[polyml] 08/13: Mark stack as non-executable on non-Linux systems

James Clarke jrtc27-guest at moszumanska.debian.org
Sat Mar 12 20:28:25 UTC 2016 

This is an automated email from the git hooks/post-receive script.

jrtc27-guest pushed a commit to branch master
in repository polyml.

commit a363e8cde29d0c86339a0ad81a80803d81f8fc02
Author: James Clarke <jrtc27 at jrtc27.com>
Date:   Fri Mar 11 16:55:22 2016 +0000

    Mark stack as non-executable on non-Linux systems
---
 debian/changelog                     |  1 +
 debian/patches/noexec-stack-gnu.diff | 50 ++++++++++++++++++++++++++++++++++++
 debian/patches/series                |  1 +
 3 files changed, 52 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 92d5ffa..ea9baeb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,7 @@ polyml (5.6-3) UNRELEASED; urgency=low
     - m68k.diff: Add support for m68k
     - maxpathlen.diff: Remove all use of MAXPATHLEN
     - mips64.diff: Add support for mips64/mips64el
+    - noexec-stack-gnu.diff: Mark stack as non-executable on all GNU systems
     - x32.diff: Add support for x32
 
  -- James Clarke <jrtc27 at jrtc27.com>  Tue, 02 Feb 2016 21:15:49 +0000
diff --git a/debian/patches/noexec-stack-gnu.diff b/debian/patches/noexec-stack-gnu.diff
new file mode 100644
index 0000000..6c6502c
--- /dev/null
+++ b/debian/patches/noexec-stack-gnu.diff
@@ -0,0 +1,50 @@
+Description: Mark stack as non-executable on all GNU systems
+Author: James Clarke <jrtc27 at jrtc27.com>
+Forwarded: https://github.com/polyml/polyml/pull/34
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/libpolyml/x86asm.asm
++++ b/libpolyml/x86asm.asm
+@@ -791,12 +791,10 @@
+ 
+ ENDIF
+ 
+-;# Mark the stack as non-executable when compiling for Linux
+-IFDEF __linux__
+-IFDEF __ELF__
++;# Mark the stack as non-executable when supported
++IFDEF HAVE_GNU_STACK
+ .section .note.GNU-stack, "", @progbits
+ ENDIF
+-ENDIF
+ 
+ ;#
+ ;# CODE STARTS HERE
+--- a/config.h.in
++++ b/config.h.in
+@@ -129,6 +129,9 @@
+ /* Define to 1 if you have the `gmtime_r' function. */
+ #undef HAVE_GMTIME_R
+ 
++/* Define to 1 if you have .note.GNU-stack support in the assembler. */
++#undef HAVE_GNU_STACK
++
+ /* Define to 1 if you have the <grp.h> header file. */
+ #undef HAVE_GRP_H
+ 
+--- a/configure.ac
++++ b/configure.ac
+@@ -401,6 +401,13 @@
+ # Additional checks. AC_CANONICAL_HOST has already been called.
+ #AC_CANONICAL_HOST
+ 
++# Check for .note.GNU-stack support, used for marking the stack as non-executable.
++AC_MSG_CHECKING([whether as supports .note.GNU-stack])
++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[__asm__(".section .note.GNU-stack,\"\", at progbits");]])],
++    [AC_MSG_RESULT([yes])] [AC_DEFINE([HAVE_GNU_STACK], [1],
++        [Define to 1 if you have .note.GNU-stack support in the assembler.])],
++    [AC_MSG_RESULT([no])])
++
+ # This option enables the native code generator.  More precisely it allows
+ # the byte code interpreter to be built on X86.
+ 
diff --git a/debian/patches/series b/debian/patches/series
index 2687ca5..b396ee3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -15,3 +15,4 @@ m68k.diff
 mips64.diff
 x32.diff
 maxpathlen.diff
+noexec-stack-gnu.diff

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-science/packages/polyml.git

More information about the debian-science-commits mailing list