From 14b61d421e2479318cb2971acc1c94812f5a8ac1 Mon Sep 17 00:00:00 2001 From: Simon Ruderich Date: Thu, 10 May 2018 17:17:44 +0200 Subject: [PATCH] Detect restore of -D_FORTIFY_SOURCE=2 --- NEWS | 8 ++++++++ bin/blhc | 34 +++++++++++++++++++++++++--------- t/logs/bad-cppflags | 5 ++--- t/logs/good | 5 +++++ t/tests.t | 5 ++--- 5 files changed, 42 insertions(+), 15 deletions(-) diff --git a/NEWS b/NEWS index 206d449..1c8247f 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,14 @@ NEWS ==== +Version 0.XX +------------ + +- Detect restore of -D_FORTIFY_SOURCE=2 after it was overwritten by + -D_FORTIFY_SOURCE=0 or 1 or -U_FORTIFY_SOURCE; reported by Mike Hommey + (Debian bug #898332). + + Version 0.08 ------------ diff --git a/bin/blhc b/bin/blhc index 168a169..f11ba11 100755 --- a/bin/blhc +++ b/bin/blhc @@ -431,17 +431,33 @@ sub all_flags_used { sub cppflags_fortify_broken { my ($line, $missing_flags) = @_; - # This doesn't take the position into account, but is a simple solution. - # And if the build system tries to force -D_FORTIFY_SOURCE=0/1, something - # is wrong anyway. - - if (any_flags_used($line, @def_cppflags_fortify_bad)) { - # $def_cppflags_fortify[0] must be -D_FORTIFY_SOURCE=2! - push @{$missing_flags}, $def_cppflags_fortify[0]; - return 1; + if (not any_flags_used($line, @def_cppflags_fortify_bad)) { + return 0; } - return 0; + # $def_cppflags_fortify[0] must be -D_FORTIFY_SOURCE=2! + my $fortify_source = $def_cppflags_fortify[0]; + + # Some build systems enable/disable fortify source multiple times, check + # the final result. + my $disable_pos = 0; + foreach my $flag (@def_cppflags_fortify_bad) { + while ($line =~ /$flag/g) { + if ($disable_pos < $+[0]) { + $disable_pos = $+[0]; + } + } + } + my $enable_pos = 0; + while ($line =~ /$fortify_source/g) { + $enable_pos = $+[0]; + } + if ($enable_pos > $disable_pos) { + return 0; + } + + push @{$missing_flags}, $fortify_source; + return 1; } # Modifies $missing_flags_ref array. diff --git a/t/logs/bad-cppflags b/t/logs/bad-cppflags index a714a32..43069b0 100644 --- a/t/logs/bad-cppflags +++ b/t/logs/bad-cppflags @@ -13,9 +13,8 @@ gcc -D_FORTIFY_SOURCE=0 -g -O2 -fstack-protector-strong -Wformat -Werror=format- gcc -D_FORTIFY_SOURCE=1 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -c test-b.c gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=1 -c test-c.c gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=0 -c test-d.c -gcc -D_FORTIFY_SOURCE=0 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-e.c -gcc -D_FORTIFY_SOURCE=1 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-f.c gcc -U_FORTIFY_SOURCE -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -c test-g.c -gcc -U_FORTIFY_SOURCE -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-h.c gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -U_FORTIFY_SOURCE -c test-i.c +gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -U_FORTIFY_SOURCE -c test-i.c +gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=1 -c test-i.c diff --git a/t/logs/good b/t/logs/good index 80a9b7c..f8f3f81 100644 --- a/t/logs/good +++ b/t/logs/good @@ -49,3 +49,8 @@ command --cc test gcc -MM test.c > test.d gcc -MM -MT test.d test.c + +gcc -U_FORTIFY_SOURCE -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-h.c +gcc -D_FORTIFY_SOURCE=0 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-e.c +gcc -D_FORTIFY_SOURCE=1 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-f.c +gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -c test-i.c diff --git a/t/tests.t b/t/tests.t index 052a1fd..5e7b701 100644 --- a/t/tests.t +++ b/t/tests.t @@ -503,11 +503,10 @@ CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=0 -g -O2 -fstack-p CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=1 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -c test-b.c CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=1 -c test-c.c CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=0 -c test-d.c -CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=0 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-e.c -CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=1 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-f.c CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -U_FORTIFY_SOURCE -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -c test-g.c -CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -U_FORTIFY_SOURCE -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-h.c CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -U_FORTIFY_SOURCE -c test-i.c +CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -U_FORTIFY_SOURCE -c test-i.c +CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=1 -c test-i.c '; is_blhc 'bad-cppflags', '--ignore-flag -D_FORTIFY_SOURCE=2', 0, -- 2.45.2