mirrors/wayland
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/wayland/wayland.git synced 2025-10-29 05:40:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

scanner: avoid executable stack

Browse source 
Before this patch:
$ scanelf -lpqe ./wayland-scanner
RWX --- ---  ./wayland-scanner

That indicates the stack is executable, which is a bad thing for
security. Wayland-scanner does not actually need an executable stack, it
is just an oversight from using an .S file in the sources.

Add a special incantation in dtddata.S to make it not cause the stack to
become executable.

Reported-by: Mart Raudsepp <leio@gentoo.org>
Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Tested-by: Mart Raudsepp <leio@gentoo.org>
This commit is contained in:
Pekka Paalanen 2016-03-02 11:00:35 +02:00
parent 4a41d26c4d
commit f8f3e54aa7
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/dtddata.S
View file

@ -20,6 +20,14 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Avoid executable stack.
* from: https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart
*/
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack,"",%progbits
#endif
/* from: http://www.linuxjournal.com/content/embedding-file-executable-aka-hello-world-version-5967#comment-348129 */
.macro binfile name file