projects / product / upstream / gmp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 436e592)
packaging: add noexecstack option in LDFLAGS for Data Execution Prevention 17/70817/1 accepted/tizen_3.0.m2_base tizen_3.0 tizen_3.0.m2_base accepted/tizen/3.0.m2/base/20170104.081910 accepted/tizen/3.0/base/20161028.103451 accepted/tizen/base/20160527.151429 submit/tizen_3.0.m2_base/20170104.073748 submit/tizen_3.0_base/20161028.062326 submit/tizen_base/20160524.083111
authorSungHun Hwang <sh0924.hwang@samsung.com>
Fri, 20 May 2016 07:37:44 +0000 (16:37 +0900)
committerSungHun Hwang <sh0924.hwang@samsung.com>
Mon, 23 May 2016 01:22:17 +0000 (10:22 +0900)
request from   : security part
request reason : https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks

[Before] $ readelf -l ./usr/lib/libgmp.so.3.4.1 | grep STACK
  GNU_STACK      0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x10

[After] $ readelf -l ./usr/lib/libgmp.so.3.4.1 | grep STACK
  GNU_STACK      0x000000 0x00000000 0x00000000 0x00000 0x00000 RW  0x10

Change-Id: I2e67ceba60a34045865bb7c81b430a82e3735960
Signed-off-by: SungHun Hwang <sh0924.hwang@samsung.com>
packaging/gmp.spec patch | blob | history

diff --git a/packaging/gmp.spec b/packaging/gmp.spec
index fbc5dceb9cd917f823c64f2f6a638f34d4f5ca4c..e6c0059f7481b8eaaf357e16f09eb1fa1ebef680 100644 (file)
--- a/packaging/gmp.spec
+++ b/packaging/gmp.spec
@@ -46,6 +46,7 @@ cp %{SOURCE1001} .
 
 %build
 export CFLAGS="%{optflags} -fexceptions -std=gnu89";
+export LDFLAGS+="-Wl,-z,noexecstack"
 %reconfigure \
          --enable-cxx
 make %{?_smp_mflags}
Domain: System / Toolchain;