Closed Bug 283709 Opened 20 years ago Closed 19 years ago

[execshield] libxpcom.so has executable stack on ia64 and ppc

Categories

(Core :: XPCOM, defect)

Other
Linux
defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: caillon, Assigned: caillon)

Details

(Keywords: fixed-aviary1.0.3, fixed1.7.7)

Attachments

(1 file)

> readelf -Wl libxpcom.so | grep GNU_STACK
  GNU_STACK          0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4

The stack should be RW, not RWE.  If someone can inject code into the stack
(using a buffer overflow, etc), it could be executed.
Attached patch PatchSplinter Review
Patch.	Magic 8ball says shaver/brendan.
Attachment #175621 - Flags: superreview?(brendan)
Attachment #175621 - Flags: review?(shaver)
Comment on attachment 175621 [details] [diff] [review]
Patch

sr=me assuming nothing needs to trampoline off stack space code in our world.

/be
Attachment #175621 - Flags: superreview?(brendan) → superreview+
Why is this confidential? This adds protection but revealing the bug doesn't
make anyone less safe.
Comment on attachment 175621 [details] [diff] [review]
Patch

sr=shaver
Attachment #175621 - Flags: superreview+ → superreview?
Comment on attachment 175621 [details] [diff] [review]
Patch

Apparently, I screwed up the flags here.  Adding my r, readding brendan's sr.
Attachment #175621 - Flags: superreview?
Attachment #175621 - Flags: superreview+
Attachment #175621 - Flags: review?(shaver)
Attachment #175621 - Flags: review+
Comment on attachment 175621 [details] [diff] [review]
Patch

Looking for approval for this low-risk patch for a few ports to fix a potential
for trouble if someone can get code onto the stack.  I have done respins for
this fix, so it would be great to get it on to the branch.
Attachment #175621 - Flags: approval1.7.7?
Attachment #175621 - Flags: approval-aviary1.0.3?
Comment on attachment 175621 [details] [diff] [review]
Patch

None of these files are compiled in any mozilla.org builds, so approving this
is fine with me, and some Linux distros do care.
Attachment #175621 - Flags: approval1.7.7?
Attachment #175621 - Flags: approval1.7.7+
Attachment #175621 - Flags: approval-aviary1.0.3?
Attachment #175621 - Flags: approval-aviary1.0.3+
Fixed on trunk and branches.
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Is there any need for this to be security confidential still?
Nope, removing flag
Group: security
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: