Bug 110308 - exec-shield kills mplayer in some cases, per application setting doesn't work
Summary: exec-shield kills mplayer in some cases, per application setting doesn't work
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 1
Hardware: athlon
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Arjan van de Ven
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-11-18 07:36 UTC by Peter Bieringer
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2003-11-18 08:23:20 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Peter Bieringer 2003-11-18 07:36:59 UTC 
Description of problem:
exec-shield (mode 2) kills mplayer in some cases (depending on used
codec). In original announcement I've read that I can disable
exec-shield per application, if switched to mode 2:

http://people.redhat.com/mingo/exec-shield/ANNOUNCE-exec-shield

There was also described the utility "./chstk" (which is no longer
available on main site, but found on an "mirror" somewhere.

I've tried different settings, but this doesn't help. Only disabling
exec-shield (mode 0) helps.

Are the flags no longer checked?

Version-Release number of selected component (if applicable):
kernel-2.4.22-1.2115.nptl

How reproducible:
Always

Steps to Reproduce:
1.activate exec-shield (default)
2.play a movie with mplayer which requires [dmo] DMO video codecs
    

Actual Results:  mplayer crashes before start showing the movie

Expected Results:  no crash, like in exec-shield mode 0

Additional info:

Mplayer versions tested: 0.92, 1.0pre2
Comment 1 Arjan van de Ven 2003-11-18 08:23:20 UTC 
chkstk is the wrong app to mark binaries; you need /usr/bin/execstack
for that. It seems mplayer has a bug where it doesn't use PROT_EXEC
for the codecs it loads, mplayer will need to be fixed for real...

Also the "2" you mention is not applicable to this version of
execshield, read the fedora release notes for the real information
Comment 2 Peter Bieringer 2003-11-18 12:55:28 UTC 
Ok, read the RL, played around with execstack, doesn't help in any
case except setting kernel.exec-shield=0.
Note: mplayer was rebuilt on this FC1 system from SRPMS.

# execstack -s /usr/bin/mplayer
# execstack -q /usr/bin/mplayer
X /usr/bin/mplayer
# sysctl kernel.exec-shield
kernel.exec-shield = 1

-> still crashes:
Opening video decoder: [dmo] DMO video codecs
Segmentation fault

Note that the mplayer process itself is still in process table (sleeping).

Do you have any additional hint or have mplayer developers now some
work to do and meanwhile I have to disable exec-shield system-wide?
Comment 3 Arjan van de Ven 2003-11-18 12:58:37 UTC 
it's quite likely that they forget to use the PROT_EXEC flag on the
mmap that allocates teh memory for the dmo decoder, or don't
mprotect() the memory with that flag.

Also if they would use dlopen it would already just work...
Comment 4 Miloslav Trmac 2003-11-20 18:02:06 UTC 
You can't really use dlopen on win32 dlls :)
Comment 5 Arjan van de Ven 2003-11-20 18:04:54 UTC 
then the mplayer dlopen equivalent needs to make sure the permissions
for the memory it allocates are set for execute (eg PROT_EXEC)
Note You need to log in before you can comment on or make changes to this bug.