[gentoo-commits] proj/elfix:master commit in: src/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Anthony G. Basile" <blueness@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/elfix:master commit in: src/
Date: Sun, 11 Sep 2011 03:40:51 +0000 (UTC)	[thread overview]
Message-ID: <657823f4a515099433694e8a1aad7f9f2a107c23.blueness@gentoo> (raw)

commit:     657823f4a515099433694e8a1aad7f9f2a107c23
Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sun Sep 11 03:40:44 2011 +0000
Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sun Sep 11 03:40:44 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/elfix.git;a=commit;h=657823f4

src/paxctl-ng.c: enable+disable flag means default setting

---
 src/paxctl-ng.c |  129 ++++++++++++++++++++++++++++---------------------------
 1 files changed, 66 insertions(+), 63 deletions(-)

diff --git a/src/paxctl-ng.c b/src/paxctl-ng.c
index 361e9a7..cbb4084 100644
--- a/src/paxctl-ng.c
+++ b/src/paxctl-ng.c
@@ -51,16 +51,17 @@ print_help(char *v)
 		"Bug Reports  : " PACKAGE_BUGREPORT "\n"
 		"Program Name : %s\n"
 		"Description  : Get or set pax flags on an ELF object\n\n"
-		"Usage        : %s [-{Pp}{Ee}{Mm}{Rr}{Xx}{Ss}v ELF] | [-Z ELF] | [-z ELF] | [-h]\n\n"
-		"options      : -P Enable PAGEEXEC\tor\t-p disable  PAGEEXEC\n"
-		"             : -E Enable EMUTRAMP\tor\t-e disable  EMUTRAMP\n"
-		"             : -M Enable MPROTECT\tor\t-m disable  MPROTECT\n"
-		"             : -R Enable RANDMMAP\tor\t-r disable  RANDMMAP\n"
-		"             : -X Enable RANDEXEC\tor\t-x disable  RANDEXEC\n"
-		"             : -S Enable SEGMEXEC\tor\t-s disable  SEGMEXEC\n"
-		"             : -Z Default most secure\tor\t-z Default least secure\n"
+		"Usage        : %s [-PpEeMmRrXxSsv ELF] | [-Z ELF] | [-z ELF] | [-h]\n\n"
+		"Options      : -P enable PAGEEXEC\t-p disable  PAGEEXEC\n"
+		"             : -E enable EMUTRAMP\t-e disable  EMUTRAMP\n"
+		"             : -M enable MPROTECT\t-m disable  MPROTECT\n"
+		"             : -R enable RANDMMAP\t-r disable  RANDMMAP\n"
+		"             : -X enable RANDEXEC\t-x disable  RANDEXEC\n"
+		"             : -S enable SEGMEXEC\t-s disable  SEGMEXEC\n"
+		"             : -Z most secure settings\t-z all default settings\n"
 		"             : -v view the flags\n"
-		"             : -h Print out this help\n\n",
+		"             : -h print out this help\n\n"
+		"Note         :  If both enabling and disabling flags are set, the default - is used\n\n",
 		basename(v),
 		basename(v)
 	);
@@ -136,8 +137,7 @@ parse_cmd_args(int c, char *v[], int *pax_flags, int *view_flags)
 				compat += 1;
 				break ;
 			case 'z':
-				*pax_flags = PF_NOPAGEEXEC | PF_NOSEGMEXEC | PF_NOMPROTECT |
-					PF_EMUTRAMP | PF_NORANDMMAP | PF_NORANDEXEC;
+				*pax_flags = -1;
 				compat += 1;
 				break;
 			case 'v':
@@ -152,24 +152,6 @@ parse_cmd_args(int c, char *v[], int *pax_flags, int *view_flags)
 				error(EXIT_FAILURE, 0, "option -%c is invalid: ignored.", optopt ) ;
 		}
 
-	if( (*pax_flags & PF_PAGEEXEC) && (*pax_flags & PF_NOPAGEEXEC))
-		compat = 2;
-
-	if( (*pax_flags & PF_SEGMEXEC) && (*pax_flags & PF_NOSEGMEXEC))
-		compat = 2;
-
-	if( (*pax_flags & PF_MPROTECT) && (*pax_flags & PF_NOMPROTECT))
-		compat = 2;
-
-	if( (*pax_flags & PF_EMUTRAMP) && (*pax_flags & PF_NOEMUTRAMP))
-		compat = 2;
-
-	if( (*pax_flags & PF_RANDMMAP) && (*pax_flags & PF_NORANDMMAP))
-		compat = 2;
-
-	if( (*pax_flags & PF_RANDEXEC) && (*pax_flags & PF_NORANDEXEC))
-		compat = 2;
-
 	if(compat != 1 || v[optind] == NULL)
 		print_help(v[0]);
 
@@ -179,20 +161,25 @@ parse_cmd_args(int c, char *v[], int *pax_flags, int *view_flags)
 
 #define BUF_SIZE 7
 void
-print_flags(Elf *e, GElf_Ehdr *eh)
+print_flags(Elf *elf)
 {
+	GElf_Ehdr ehdr;
 	char ei_buf[BUF_SIZE];
-	char pt_buf[BUF_SIZE];
 	uint16_t ei_flags;
 
+	GElf_Phdr phdr;
+	char pt_buf[BUF_SIZE];
 	char found_pt_pax;
 	size_t i, phnum;
-	GElf_Phdr phdr;
+
 
 	memset(ei_buf, 0, BUF_SIZE);
 	memset(pt_buf, 0, BUF_SIZE);
 
-	ei_flags = eh->e_ident[EI_PAX] + (eh->e_ident[EI_PAX + 1] << 8);
+	if(gelf_getehdr(elf, &ehdr) != &ehdr)
+		error(EXIT_FAILURE, 0, "gelf_getehdr(): %s", elf_errmsg(elf_errno()));
+
+	ei_flags = ehdr.e_ident[EI_PAX] + (ehdr.e_ident[EI_PAX + 1] << 8);
 
   	ei_buf[0] = ei_flags & HF_PAX_PAGEEXEC ? 'p' : 'P';
 	ei_buf[1] = ei_flags & HF_PAX_SEGMEXEC ? 's' : 'S';
@@ -204,10 +191,10 @@ print_flags(Elf *e, GElf_Ehdr *eh)
 	printf("EI_PAX: %s\n", ei_buf);
 
 	found_pt_pax = 0;
-	elf_getphdrnum(e, &phnum);
+	elf_getphdrnum(elf, &phnum);
 	for(i=0; i<phnum; ++i)
 	{
-		if(gelf_getphdr(e, i, &phdr) != &phdr)
+		if(gelf_getphdr(elf, i, &phdr) != &phdr)
 			error(EXIT_FAILURE, 0, "gelf_getphdr(): %s", elf_errmsg(elf_errno()));
 		if(phdr.p_type == PT_PAX_FLAGS)
 		{
@@ -238,8 +225,47 @@ print_flags(Elf *e, GElf_Ehdr *eh)
 	else
 		printf("PT_PAX: not found\n");
 
-	if(strcmp(ei_buf, pt_buf))
-		printf("EI_PAX != PT_PAX\n");
+	//Only compare non default flags
+	//if(strcmp(ei_buf, pt_buf))
+	//	printf("EI_PAX != PT_PAX\n");
+}
+
+
+void
+set_flags(Elf *elf)
+{
+	GElf_Ehdr ehdr;
+	char ei_buf[BUF_SIZE];
+	uint16_t ei_flags;
+
+	GElf_Phdr phdr;
+	char pt_buf[BUF_SIZE];
+	char found_pt_pax;
+	size_t i, phnum;
+
+
+	memset(ei_buf, 0, BUF_SIZE);
+	memset(pt_buf, 0, BUF_SIZE);
+
+	/*
+	if(!gelf_update_ehdr(e, &ehdr))
+		error(EXIT_FAILURE, 0, "gelf_update_ehdr(): %s", elf_errmsg(elf_errno()));
+
+	elf_getphdrnum(elf, &phnum);
+	for(i=0; i<phnum; ++i)
+	{
+		if(gelf_getphdr(elf, i, &phdr) != &phdr)
+			error(EXIT_FAILURE, 0, "gelf_getphdr(): %s", elf_errmsg(elf_errno()));
+
+		if((phdr.p_type == PT_PAX_FLAGS) && flag_pt_pax_flags )
+		{
+			printf("CONVERTED -> PT_NULL\n\n");
+			phdr.p_type = PT_NULL;
+			if(!gelf_update_phdr(elf, i, &phdr))
+				error(EXIT_FAILURE, 0, "gelf_update_phdr(): %s", elf_errmsg(elf_errno()));
+		}
+	}
+	*/
 }
 
 
@@ -251,7 +277,6 @@ main( int argc, char *argv[])
 	char *f_name;
 
 	Elf *elf;
-	GElf_Ehdr ehdr;
 
 	f_name = parse_cmd_args(argc, argv, &pax_flags, &view_flags);
 
@@ -267,33 +292,11 @@ main( int argc, char *argv[])
 	if(elf_kind(elf) != ELF_K_ELF)
 		error(EXIT_FAILURE, 0, "elf_kind() fail: this is not an elf file.");
 
-	// get ehdr
-	if(gelf_getehdr(elf, &ehdr) != &ehdr)
-		error(EXIT_FAILURE, 0, "gelf_getehdr(): %s", elf_errmsg(elf_errno()));
-
 	if(view_flags == 1)
-		print_flags(elf, &ehdr);
+		print_flags(elf);
 
-	/*
-	if(!gelf_update_ehdr(elf, &ehdr))
-		error(EXIT_FAILURE, 0, "gelf_update_ehdr(): %s", elf_errmsg(elf_errno()));
-
-	elf_getphdrnum(elf, &phnum);
-	for(i=0; i<phnum; ++i)
-	{
-		if(gelf_getphdr(elf, i, &phdr) != &phdr)
-			error(EXIT_FAILURE, 0, "gelf_getphdr(): %s", elf_errmsg(elf_errno()));
-
-		if((phdr.p_type == PT_PAX_FLAGS) && flag_pt_pax_flags )
-		{
-			printf("CONVERTED -> PT_NULL\n\n");
-			phdr.p_type = PT_NULL;
-			if(!gelf_update_phdr(elf, i, &phdr))
-				error(EXIT_FAILURE, 0, "gelf_update_phdr(): %s", elf_errmsg(elf_errno()));
-		}
-	}
-	printf("\n\n");
-	*/
+	if(pax_flags != 0)
+		set_flags(elf);
 
 	elf_end(elf);
 	close(fd);

next             reply	other threads:[~2011-09-11  3:41 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-09-11  3:40 Anthony G. Basile [this message]
  -- strict thread matches above, loose matches on Subject: below --
2018-12-13 14:48 [gentoo-commits] proj/elfix:master commit in: src/ Anthony G. Basile
2013-09-26 12:24 Anthony G. Basile
2012-12-28 23:07 Anthony G. Basile
2012-12-22 17:48 Anthony G. Basile
2012-12-21 20:36 Anthony G. Basile
2012-11-10 23:27 Anthony G. Basile
2012-11-10 22:29 Anthony G. Basile
2012-11-10 21:55 Anthony G. Basile
2012-11-10 21:35 Anthony G. Basile
2012-11-10 21:26 Anthony G. Basile
2012-07-27 22:00 Anthony G. Basile
2012-07-23 10:47 Anthony G. Basile
2012-07-21 12:37 Anthony G. Basile
2012-07-20 13:24 Anthony G. Basile
2012-07-20 11:56 Anthony G. Basile
2012-07-20  9:30 Anthony G. Basile
2011-11-27  0:59 Anthony G. Basile
2011-11-27  0:26 Anthony G. Basile
2011-11-15 16:07 Anthony G. Basile
2011-11-03 18:45 Anthony G. Basile
2011-11-03 18:16 Anthony G. Basile
2011-11-03 12:33 Anthony G. Basile
2011-10-22 19:51 Anthony G. Basile
2011-10-18 22:48 Anthony G. Basile
2011-09-27 18:49 Anthony G. Basile
2011-09-27 17:58 Anthony G. Basile
2011-09-27 17:30 Anthony G. Basile
2011-09-18 22:48 Anthony G. Basile
2011-09-18 14:20 Anthony G. Basile
2011-09-11 21:12 Anthony G. Basile
2011-09-11  2:32 Anthony G. Basile
2011-09-11  1:54 Anthony G. Basile
2011-09-11  0:23 Anthony G. Basile
2011-09-10 21:36 Anthony G. Basile
2011-09-10 21:35 Anthony G. Basile
2011-09-10 21:11 Anthony G. Basile
2011-05-13 12:01 Anthony G. Basile
2011-05-05 22:40 Anthony G. Basile
2011-05-04  2:15 Anthony G. Basile

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:361e9a7 dfblob:cbb4084 )
 OR (
bs:"[gentoo-commits] proj/elfix:master commit in: src/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=657823f4a515099433694e8a1aad7f9f2a107c23.blueness@gentoo \
    --to=blueness@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox