rabbitmq-server: security bump to version 3.6.6
[buildroot-gz.git] / package / binutils / 2.25.1 / 600-poison-system-directories.patch
blobec3622bceabb50f5f48e22c4b872767b63ff93dd
1 Patch adapted to binutils 2.23.2 and extended to use
2 BR_COMPILER_PARANOID_UNSAFE_PATH by Thomas Petazzoni.
4 [Gustavo: adapt to binutils 2.25]
5 Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
6 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
8 Upstream-Status: Inappropriate [distribution: codesourcery]
10 Patch originally created by Mark Hatle, forward-ported to
11 binutils 2.21 by Scott Garman.
13 purpose: warn for uses of system directories when cross linking
15 Code Merged from Sourcery G++ binutils 2.19 - 4.4-277
17 2008-07-02 Joseph Myers <joseph@codesourcery.com>
19 ld/
20 * ld.h (args_type): Add error_poison_system_directories.
21 * ld.texinfo (--error-poison-system-directories): Document.
22 * ldfile.c (ldfile_add_library_path): Check
23 command_line.error_poison_system_directories.
24 * ldmain.c (main): Initialize
25 command_line.error_poison_system_directories.
26 * lexsup.c (enum option_values): Add
27 OPTION_ERROR_POISON_SYSTEM_DIRECTORIES.
28 (ld_options): Add --error-poison-system-directories.
29 (parse_args): Handle new option.
31 2007-06-13 Joseph Myers <joseph@codesourcery.com>
33 ld/
34 * config.in: Regenerate.
35 * ld.h (args_type): Add poison_system_directories.
36 * ld.texinfo (--no-poison-system-directories): Document.
37 * ldfile.c (ldfile_add_library_path): Check
38 command_line.poison_system_directories.
39 * ldmain.c (main): Initialize
40 command_line.poison_system_directories.
41 * lexsup.c (enum option_values): Add
42 OPTION_NO_POISON_SYSTEM_DIRECTORIES.
43 (ld_options): Add --no-poison-system-directories.
44 (parse_args): Handle new option.
46 2007-04-20 Joseph Myers <joseph@codesourcery.com>
48 Merge from Sourcery G++ binutils 2.17:
50 2007-03-20 Joseph Myers <joseph@codesourcery.com>
51 Based on patch by Mark Hatle <mark.hatle@windriver.com>.
52 ld/
53 * configure.ac (--enable-poison-system-directories): New option.
54 * configure, config.in: Regenerate.
55 * ldfile.c (ldfile_add_library_path): If
56 ENABLE_POISON_SYSTEM_DIRECTORIES defined, warn for use of /lib,
57 /usr/lib, /usr/local/lib or /usr/X11R6/lib.
59 Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
60 Signed-off-by: Scott Garman <scott.a.garman@intel.com>
62 diff -Nura a/ld/config.in b/ld/config.in
63 --- a/ld/config.in 2014-10-14 04:32:04.000000000 -0300
64 +++ b/ld/config.in 2014-12-24 08:07:28.997918918 -0300
65 @@ -11,6 +11,9 @@
66 language is requested. */
67 #undef ENABLE_NLS
69 +/* Define to warn for use of native system library directories */
70 +#undef ENABLE_POISON_SYSTEM_DIRECTORIES
72 /* Additional extension a shared object might have. */
73 #undef EXTRA_SHLIB_EXTENSION
75 diff -Nura a/ld/configure b/ld/configure
76 --- a/ld/configure 2014-12-23 11:22:07.000000000 -0300
77 +++ b/ld/configure 2014-12-24 08:07:29.002919088 -0300
78 @@ -783,6 +783,7 @@
79 enable_targets
80 enable_64_bit_bfd
81 with_sysroot
82 +enable_poison_system_directories
83 enable_gold
84 enable_got
85 enable_werror
86 @@ -1439,6 +1440,8 @@
87 --disable-largefile omit support for large files
88 --enable-targets alternative target configurations
89 --enable-64-bit-bfd 64-bit support (on hosts with narrower word sizes)
90 + --enable-poison-system-directories
91 + warn for use of native system library directories
92 --enable-gold[=ARG] build gold [ARG={default,yes,no}]
93 --enable-got=<type> GOT handling scheme (target, single, negative,
94 multigot)
95 @@ -15487,7 +15490,18 @@
99 +# Check whether --enable-poison-system-directories was given.
100 +if test "${enable_poison_system_directories+set}" = set; then :
101 + enableval=$enable_poison_system_directories;
102 +else
103 + enable_poison_system_directories=no
106 +if test "x${enable_poison_system_directories}" = "xyes"; then
108 +$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
112 # Check whether --enable-got was given.
113 if test "${enable_got+set}" = set; then :
114 diff -Nura a/ld/configure.ac b/ld/configure.ac
115 --- a/ld/configure.ac 2014-10-14 04:32:04.000000000 -0300
116 +++ b/ld/configure.ac 2014-12-24 08:07:29.002919088 -0300
117 @@ -94,6 +94,16 @@
118 AC_SUBST(TARGET_SYSTEM_ROOT)
119 AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE)
121 +AC_ARG_ENABLE([poison-system-directories],
122 + AS_HELP_STRING([--enable-poison-system-directories],
123 + [warn for use of native system library directories]),,
124 + [enable_poison_system_directories=no])
125 +if test "x${enable_poison_system_directories}" = "xyes"; then
126 + AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
127 + [1],
128 + [Define to warn for use of native system library directories])
131 dnl Use --enable-gold to decide if this linker should be the default.
132 dnl "install_as_default" is set to false if gold is the default linker.
133 dnl "installed_linker" is the installed BFD linker name.
134 diff -Nura a/ld/ldfile.c b/ld/ldfile.c
135 --- a/ld/ldfile.c 2014-10-14 04:32:04.000000000 -0300
136 +++ b/ld/ldfile.c 2014-12-24 08:07:29.002919088 -0300
137 @@ -114,6 +114,23 @@
138 new_dirs->name = concat (ld_sysroot, name + 1, (const char *) NULL);
139 else
140 new_dirs->name = xstrdup (name);
142 +#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES
143 + if (command_line.poison_system_directories
144 + && ((!strncmp (name, "/lib", 4))
145 + || (!strncmp (name, "/usr/lib", 8))
146 + || (!strncmp (name, "/usr/local/lib", 14))
147 + || (!strncmp (name, "/usr/X11R6/lib", 14))))
149 + if (command_line.error_poison_system_directories)
150 + einfo (_("%X%P: error: library search path \"%s\" is unsafe for "
151 + "cross-compilation\n"), name);
152 + else
153 + einfo (_("%P: warning: library search path \"%s\" is unsafe for "
154 + "cross-compilation\n"), name);
156 +#endif
160 /* Try to open a BFD for a lang_input_statement. */
161 diff -Nura a/ld/ld.h b/ld/ld.h
162 --- a/ld/ld.h 2014-10-14 04:32:04.000000000 -0300
163 +++ b/ld/ld.h 2014-12-24 08:07:29.003919122 -0300
164 @@ -161,6 +161,14 @@
165 /* If TRUE we'll just print the default output on stdout. */
166 bfd_boolean print_output_format;
168 + /* If TRUE (the default) warn for uses of system directories when
169 + cross linking. */
170 + bfd_boolean poison_system_directories;
172 + /* If TRUE (default FALSE) give an error for uses of system
173 + directories when cross linking instead of a warning. */
174 + bfd_boolean error_poison_system_directories;
176 /* Big or little endian as set on command line. */
177 enum endian_enum endian;
179 diff -Nura a/ld/ldlex.h b/ld/ldlex.h
180 --- a/ld/ldlex.h 2014-11-04 06:54:41.000000000 -0300
181 +++ b/ld/ldlex.h 2014-12-24 08:09:47.477644294 -0300
182 @@ -140,6 +140,8 @@
183 OPTION_IGNORE_UNRESOLVED_SYMBOL,
184 OPTION_PUSH_STATE,
185 OPTION_POP_STATE,
186 + OPTION_NO_POISON_SYSTEM_DIRECTORIES,
187 + OPTION_ERROR_POISON_SYSTEM_DIRECTORIES,
190 /* The initial parser states. */
191 diff -Nura a/ld/ldmain.c b/ld/ldmain.c
192 --- a/ld/ldmain.c 2014-10-14 04:32:04.000000000 -0300
193 +++ b/ld/ldmain.c 2014-12-24 08:07:29.003919122 -0300
194 @@ -266,6 +266,8 @@
195 command_line.warn_mismatch = TRUE;
196 command_line.warn_search_mismatch = TRUE;
197 command_line.check_section_addresses = -1;
198 + command_line.poison_system_directories = TRUE;
199 + command_line.error_poison_system_directories = FALSE;
201 /* We initialize DEMANGLING based on the environment variable
202 COLLECT_NO_DEMANGLE. The gcc collect2 program will demangle the
203 diff -Nura a/ld/ld.texinfo b/ld/ld.texinfo
204 --- a/ld/ld.texinfo 2014-12-23 05:47:10.000000000 -0300
205 +++ b/ld/ld.texinfo 2014-12-24 08:07:29.005919191 -0300
206 @@ -2212,6 +2212,18 @@
208 Passing @code{none} for @var{style} disables the setting from any
209 @code{--build-id} options earlier on the command line.
211 +@kindex --no-poison-system-directories
212 +@item --no-poison-system-directories
213 +Do not warn for @option{-L} options using system directories such as
214 +@file{/usr/lib} when cross linking. This option is intended for use
215 +in chroot environments when such directories contain the correct
216 +libraries for the target system rather than the host.
218 +@kindex --error-poison-system-directories
219 +@item --error-poison-system-directories
220 +Give an error instead of a warning for @option{-L} options using
221 +system directories when cross linking.
222 @end table
224 @c man end
225 diff -Nura a/ld/lexsup.c b/ld/lexsup.c
226 --- a/ld/lexsup.c 2014-11-04 06:54:41.000000000 -0300
227 +++ b/ld/lexsup.c 2014-12-24 08:48:50.136583414 -0300
228 @@ -513,6 +513,14 @@
229 { {"pop-state", no_argument, NULL, OPTION_POP_STATE},
230 '\0', NULL, N_("Pop state of flags governing input file handling"),
231 TWO_DASHES },
232 + { {"no-poison-system-directories", no_argument, NULL,
233 + OPTION_NO_POISON_SYSTEM_DIRECTORIES},
234 + '\0', NULL, N_("Do not warn for -L options using system directories"),
235 + TWO_DASHES },
236 + { {"error-poison-system-directories", no_argument, NULL,
237 + OPTION_ERROR_POISON_SYSTEM_DIRECTORIES},
238 + '\0', NULL, N_("Give an error for -L options using system directories"),
239 + TWO_DASHES },
242 #define OPTION_COUNT ARRAY_SIZE (ld_options)
243 @@ -525,6 +533,7 @@
244 int ingroup = 0;
245 char *default_dirlist = NULL;
246 char *shortopts;
247 + char *BR_paranoid_env;
248 struct option *longopts;
249 struct option *really_longopts;
250 int last_optind;
251 @@ -1458,6 +1467,14 @@
253 break;
255 + case OPTION_NO_POISON_SYSTEM_DIRECTORIES:
256 + command_line.poison_system_directories = FALSE;
257 + break;
259 + case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES:
260 + command_line.error_poison_system_directories = TRUE;
261 + break;
263 case OPTION_PUSH_STATE:
264 input_flags.pushed = xmemdup (&input_flags,
265 sizeof (input_flags),
266 @@ -1483,6 +1500,10 @@
267 command_line.soname = NULL;
270 + BR_paranoid_env = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH");
271 + if (BR_paranoid_env && strlen(BR_paranoid_env) > 0)
272 + command_line.error_poison_system_directories = TRUE;
274 while (ingroup)
276 lang_leave_group ();