This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: [RFC PATCH] Little hardening DSOs/executables against exploits (take 2)
On Thu, Jan 15, 2004 at 12:29:39PM +0100, Jakub Jelinek wrote:
> That's because the order of .got/.sbss/.data/.sdata/.bss should be following:
>
> RW segment small:
> ----------+
> .got |
> RELRO_END |
> .data |- reachable by pic reg
> .sdata |
> .sbss-----+
> .bss
Ah, I missed noticing that you were putting .data in the middle of
.got / .sdata in one case.
> SBSS small:
> .got------+
> RELRO_END |
> .sdata |- reachable by pic reg
> .sbss-----+
> .data
> .bss
Here, the real condition isn't that .sbss is small, but that the
combined size of .got, .sdata, .sbss and the segment gap you
introduce is less than 32k. Can you manage to test something like that?
Also, the 32k limit might change some time as the ABI allows you to put
_GLOBAL_OFFSET_TABLE in the middle of .got.
--
Alan Modra
IBM OzLabs - Linux Technology Centre