X Strike Force XFree86 SVN commit: r2178 - in trunk/debian: . patches
Author: branden
Date: 2005-02-09 03:19:02 -0500 (Wed, 09 Feb 2005)
New Revision: 2178
Modified:
trunk/debian/CHANGESETS
trunk/debian/changelog
trunk/debian/patches/071_nonexecutable_malloced_mem.diff
Log:
Update patch #071 be sure to pass the mprotect() in ElfCollectSections() a
page-aligned request (as the other use of mprotect(), in ELFCreateGot(),
already does). This reportedly prevents SEGVs in the X server's ELF
object loader on AMD64 systems. Thanks to Piotr Kaczuba for this
information. (Closes: #277699 (again))
Modified: trunk/debian/CHANGESETS
===================================================================
--- trunk/debian/CHANGESETS 2005-02-09 07:58:51 UTC (rev 2177)
+++ trunk/debian/CHANGESETS 2005-02-09 08:19:02 UTC (rev 2178)
@@ -290,4 +290,11 @@
anticipate shipping these files in the future X.Org packages, either.
2174
+Update patch #071 be sure to pass the mprotect() in ElfCollectSections() a
+page-aligned request (as the other use of mprotect(), in ELFCreateGot(),
+already does). This reportedly prevents SEGVs in the X server's ELF
+object loader on AMD64 systems. Thanks to Piotr Kaczuba for this
+information. (Closes: #277699 (again))
+ 2177
+
vim:set ai et sts=4 sw=4 tw=80:
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2005-02-09 07:58:51 UTC (rev 2177)
+++ trunk/debian/changelog 2005-02-09 08:19:02 UTC (rev 2178)
@@ -226,8 +226,14 @@
files in question to the .orig.tar.gz; 3) the X Strike Force doesn't
anticipate shipping these files in the future X.Org packages, either.
- -- Branden Robinson <branden@debian.org> Wed, 9 Feb 2005 01:54:04 -0500
+ * Update patch #071 be sure to pass the mprotect() in ElfCollectSections() a
+ page-aligned request (as the other use of mprotect(), in ELFCreateGot(),
+ already does). This reportedly prevents SEGVs in the X server's ELF
+ object loader on AMD64 systems. Thanks to Piotr Kaczuba for this
+ information. (Closes: #277699 (again))
+ -- Branden Robinson <branden@debian.org> Wed, 9 Feb 2005 02:37:27 -0500
+
xfree86 (4.3.0.dfsg.1-10) unstable; urgency=medium
* Upload urgency set to medium due to fix for stable-release-critical bugs
Modified: trunk/debian/patches/071_nonexecutable_malloced_mem.diff
===================================================================
--- trunk/debian/patches/071_nonexecutable_malloced_mem.diff 2005-02-09 07:58:51 UTC (rev 2177)
+++ trunk/debian/patches/071_nonexecutable_malloced_mem.diff 2005-02-09 08:19:02 UTC (rev 2178)
@@ -9,13 +9,17 @@
Ron Murray, Admar Schoonen, Jurij Smakov, Dieter Jurzitza, and Richard
Mortimer for their analysis which helped uncover the other two instances.
-Also see Debian #277699.
+Pass the mprotect() in ElfCollectSections() a page-aligned request (as the
+other use of mprotect(), in ELFCreateGot(), already does). This reportedly
+prevents SEGVs in the X server's ELF object loader on AMD64 systems.
+Thanks to Piotr Kaczuba for this information.
+Also see Debian #277699 and #277884.
+
Not submitted to XFree86 or X.Org yet.
-diff -u xc/programs/Xserver/hw/xfree86/loader/elfloader.c~ xc.new/programs/Xserver/hw/xfree86/loader/elfloader.c
---- xc/programs/Xserver/hw/xfree86/loader/elfloader.c~ 2004-12-02 21:54:11.000000000 -0500
-+++ xc/programs/Xserver/hw/xfree86/loader/elfloader.c 2004-12-02 22:01:41.000000000 -0500
+--- xc/programs/Xserver/hw/xfree86/loader/elfloader.c~ 2005-02-09 02:24:53.000000000 -0500
++++ xc/programs/Xserver/hw/xfree86/loader/elfloader.c 2005-02-09 02:30:43.000000000 -0500
@@ -957,7 +957,7 @@
ErrorF( "ELFCreateGOT() Unable to reallocate memory!!!!\n" );
return FALSE;
@@ -25,16 +29,27 @@
{
unsigned long page_size = getpagesize();
unsigned long round;
-@@ -2728,7 +2728,7 @@
+@@ -2728,10 +2728,16 @@
elffile->lsection[j].size=SecSize(i);
elffile->lsection[j].flags=flags;
switch (SecType(i)) {
-#ifdef __OpenBSD__
+#if defined(linux) || defined(__OpenBSD__)
case SHT_PROGBITS:
- mprotect(elffile->lsection[j].saddr, SecSize(i),
- PROT_READ|PROT_WRITE|PROT_EXEC);
-@@ -2925,7 +2925,7 @@
+- mprotect(elffile->lsection[j].saddr, SecSize(i),
+- PROT_READ|PROT_WRITE|PROT_EXEC);
++ {
++ unsigned long page_size = getpagesize();
++ unsigned long round;
++
++ round = (unsigned long)elffile->lsection[j].saddr & (page_size - 1);
++ mprotect( (char *)elffile->lsection[j].saddr - round,
++ SecSize(i) + round, PROT_READ|PROT_WRITE|PROT_EXEC);
++ }
+ break;
+ #endif
+ case SHT_SYMTAB:
+@@ -2925,7 +2931,7 @@
ErrorF( "Unable to allocate ELF sections\n" );
return NULL;
}
Reply to: