-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The language-specific compilers (cc1, cc1plus, lto-wrapper, etc.) are not in PATH, but in '<prefix>/lib/gcc/<triplet>/<version>'. When these compilers are invoked by GCC, they prefer DLLs in the working directory to those in PATH [1], which allows, for example, an untrusted source repo to create libgmp-10.dll in the working directory, which will get picked by cc1plus, resulting in arbitrary code execution. These programs shall be linked against all dependencies statically. After this change they depend on only GCC runtime libraries. [1] https://learn.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-security Signed-off-by: LIU Hao <[email protected]>
- Loading branch information
Showing
2 changed files
with
51 additions
and
72 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| From b778099750e91ca25795605bfa5772a746fa5de6 Mon Sep 17 00:00:00 2001 | ||
| From: LIU Hao <[email protected]> | ||
| Date: Thu, 17 Oct 2024 20:15:10 +0800 | ||
| Subject: [PATCH] gcc: Improve security | ||
|
|
||
| The language-specific compilers (cc1, cc1plus, lto-wrapper, etc.) are not in | ||
| PATH, but in '/lib/gcc/<triplet>/<version>'. When these compilers are invoked | ||
| by GCC, they prefer DLLs in the working directory to those in PATH [1], which | ||
| allows, for example, an untrusted source repo to create libgmp-10.dll in the | ||
| working directory, which will get picked by cc1plus, resulting in arbitrary | ||
| code execution. | ||
|
|
||
| These programs shall be linked against all dependencies statically. | ||
|
|
||
| [1] https://learn.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-security | ||
|
|
||
| Signed-off-by: LIU Hao <[email protected]> | ||
| --- | ||
| gcc/Makefile.in | 2 +- | ||
| 1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
|
||
| diff --git a/gcc/Makefile.in b/gcc/Makefile.in | ||
| index 059cf2e8f79..5fcf719d3b4 100644 | ||
| --- a/gcc/Makefile.in | ||
| +++ b/gcc/Makefile.in | ||
| @@ -1103,7 +1103,7 @@ ALL_CPPFLAGS = $(INCLUDES) $(CPPFLAGS) | ||
| ALL_COMPILERFLAGS = $(ALL_CXXFLAGS) $(PICFLAG) | ||
|
|
||
| # This is the variable to use when using $(LINKER). | ||
| -ALL_LINKERFLAGS = $(ALL_CXXFLAGS) $(LD_PICFLAG) | ||
| +ALL_LINKERFLAGS = $(ALL_CXXFLAGS) $(LD_PICFLAG) -static | ||
|
|
||
| # Build and host support libraries. | ||
|
|
||
| -- | ||
| 2.47.0 | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -48,7 +48,7 @@ else | |
| _sourcedir=${_realname}-${_version}-${_snapshot} | ||
| _url=https://gcc.gnu.org/pub/gcc/snapshots/${_version}-${_snapshot} | ||
| fi | ||
| pkgrel=1 | ||
| pkgrel=2 | ||
| pkgdesc="GCC for the MinGW-w64" | ||
| arch=('any') | ||
| mingw_arch=('mingw32' 'mingw64' 'ucrt64') | ||
|
|
@@ -89,7 +89,8 @@ source=(${_url}/${_sourcedir}.tar.xz{,.sig} | |
| 0021-PR14940-Allow-a-PCH-to-be-mapped-to-a-different-addr.patch | ||
| 0140-gcc-diagnostic-color.patch | ||
| 0200-add-m-no-align-vector-insn-option-for-i386.patch | ||
| 2001-fix-building-rust-on-mingw-w64.patch) | ||
| 2001-fix-building-rust-on-mingw-w64.patch | ||
| 3001-gcc-Improve-security.patch) | ||
| sha256sums=('a7b39bc69cbf9e25826c5a60ab26477001f7c08d85cec04bc0e29cabed6f3cc9' | ||
| 'SKIP' | ||
| 'bce81824fc89e5e62cca350de4c17a27e27a18a1a1ad5ca3492aec1fc5af3234' | ||
|
|
@@ -104,7 +105,8 @@ sha256sums=('a7b39bc69cbf9e25826c5a60ab26477001f7c08d85cec04bc0e29cabed6f3cc9' | |
| '6c272078340a27b3f147e497115b0a6e9fc0da720a2602f12b086524522caa59' | ||
| 'e0a5b470f49a29f20215cc9f9d04c1cb9969dff6f0e546542799d3a693ef1c84' | ||
| 'c34f9e71b5a092be1987ad4c65891742c74c9eb8ef6560100e751cd31375f579' | ||
| 'ddc1538c2b9132bce5b3b2cad2a382762d58b46b31d2ae291f6e4d963b88dfd4') | ||
| 'ddc1538c2b9132bce5b3b2cad2a382762d58b46b31d2ae291f6e4d963b88dfd4' | ||
| 'c7d21cd7f7345141087d8365870383a5c1c34099096aa7fbc9a56d76c345cab8') | ||
| validpgpkeys=(F3691687D867B81B51CE07D9BBE43771487328A9 # [email protected] | ||
| 86CFFCA918CF3AF47147588051E8B148A9999C34 # [email protected] | ||
| 13975A70E63C361C73AE69EF6EEB81F8981C74C7 # [email protected] | ||
|
|
@@ -158,7 +160,8 @@ prepare() { | |
| 0200-add-m-no-align-vector-insn-option-for-i386.patch | ||
|
|
||
| apply_patch_with_msg \ | ||
| 2001-fix-building-rust-on-mingw-w64.patch | ||
| 2001-fix-building-rust-on-mingw-w64.patch \ | ||
| 3001-gcc-Improve-security.patch | ||
|
|
||
| # do not expect ${prefix}/mingw symlink - this should be superceded by | ||
| # 0005-Windows-Don-t-ignore-native-system-header-dir.patch .. but isn't! | ||
|
|
@@ -209,19 +212,6 @@ build() { | |
| # so libgomp DLL gets built despide static libdl | ||
| export lt_cv_deplibs_check_method='pass_all' | ||
|
|
||
| # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105507#c3 | ||
| # At least with mingw32 + dwarf-2 exceptions there can only be one libgcc in | ||
| # process, or exceptions will no longer work. Since some of the gcc deps are | ||
| # linked dynamically like gmp/zlib/zstd and those pull in libgcc we can't | ||
| # allow libgcc to be linked statically. The default is "-static-libstdc++ | ||
| # -static-libgcc" for both, so we drop "-static-libgcc" here: | ||
| # GCC 14 Update: Since we dropped 32bit Ada with GCC 14.1 and GCC doesn't use | ||
| # exceptions elsewhere this could in theory be removed, in case it makes problems. | ||
| _extra_config+=( | ||
| '--with-boot-ldflags="-static-libstdc++"' | ||
| '--with-stage1-ldflags="-static-libstdc++"' | ||
| ) | ||
|
|
||
| # In addition adaint.c does `#include <accctrl.h>` which pulls in msxml.h, hacky hack: | ||
| CPPFLAGS+=" -DCOM_NO_WINDOWS_H" | ||
|
|
||
|
|
@@ -324,15 +314,9 @@ package_gcc() { | |
| depends=("${MINGW_PACKAGE_PREFIX}-binutils" | ||
| "${MINGW_PACKAGE_PREFIX}-crt" | ||
| "${MINGW_PACKAGE_PREFIX}-headers" | ||
| "${MINGW_PACKAGE_PREFIX}-isl" | ||
| "${MINGW_PACKAGE_PREFIX}-gmp" | ||
| "${MINGW_PACKAGE_PREFIX}-mpfr" | ||
| "${MINGW_PACKAGE_PREFIX}-mpc" | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-windows-default-manifest" | ||
| "${MINGW_PACKAGE_PREFIX}-winpthreads" | ||
| "${MINGW_PACKAGE_PREFIX}-zlib" | ||
| "${MINGW_PACKAGE_PREFIX}-zstd") | ||
| "${MINGW_PACKAGE_PREFIX}-winpthreads") | ||
| provides=("${MINGW_PACKAGE_PREFIX}-${_realname}-base" | ||
| "${MINGW_PACKAGE_PREFIX}-cc") | ||
| conflicts=("${MINGW_PACKAGE_PREFIX}-${_realname}-base" | ||
|
|
@@ -428,14 +412,7 @@ package_gcc-fortran() { | |
| pkgdesc="GNU Compiler Collection (Fortran) for MinGW-w64" | ||
| depends=("${MINGW_PACKAGE_PREFIX}-${_realname}=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libgfortran=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-gmp" | ||
| "${MINGW_PACKAGE_PREFIX}-isl" | ||
| "${MINGW_PACKAGE_PREFIX}-libwinpthread" | ||
| "${MINGW_PACKAGE_PREFIX}-mpc" | ||
| "${MINGW_PACKAGE_PREFIX}-mpfr" | ||
| "${MINGW_PACKAGE_PREFIX}-zlib" | ||
| "${MINGW_PACKAGE_PREFIX}-zstd") | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}") | ||
| provides=("${MINGW_PACKAGE_PREFIX}-fc") | ||
|
|
||
| cd "${srcdir}"/build-${MSYSTEM} | ||
|
|
@@ -450,14 +427,7 @@ package_gcc-fortran() { | |
| package_gcc-ada() { | ||
| pkgdesc="GNU Compiler Collection (Ada) for MinGW-w64" | ||
| depends=("${MINGW_PACKAGE_PREFIX}-${_realname}=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-gmp" | ||
| "${MINGW_PACKAGE_PREFIX}-isl" | ||
| "${MINGW_PACKAGE_PREFIX}-libwinpthread" | ||
| "${MINGW_PACKAGE_PREFIX}-mpc" | ||
| "${MINGW_PACKAGE_PREFIX}-mpfr" | ||
| "${MINGW_PACKAGE_PREFIX}-zlib" | ||
| "${MINGW_PACKAGE_PREFIX}-zstd") | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}") | ||
|
|
||
| cd "${srcdir}"/build-${MSYSTEM} | ||
|
|
||
|
|
@@ -469,14 +439,7 @@ package_gcc-ada() { | |
| package_gcc-objc() { | ||
| pkgdesc="GNU Compiler Collection (ObjC,Obj-C++) for MinGW-w64" | ||
| depends=("${MINGW_PACKAGE_PREFIX}-${_realname}=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-gmp" | ||
| "${MINGW_PACKAGE_PREFIX}-isl" | ||
| "${MINGW_PACKAGE_PREFIX}-libwinpthread" | ||
| "${MINGW_PACKAGE_PREFIX}-mpc" | ||
| "${MINGW_PACKAGE_PREFIX}-mpfr" | ||
| "${MINGW_PACKAGE_PREFIX}-zlib" | ||
| "${MINGW_PACKAGE_PREFIX}-zstd") | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}") | ||
|
|
||
| cd "${srcdir}"/build-${MSYSTEM} | ||
|
|
||
|
|
@@ -491,14 +454,7 @@ package_gcc-objc() { | |
| package_gcc-rust() { | ||
| pkgdesc="GNU Compiler Collection (Rust) for MinGW-w64" | ||
| depends=("${MINGW_PACKAGE_PREFIX}-${_realname}=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-gmp" | ||
| "${MINGW_PACKAGE_PREFIX}-isl" | ||
| "${MINGW_PACKAGE_PREFIX}-libwinpthread" | ||
| "${MINGW_PACKAGE_PREFIX}-mpc" | ||
| "${MINGW_PACKAGE_PREFIX}-mpfr" | ||
| "${MINGW_PACKAGE_PREFIX}-zlib" | ||
| "${MINGW_PACKAGE_PREFIX}-zstd") | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}") | ||
|
|
||
| cd "${srcdir}"/build-${MSYSTEM} | ||
|
|
||
|
|
@@ -509,14 +465,7 @@ package_gcc-rust() { | |
| package_gcc-lto-dump() { | ||
| pkgdesc="Dump link time optimization object files (mingw-w64)" | ||
| depends=("${MINGW_PACKAGE_PREFIX}-${_realname}=$pkgver-$pkgrel" | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-gmp" | ||
| "${MINGW_PACKAGE_PREFIX}-isl" | ||
| "${MINGW_PACKAGE_PREFIX}-libwinpthread" | ||
| "${MINGW_PACKAGE_PREFIX}-mpc" | ||
| "${MINGW_PACKAGE_PREFIX}-mpfr" | ||
| "${MINGW_PACKAGE_PREFIX}-zlib" | ||
| "${MINGW_PACKAGE_PREFIX}-zstd") | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}") | ||
|
|
||
| cd "${srcdir}"/build-${MSYSTEM} | ||
|
|
||
|
|
@@ -526,14 +475,7 @@ package_gcc-lto-dump() { | |
| package_libgccjit() { | ||
| pkgdesc="GNU Compiler Collection (libgccjit) for MinGW-w64" | ||
| depends=("${MINGW_PACKAGE_PREFIX}-${_realname}=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}" | ||
| "${MINGW_PACKAGE_PREFIX}-gmp" | ||
| "${MINGW_PACKAGE_PREFIX}-isl" | ||
| "${MINGW_PACKAGE_PREFIX}-libwinpthread" | ||
| "${MINGW_PACKAGE_PREFIX}-mpc" | ||
| "${MINGW_PACKAGE_PREFIX}-mpfr" | ||
| "${MINGW_PACKAGE_PREFIX}-zlib" | ||
| "${MINGW_PACKAGE_PREFIX}-zstd") | ||
| "${MINGW_PACKAGE_PREFIX}-${_realname}-libs=${pkgver}-${pkgrel}") | ||
|
|
||
| cd "${srcdir}"/build-${MSYSTEM} | ||
|
|
||
|
|
||