Red Hat Bugzilla – Bug 428096
[RFE] rpmlint should warn about execstack in ELF files
Last modified: 2008-06-26 04:30:45 EDT
Description of problem: rpmlint should warn about ELF files which have the executable flag set in their GNU_STACK note. According to: http://packages.debian.org/changelogs/pool/main/q/qimageblitz/qimageblitz_0.0.706674-2/changelog Debian's lintian can catch this, and if rpmlint caught that too, bug 428036 could have been avoided. Version-Release number of selected component (if applicable): rpmlint-0.82-2.fc9 How reproducible: Always Steps to Reproduce: 1. Run rpmlint on a RPM which contains execstack files, e.g. qimageblitz-0.0.4-0.2.svn706674.fc8.i386.rpm Actual results: No warnings or errors Expected results: Warning about libqimageblitz.so.4.0.0 having an executable stack
Sounds like a good idea. Can you suggest a name for this warning/error and the contents of the info message, and/or do you have a link where lintian's output for this can be looked at?
From shared-libs.desc in Lintian 1.23.42: Tag: shlib-without-PT_GNU_STACK-section Type: error Info: The listed shared libraries lacks a PT_GNU_STACK section. This forces the dynamic linker to make the stack executable. . The shared lib is linked either with a non-GNU linker or a linker which is older than two years. This problem can be fixed with a rebuild. Tag: shlib-with-executable-stack Type: warning Info: The listed shared libraries declares the stack as executable. . Executable stack is usualy an error as it is only needed if the code contains GCC trampolines or similar constructs which uses code on the stack. One possible source for false positives are object files built from assembler files which don't define a proper .note.GNU-stack section. (They aren't checking this for executables, but the same issue applies to executables too.)
Implemented upstream: http://rpmlint.zarb.org/cgi-bin/trac.cgi/changeset/1395 I have a question about the executable-stack message: is the message correct in saying that missing .note.GNU-stack sections in assembler files are a source for *false* positives or do such cases actually result in executable stack?
They actually do result in an executable stack. It's a "false positive" in the sense that the executable doesn't really need an executable stack, but still ends up with one. The "false positive" is in the toolchain, it's a true positive in rpmlint. I'm not sure how to best word it, the wording from lintian is confusing.
Ok, a hopefully improved explanation is now upstream: http://rpmlint.zarb.org/cgi-bin/trac.cgi/changeset/1396
rpmlint-0.83-1.fc9 has been submitted as an update for Fedora 9
rpmlint-0.83-1.fc8 has been submitted as an update for Fedora 8
rpmlint-0.83-1.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update rpmlint'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-5185
rpmlint-0.83-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
rpmlint-0.83-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.