?(brendan) → superreview+
Why is this confidential? This adds protection but revealing the bug doesn't
make anyone less safe.
Comment on attachment 175621 [details] [diff] [review]
Patch

sr=shaver
Attachment #175621 - Flags: superreview+ → superreview?
Comment on attachment 175621 [details] [diff] [review]
Patch

Apparently, I screwed up the flags here.  Adding my r, readding brendan's sr.
Attachment #175621 - Flags: superreview?
Attachment #175621 - Flags: superreview+
Attachment #175621 - Flags: review?(shaver)
Attachment #175621 - Flags: review+
Comment on attachment 175621 [details] [diff] [review]
Patch

Looking for approval for this low-risk patch for a few ports to fix a potential
for trouble if someone can get code onto the stack.  I have done respins for
this fix, so it would be great to get it on to the branch.
Attachment #175621 - Flags: approval1.7.7?
Attachment #175621 - Flags: approval-aviary1.0.3?
Comment on attachment 175621 [details] [diff] [review]
Patch

None of these files are compiled in any mozilla.org builds, so approving this
is fine with me, and some Linux distros do care.
Attachment #175621 - Flags: approval1.7.7?
Attachment #175621 - Flags: approval1.7.7+
Attachment #175621 - Flags: approval-aviary1.0.3?
Attachment #175621 - Flags: approval-aviary1.0.3+
Fixed on trunk and branches.
Status: NEW → RESOLVED
Closed: 19 years ago
Keywords: fixed-aviary1.0.3, fixed1.7.7
Resolution: --- → FIXED
Is there any need for this to be security confidential still?
Nope, removing flag
Group: security
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: