From b0b93f3592f3d165896e8dc8186a7ba285f0f3e4 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Fri, 31 Oct 2014 10:21:57 +0000
Subject: [PATCH] Import a security patch from the mainline which changes the
 default behaviour of the strings program to be --all rather then --data. 
 This avoids using the BFD library by default, and so avoids exposing strings
 to any memory bugs present in BFD.

	* strings.c: Add new command line option --data to only scan the
	initialized, loadable data secions of binaries.  Choose the
	default behaviour of --all or --data based upon a configure
	option.
	* doc/binutils.texi (strings): Update documentation.  Include
	description  of why the --data option might be unsafe.
	* configure.ac: Add new option --disable-default-strings-all which
	restores the old behaviour of strings using --data by default.  If
	the option is not used make strings use --all by default.
	* NEWS: Mention the new behaviour of strings.
	* configure: Regenerate.
	* config.in: Regenerate.
---
 binutils/ChangeLog         | 18 ++++++++++++++++++
 binutils/NEWS              |  5 +++++
 binutils/config.in         |  3 +++
 binutils/configure         | 26 ++++++++++++++++++++++++--
 binutils/configure.ac      | 12 ++++++++++++
 binutils/doc/binutils.texi | 46 ++++++++++++++++++++++++++++++++++++----------
 binutils/strings.c         | 31 ++++++++++++++++++++++++++-----
 7 files changed, 124 insertions(+), 17 deletions(-)

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 6acab33..216a5e5 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,21 @@
+2014-10-31  Nick Clifton  <nickc@redhat.com>
+
+	Apply trunk patch:
+
+	2014-10-31  Nick Clifton  <nickc@redhat.com>
+	* strings.c: Add new command line option --data to only scan the
+	initialized, loadable data secions of binaries.  Choose the
+	default behaviour of --all or --data based upon a configure
+	option.
+	* doc/binutils.texi (strings): Update documentation.  Include
+	description  of why the --data option might be unsafe.
+	* configure.ac: Add new option --disable-default-strings-all which
+	restores the old behaviour of strings using --data by default.  If
+	the option is not used make strings use --all by default.
+	* NEWS: Mention the new behaviour of strings.
+	* configure: Regenerate.
+	* config.in: Regenerate.
+
 2014-10-30  Nick Clifton  <nickc@redhat.com>
 
 	Apply trunk patch:
diff --git a/binutils/NEWS b/binutils/NEWS
index 126219b..9054494 100644
--- a/binutils/NEWS
+++ b/binutils/NEWS
@@ -2,6 +2,11 @@
 
 Changes in 2.25:
 
+* Add --data option to strings to only print strings in loadable, initialized
+  data sections.  Change the default behaviour to be --all, but add a new
+  configure time option of --disable-default-strings-all to restore the old
+  default behaviour.
+
 * Add --include-all-whitespace to strings.
 
 * Add --dump-section option to objcopy.
diff --git a/binutils/config.in b/binutils/config.in
index d43b748..076f514 100644
--- a/binutils/config.in
+++ b/binutils/config.in
@@ -18,6 +18,9 @@
 /* Should ar and ranlib use -D behavior by default? */
 #undef DEFAULT_AR_DETERMINISTIC
 
+/* Should strings use -a behavior by default? */
+#undef DEFAULT_STRINGS_ALL
+
 /* Define to 1 if translation of program messages to the user's native
    language is requested. */
 #undef ENABLE_NLS
diff --git a/binutils/configure b/binutils/configure
index 063ad72..07551c3 100755
--- a/binutils/configure
+++ b/binutils/configure
@@ -772,6 +772,7 @@ enable_plugins
 enable_largefile
 enable_targets
 enable_deterministic_archives
+enable_default_strings_all
 enable_werror
 enable_build_warnings
 enable_nls
@@ -1423,6 +1424,8 @@ Optional Features:
   --enable-targets        alternative target configurations
   --enable-deterministic-archives
                           ar and ranlib default to -D behavior
+  --disable-default-strings-all
+                          strings defaults to --data behavior
   --enable-werror         treat compile warnings as errors
   --enable-build-warnings enable build-time compiler warnings
   --disable-nls           do not use Native Language Support
@@ -10984,7 +10987,7 @@ else
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<_LT_EOF
-#line 10987 "configure"
+#line 10990 "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -11090,7 +11093,7 @@ else
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<_LT_EOF
-#line 11093 "configure"
+#line 11096 "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -11681,6 +11684,25 @@ cat >>confdefs.h <<_ACEOF
 _ACEOF
 
 
+# Check whether --enable-default-strings-all was given.
+if test "${enable_default_strings_all+set}" = set; then :
+  enableval=$enable_default_strings_all;
+if test "${enableval}" = no; then
+  default_strings_all=0
+else
+  default_strings_all=1
+fi
+else
+  default_strings_all=1
+fi
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define DEFAULT_STRINGS_ALL $default_strings_all
+_ACEOF
+
+
 
 # Set the 'development' global.
 . $srcdir/../bfd/development.sh
diff --git a/binutils/configure.ac b/binutils/configure.ac
index c5da20d..c5aadd8 100644
--- a/binutils/configure.ac
+++ b/binutils/configure.ac
@@ -55,6 +55,18 @@ fi], [default_ar_deterministic=0])
 AC_DEFINE_UNQUOTED(DEFAULT_AR_DETERMINISTIC, $default_ar_deterministic,
 		   [Should ar and ranlib use -D behavior by default?])
 
+AC_ARG_ENABLE(default-strings-all,
+[AS_HELP_STRING([--disable-default-strings-all],
+		[strings defaults to --data behavior])], [
+if test "${enableval}" = no; then
+  default_strings_all=0
+else
+  default_strings_all=1
+fi], [default_strings_all=1])
+
+AC_DEFINE_UNQUOTED(DEFAULT_STRINGS_ALL, $default_strings_all,
+		   [Should strings use -a behavior by default?])
+
 AM_BINUTILS_WARNINGS
 
 AC_CONFIG_HEADERS(config.h:config.in)
diff --git a/binutils/doc/binutils.texi b/binutils/doc/binutils.texi
index 3874f25..eee77b1 100644
--- a/binutils/doc/binutils.texi
+++ b/binutils/doc/binutils.texi
@@ -2672,15 +2672,24 @@ strings [@option{-afovV}] [@option{-}@var{min-len}]
 
 @c man begin DESCRIPTION strings
 
-For each @var{file} given, @sc{gnu} @command{strings} prints the printable
-character sequences that are at least 4 characters long (or the number
-given with the options below) and are followed by an unprintable
-character.  By default, it only prints the strings from the initialized
-and loaded sections of object files; for other types of files, it prints
-the strings from the whole file.
+For each @var{file} given, @sc{gnu} @command{strings} prints the
+printable character sequences that are at least 4 characters long (or
+the number given with the options below) and are followed by an
+unprintable character.
 
-@command{strings} is mainly useful for determining the contents of non-text
-files.
+Depending upon how the strings program was configured it will default
+to either displaying all the printable sequences that it can find in
+each file, or only those sequences that are in loadable, initialized
+data sections.  If the file type in unrecognizable, or if strings is
+reading from stdin then it will always display all of the printable
+sequences that it can find.
+
+For backwards compatibility any file that occurs after a command line
+option of just @option{-} will also be scanned in full, regardless of
+the presence of any @option{-d} option. 
+
+@command{strings} is mainly useful for determining the contents of
+non-text files.
 
 @c man end
 
@@ -2690,8 +2699,25 @@ files.
 @item -a
 @itemx --all
 @itemx -
-Do not scan only the initialized and loaded sections of object files;
-scan the whole files.
+Scan the whole file, regardless of what sections it contains or
+whether those sections are loaded or initialized.  Normally this is
+the default behaviour, but strings can be configured so that the
+@option{-d} is the default instead.
+
+The @option{-} option is position dependent and forces strings to
+perform full scans of any file that is mentioned after the @option{-}
+on the command line, even if the @option{-d} option has been
+specified.
+
+@item -d
+@itemx --data
+Only print strings from initialized, loaded data sections in the
+file.  This may reduce the amount of garbage in the output, but it
+also exposes the strings program to any security flaws that may be
+present in the BFD library used to scan and load sections.  Strings
+can be configured so that this option is the default behaviour.  In
+such cases the @option{-a} option can be used to avoid using the BFD
+library and instead just print all of the strings found in the file.
 
 @item -f
 @itemx --print-file-name
diff --git a/binutils/strings.c b/binutils/strings.c
index f92132b..2cf046f 100644
--- a/binutils/strings.c
+++ b/binutils/strings.c
@@ -21,7 +21,10 @@
    Options:
    --all
    -a
-   -		Do not scan only the initialized data section of object files.
+   -		Scan each file in its entirety.
+
+   --data
+   -d		Scan only the initialized data section(s) of object files.
 
    --print-file-name
    -f		Print the name of the file before each string.
@@ -114,6 +117,7 @@ static int encoding_bytes;
 static struct option long_options[] =
 {
   {"all", no_argument, NULL, 'a'},
+  {"data", no_argument, NULL, 'd'},
   {"print-file-name", no_argument, NULL, 'f'},
   {"bytes", required_argument, NULL, 'n'},
   {"radix", required_argument, NULL, 't'},
@@ -136,7 +140,7 @@ typedef struct
 
 static void strings_a_section (bfd *, asection *, void *);
 static bfd_boolean strings_object_file (const char *);
-static bfd_boolean strings_file (char *file);
+static bfd_boolean strings_file (char *);
 static void print_strings (const char *, FILE *, file_ptr, int, int, char *);
 static void usage (FILE *, int);
 static long get_char (FILE *, file_ptr *, int *, char **);
@@ -167,11 +171,14 @@ main (int argc, char **argv)
   include_all_whitespace = FALSE;
   print_addresses = FALSE;
   print_filenames = FALSE;
-  datasection_only = TRUE;
+  if (DEFAULT_STRINGS_ALL)
+    datasection_only = FALSE;
+  else
+    datasection_only = TRUE;
   target = NULL;
   encoding = 's';
 
-  while ((optc = getopt_long (argc, argv, "afhHn:wot:e:T:Vv0123456789",
+  while ((optc = getopt_long (argc, argv, "adfhHn:wot:e:T:Vv0123456789",
 			      long_options, (int *) 0)) != EOF)
     {
       switch (optc)
@@ -180,6 +187,10 @@ main (int argc, char **argv)
 	  datasection_only = FALSE;
 	  break;
 
+	case 'd':
+	  datasection_only = TRUE;
+	  break;
+
 	case 'f':
 	  print_filenames = TRUE;
 	  break;
@@ -648,8 +659,18 @@ usage (FILE *stream, int status)
 {
   fprintf (stream, _("Usage: %s [option(s)] [file(s)]\n"), program_name);
   fprintf (stream, _(" Display printable strings in [file(s)] (stdin by default)\n"));
-  fprintf (stream, _(" The options are:\n\
+  fprintf (stream, _(" The options are:\n"));
+
+  if (DEFAULT_STRINGS_ALL)
+    fprintf (stream, _("\
+  -a - --all                Scan the entire file, not just the data section [default]\n\
+  -d --data                 Only scan the data sections in the file\n"));
+  else
+    fprintf (stream, _("\
   -a - --all                Scan the entire file, not just the data section\n\
+  -d --data                 Only scan the data sections in the file [default]\n"));
+
+  fprintf (stream, _("\
   -f --print-file-name      Print the name of the file before each string\n\
   -n --bytes=[number]       Locate & print any NUL-terminated sequence of at\n\
   -<number>                   least [number] characters (default 4).\n\
-- 
2.7.4