Mock Version: 1.1.38 Mock Version: 1.1.38 ENTER do(['bash', '--login', '-c', 'rpmbuild -bs --target noarch --nodeps builddir/build/SPECS/hardening-check.spec'], False, '/var/lib/mock/f19-build-2095198-389344/root/', None, 86400, True, False, 1000, 425, None, False, {'LANG': 'en_US.UTF-8', 'TERM': 'vt100', 'SHELL': '/bin/bash', 'HOSTNAME': 'mock', 'PROMPT_COMMAND': 'echo -n ""', 'HOME': '/builddir', 'PATH': '/usr/bin:/bin:/usr/sbin:/sbin'}, logger=) Executing command: ['bash', '--login', '-c', 'rpmbuild -bs --target noarch --nodeps builddir/build/SPECS/hardening-check.spec'] with env {'LANG': 'en_US.UTF-8', 'TERM': 'vt100', 'SHELL': '/bin/bash', 'HOSTNAME': 'mock', 'PROMPT_COMMAND': 'echo -n ""', 'HOME': '/builddir', 'PATH': '/usr/bin:/bin:/usr/sbin:/sbin'} warning: Could not canonicalize hostname: buildvm-04.phx2.fedoraproject.org Building target platforms: noarch Building for target noarch Wrote: /builddir/build/SRPMS/hardening-check-2.5-1.fc19.src.rpm Child return code was: 0 LEAVE do --> ENTER do(['bash', '--login', '-c', 'rpmbuild -bb --target noarch --nodeps builddir/build/SPECS/hardening-check.spec'], False, '/var/lib/mock/f19-build-2095198-389344/root/', None, 86400, True, False, 1000, 425, None, False, {'LANG': 'en_US.UTF-8', 'TERM': 'vt100', 'SHELL': '/bin/bash', 'HOSTNAME': 'mock', 'PROMPT_COMMAND': 'echo -n ""', 'HOME': '/builddir', 'PATH': '/usr/bin:/bin:/usr/sbin:/sbin'}, logger=) Executing command: ['bash', '--login', '-c', 'rpmbuild -bb --target noarch --nodeps builddir/build/SPECS/hardening-check.spec'] with env {'LANG': 'en_US.UTF-8', 'TERM': 'vt100', 'SHELL': '/bin/bash', 'HOSTNAME': 'mock', 'PROMPT_COMMAND': 'echo -n ""', 'HOME': '/builddir', 'PATH': '/usr/bin:/bin:/usr/sbin:/sbin'} Building target platforms: noarch Building for target noarch Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.fRMryd + umask 022 + cd /builddir/build/BUILD + cd /builddir/build/BUILD + rm -rf hardening-wrapper + /usr/bin/gzip -dc /builddir/build/SOURCES/hardening-wrapper_2.5.tar.gz + /usr/bin/tar -xf - + STATUS=0 + '[' 0 -ne 0 ']' + cd hardening-wrapper + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w . + sed -i -e '/^[ \t]*if \[ -z \"\$.DEB_/d' Makefile + exit 0 Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.ylVZkx + umask 022 + cd /builddir/build/BUILD + cd hardening-wrapper + make -j4 mkdir -p build-tree # Construct wrappers. install hardened-cc hardened-ld build-tree/ # Set defaults, based on OS and ARCH. perl -pi -e 's/ #OS#/ '""'/; s/ #ARCH#/ '""'/;' build-tree/hardened-cc build-tree/hardened-ld perl -pi -e "s/default{'DEB_BUILD_HARDENING_PIE'}=1;/default{'DEB_BUILD_HARDENING_PIE'}=0;/;" build-tree/hardened-cc build-tree/hardened-ld perl -pi -e "s/default{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=1;/default{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=1;/;" build-tree/hardened-cc build-tree/hardened-ld # Duplicate cc wrapper to c++. install build-tree/hardened-cc build-tree/hardened-c++ perl -pi -e 's/hardened-cc/hardened-c++/g; s|/usr/bin/cc|/usr/bin/c++|g;' build-tree/hardened-c++ # Construct tools. install hardening.make hardening-check build-tree/ # Do not use "shell" here because it eats newlines. We want those. perl -pi -e "s/^my %libc;/my %libc = (\n$(perl hardening-check --find-libc-functions /bin/ls)\n);/;" build-tree/hardening-check # Construct man pages. install hardened-cc.1 hardened-ld.1 build-tree/ pod2man hardening-check > build-tree/hardening-check.1 # Duplicate cc man page to c++. install build-tree/hardened-cc.1 build-tree/hardened-c++.1 perl -pi -e 's/hardened-cc/hardened-c++/g; s/gcc/g++/g;' build-tree/hardened-c++.1 touch build-tree/stamp-build + exit 0 Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.Gh8JTR + umask 022 + cd /builddir/build/BUILD + '[' /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch '!=' / ']' + rm -rf /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch ++ dirname /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch + mkdir -p /builddir/build/BUILDROOT + mkdir /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch + cd hardening-wrapper + mkdir -p /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/bin /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/share/man/man1 + install -pm 0755 build-tree/hardening-check /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/bin + install -pm 0644 build-tree/hardening-check.1 /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/share/man/man1 + /usr/lib/rpm/find-debuginfo.sh --strict-build-id -m --run-dwz --dwz-low-mem-die-limit 10000000 --dwz-max-die-limit 50000000 /builddir/build/BUILD/hardening-wrapper /usr/lib/rpm/sepdebugcrcfix: Updated 0 CRC32s, 0 CRC32s did match. + /usr/lib/rpm/check-buildroot + /usr/lib/rpm/redhat/brp-compress + /usr/lib/rpm/redhat/brp-strip-static-archive /usr/bin/strip + /usr/lib/rpm/brp-python-bytecompile /usr/bin/python 1 + /usr/lib/rpm/redhat/brp-python-hardlink + /usr/lib/rpm/redhat/brp-java-repack-jars Executing(%check): /bin/sh -e /var/tmp/rpm-tmp.wGGPzc + umask 022 + cd /builddir/build/BUILD + cd hardening-wrapper + make check make -C tests check make[1]: Entering directory `/builddir/build/BUILD/hardening-wrapper/tests' # Check the stack protector and PIE options directly, just to have # a historical record in the build logs. cc -Wall -fstack-protector hello.c -o ../build-tree/cc-test || true ../build-tree/cc-test || true ../build-tree/cc-test: ok (0x80484b0) cc -Wall -fPIE -pie hello.c -o ../build-tree/cc-test || true ../build-tree/cc-test || true ../build-tree/cc-test: ok (0xf77d6640) ../build-tree/cc-test || true ../build-tree/cc-test: ok (0xf776d640) make -f Makefile.wrapper check make[2]: Entering directory `/builddir/build/BUILD/hardening-wrapper/tests' # Test basic perl syntax for script in ../build-tree/hardened-cc ../build-tree/hardened-ld ../build-tree/hardened-c++; do perl -c $script; done ../build-tree/hardened-cc syntax OK ../build-tree/hardened-ld syntax OK ../build-tree/hardened-c++ syntax OK touch syntax.stamp # Compiler and linker options disabled. DEB_BUILD_HARDENING=0 ../build-tree/hardened-cc -B ../build-tree/ -o ../build-tree/wrapper-test-stock hello.c /usr/bin/gcc -B ../build-tree/ -o ../build-tree/wrapper-test-stock hello.c readelf -ldrsW ../build-tree/wrapper-test-stock Elf file type is EXEC (Executable file) Entry point 0x8048350 There are 9 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00120 0x00120 R E 0x4 INTERP 0x000154 0x08048154 0x08048154 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00678 0x00678 R E 0x1000 LOAD 0x000f08 0x08049f08 0x08049f08 0x00118 0x0011c RW 0x1000 DYNAMIC 0x000f14 0x08049f14 0x08049f14 0x000e8 0x000e8 RW 0x4 NOTE 0x000168 0x08048168 0x08048168 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x000574 0x08048574 0x08048574 0x00034 0x00034 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x000f08 0x08049f08 0x08049f08 0x000f8 0x000f8 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame 03 .init_array .fini_array .jcr .dynamic .got .got.plt .data .bss 04 .dynamic 05 .note.ABI-tag .note.gnu.build-id 06 .eh_frame_hdr 07 08 .init_array .fini_array .jcr .dynamic .got Dynamic section at offset 0xf14 contains 24 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x80482d0 0x0000000d (FINI) 0x8048544 0x00000019 (INIT_ARRAY) 0x8049f08 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x8049f0c 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ac 0x00000005 (STRTAB) 0x804822c 0x00000006 (SYMTAB) 0x80481cc 0x0000000a (STRSZ) 78 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804a000 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x80482b0 0x00000011 (REL) 0x80482a8 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x8048288 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x804827a 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x2a8 contains 1 entries: Offset Info Type Sym. Value Symbol's Name 08049ffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x2b0 contains 4 entries: Offset Info Type Sym. Value Symbol's Name 0804a00c 00000107 R_386_JUMP_SLOT 00000000 printf 0804a010 00000207 R_386_JUMP_SLOT 00000000 __gmon_start__ 0804a014 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main 0804a018 00000407 R_386_JUMP_SLOT 00000000 snprintf Symbol table '.dynsym' contains 6 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND printf@GLIBC_2.0 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (2) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (2) 5: 0804855c 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used Symbol table '.symtab' contains 69 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048154 0 SECTION LOCAL DEFAULT 1 2: 08048168 0 SECTION LOCAL DEFAULT 2 3: 08048188 0 SECTION LOCAL DEFAULT 3 4: 080481ac 0 SECTION LOCAL DEFAULT 4 5: 080481cc 0 SECTION LOCAL DEFAULT 5 6: 0804822c 0 SECTION LOCAL DEFAULT 6 7: 0804827a 0 SECTION LOCAL DEFAULT 7 8: 08048288 0 SECTION LOCAL DEFAULT 8 9: 080482a8 0 SECTION LOCAL DEFAULT 9 10: 080482b0 0 SECTION LOCAL DEFAULT 10 11: 080482d0 0 SECTION LOCAL DEFAULT 11 12: 08048300 0 SECTION LOCAL DEFAULT 12 13: 08048350 0 SECTION LOCAL DEFAULT 13 14: 08048544 0 SECTION LOCAL DEFAULT 14 15: 08048558 0 SECTION LOCAL DEFAULT 15 16: 08048574 0 SECTION LOCAL DEFAULT 16 17: 080485a8 0 SECTION LOCAL DEFAULT 17 18: 08049f08 0 SECTION LOCAL DEFAULT 18 19: 08049f0c 0 SECTION LOCAL DEFAULT 19 20: 08049f10 0 SECTION LOCAL DEFAULT 20 21: 08049f14 0 SECTION LOCAL DEFAULT 21 22: 08049ffc 0 SECTION LOCAL DEFAULT 22 23: 0804a000 0 SECTION LOCAL DEFAULT 23 24: 0804a01c 0 SECTION LOCAL DEFAULT 24 25: 0804a020 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 28: 08049f10 0 OBJECT LOCAL DEFAULT 20 __JCR_LIST__ 29: 08048390 0 FUNC LOCAL DEFAULT 13 deregister_tm_clones 30: 080483c0 0 FUNC LOCAL DEFAULT 13 register_tm_clones 31: 08048400 0 FUNC LOCAL DEFAULT 13 __do_global_dtors_aux 32: 0804a020 1 OBJECT LOCAL DEFAULT 25 completed.5981 33: 08049f0c 0 OBJECT LOCAL DEFAULT 19 __do_global_dtors_aux_fini_array_entry 34: 08048430 0 FUNC LOCAL DEFAULT 13 frame_dummy 35: 08049f08 0 OBJECT LOCAL DEFAULT 18 __frame_dummy_init_array_entry 36: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 37: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 38: 08048674 0 OBJECT LOCAL DEFAULT 17 __FRAME_END__ 39: 08049f10 0 OBJECT LOCAL DEFAULT 20 __JCR_END__ 40: 00000000 0 FILE LOCAL DEFAULT ABS 41: 08049f0c 0 NOTYPE LOCAL DEFAULT 18 __init_array_end 42: 08049f14 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 43: 08049f08 0 NOTYPE LOCAL DEFAULT 18 __init_array_start 44: 0804a000 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 45: 08048540 2 FUNC GLOBAL DEFAULT 13 __libc_csu_fini 46: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 47: 08048380 4 FUNC GLOBAL HIDDEN 13 __x86.get_pc_thunk.bx 48: 0804a01c 0 NOTYPE WEAK DEFAULT 24 data_start 49: 00000000 0 FUNC GLOBAL DEFAULT UND printf@@GLIBC_2.0 50: 0804a020 0 NOTYPE GLOBAL DEFAULT 24 _edata 51: 08048544 0 FUNC GLOBAL DEFAULT 14 _fini 52: 0804a01c 0 NOTYPE GLOBAL DEFAULT 24 __data_start 53: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 54: 08048560 0 OBJECT GLOBAL HIDDEN 15 __dso_handle 55: 08048460 78 FUNC GLOBAL DEFAULT 13 announcement 56: 0804855c 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used 57: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 58: 080484d0 97 FUNC GLOBAL DEFAULT 13 __libc_csu_init 59: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 60: 0804a024 0 NOTYPE GLOBAL DEFAULT 25 _end 61: 08048350 0 FUNC GLOBAL DEFAULT 13 _start 62: 08048558 4 OBJECT GLOBAL DEFAULT 15 _fp_hw 63: 0804a020 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 64: 080484ae 32 FUNC GLOBAL DEFAULT 13 main 65: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses 66: 0804a020 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 67: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 68: 080482d0 0 FUNC GLOBAL DEFAULT 11 _init ../build-tree/wrapper-test-stock ../build-tree/wrapper-test-stock: ok (0x8048460) # Compiler options enabled. (linker is not wrapper) ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-compiled hello.c /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-compiled hello.c readelf -ldrsW ../build-tree/wrapper-test-compiled Elf file type is EXEC (Executable file) Entry point 0x80483e0 There are 9 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00120 0x00120 R E 0x4 INTERP 0x000154 0x08048154 0x08048154 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00720 0x00720 R E 0x1000 LOAD 0x000f08 0x08049f08 0x08049f08 0x0011c 0x00120 RW 0x1000 DYNAMIC 0x000f14 0x08049f14 0x08049f14 0x000e8 0x000e8 RW 0x4 NOTE 0x000168 0x08048168 0x08048168 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x000614 0x08048614 0x08048614 0x00034 0x00034 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x000f08 0x08049f08 0x08049f08 0x000f8 0x000f8 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame 03 .init_array .fini_array .jcr .dynamic .got .got.plt .data .bss 04 .dynamic 05 .note.ABI-tag .note.gnu.build-id 06 .eh_frame_hdr 07 08 .init_array .fini_array .jcr .dynamic .got Dynamic section at offset 0xf14 contains 24 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x804833c 0x0000000d (FINI) 0x80485e4 0x00000019 (INIT_ARRAY) 0x8049f08 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x8049f0c 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ac 0x00000005 (STRTAB) 0x804823c 0x00000006 (SYMTAB) 0x80481cc 0x0000000a (STRSZ) 130 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804a000 0x00000002 (PLTRELSZ) 40 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048314 0x00000011 (REL) 0x804830c 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x80482cc 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482be 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x30c contains 1 entries: Offset Info Type Sym. Value Symbol's Name 08049ffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x314 contains 5 entries: Offset Info Type Sym. Value Symbol's Name 0804a00c 00000107 R_386_JUMP_SLOT 00000000 __stack_chk_fail 0804a010 00000207 R_386_JUMP_SLOT 00000000 __gmon_start__ 0804a014 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main 0804a018 00000407 R_386_JUMP_SLOT 00000000 snprintf 0804a01c 00000507 R_386_JUMP_SLOT 00000000 __printf_chk Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (3) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (3) 5: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 6: 080485fc 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used Symbol table '.symtab' contains 70 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048154 0 SECTION LOCAL DEFAULT 1 2: 08048168 0 SECTION LOCAL DEFAULT 2 3: 08048188 0 SECTION LOCAL DEFAULT 3 4: 080481ac 0 SECTION LOCAL DEFAULT 4 5: 080481cc 0 SECTION LOCAL DEFAULT 5 6: 0804823c 0 SECTION LOCAL DEFAULT 6 7: 080482be 0 SECTION LOCAL DEFAULT 7 8: 080482cc 0 SECTION LOCAL DEFAULT 8 9: 0804830c 0 SECTION LOCAL DEFAULT 9 10: 08048314 0 SECTION LOCAL DEFAULT 10 11: 0804833c 0 SECTION LOCAL DEFAULT 11 12: 08048360 0 SECTION LOCAL DEFAULT 12 13: 080483c0 0 SECTION LOCAL DEFAULT 13 14: 080485e4 0 SECTION LOCAL DEFAULT 14 15: 080485f8 0 SECTION LOCAL DEFAULT 15 16: 08048614 0 SECTION LOCAL DEFAULT 16 17: 08048648 0 SECTION LOCAL DEFAULT 17 18: 08049f08 0 SECTION LOCAL DEFAULT 18 19: 08049f0c 0 SECTION LOCAL DEFAULT 19 20: 08049f10 0 SECTION LOCAL DEFAULT 20 21: 08049f14 0 SECTION LOCAL DEFAULT 21 22: 08049ffc 0 SECTION LOCAL DEFAULT 22 23: 0804a000 0 SECTION LOCAL DEFAULT 23 24: 0804a020 0 SECTION LOCAL DEFAULT 24 25: 0804a024 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 28: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 29: 08049f10 0 OBJECT LOCAL DEFAULT 20 __JCR_LIST__ 30: 08048420 0 FUNC LOCAL DEFAULT 13 deregister_tm_clones 31: 08048450 0 FUNC LOCAL DEFAULT 13 register_tm_clones 32: 08048490 0 FUNC LOCAL DEFAULT 13 __do_global_dtors_aux 33: 0804a024 1 OBJECT LOCAL DEFAULT 25 completed.5981 34: 08049f0c 0 OBJECT LOCAL DEFAULT 19 __do_global_dtors_aux_fini_array_entry 35: 080484c0 0 FUNC LOCAL DEFAULT 13 frame_dummy 36: 08049f08 0 OBJECT LOCAL DEFAULT 18 __frame_dummy_init_array_entry 37: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 38: 0804871c 0 OBJECT LOCAL DEFAULT 17 __FRAME_END__ 39: 08049f10 0 OBJECT LOCAL DEFAULT 20 __JCR_END__ 40: 00000000 0 FILE LOCAL DEFAULT ABS 41: 08049f0c 0 NOTYPE LOCAL DEFAULT 18 __init_array_end 42: 08049f14 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 43: 08049f08 0 NOTYPE LOCAL DEFAULT 18 __init_array_start 44: 0804a000 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 45: 080485e0 2 FUNC GLOBAL DEFAULT 13 __libc_csu_fini 46: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 47: 08048410 4 FUNC GLOBAL HIDDEN 13 __x86.get_pc_thunk.bx 48: 0804a020 0 NOTYPE WEAK DEFAULT 24 data_start 49: 0804a024 0 NOTYPE GLOBAL DEFAULT 24 _edata 50: 080485e4 0 FUNC GLOBAL DEFAULT 14 _fini 51: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 52: 0804a020 0 NOTYPE GLOBAL DEFAULT 24 __data_start 53: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 54: 08048600 0 OBJECT GLOBAL HIDDEN 15 __dso_handle 55: 080484f0 122 FUNC GLOBAL DEFAULT 13 announcement 56: 080485fc 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used 57: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 58: 08048570 97 FUNC GLOBAL DEFAULT 13 __libc_csu_init 59: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 60: 0804a028 0 NOTYPE GLOBAL DEFAULT 25 _end 61: 080483e0 0 FUNC GLOBAL DEFAULT 13 _start 62: 080485f8 4 OBJECT GLOBAL DEFAULT 15 _fp_hw 63: 0804a024 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 64: 080483c0 32 FUNC GLOBAL DEFAULT 13 main 65: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 66: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses 67: 0804a024 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 68: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 69: 0804833c 0 FUNC GLOBAL DEFAULT 11 _init # Run twice to show off PIE, if available in kernel ../build-tree/wrapper-test-compiled ../build-tree/wrapper-test-compiled: ok (0x80484f0) ../build-tree/wrapper-test-compiled ../build-tree/wrapper-test-compiled: ok (0x80484f0) # Enable symlink for ld to trick gcc into doing wrapped linking (cd ../build-tree && ln -s hardened-ld ld) (cd ../build-tree && ln -s hardened-ld ld.gold) # Compiler and linker options enabled. ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-linked hello.c /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-linked hello.c /usr/bin/ld.bfd -z relro -z now --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-linked /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crt1.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crti.o /usr/lib/gcc/i686-redhat-linux/4.8.2/crtbegin.o -L../build-tree -L/usr/lib/gcc/i686-redhat-linux/4.8.2 -L/usr/lib/gcc/i686-redhat-linux/4.8.2/../../.. /tmp/ccPGY12k.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/gcc/i686-redhat-linux/4.8.2/crtend.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crtn.o readelf -ldrsW ../build-tree/wrapper-test-linked Elf file type is EXEC (Executable file) Entry point 0x80483e0 There are 9 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00120 0x00120 R E 0x4 INTERP 0x000154 0x08048154 0x08048154 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00720 0x00720 R E 0x1000 LOAD 0x000ed8 0x08049ed8 0x08049ed8 0x0012c 0x00130 RW 0x1000 DYNAMIC 0x000ee4 0x08049ee4 0x08049ee4 0x000f8 0x000f8 RW 0x4 NOTE 0x000168 0x08048168 0x08048168 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x000614 0x08048614 0x08048614 0x00034 0x00034 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x000ed8 0x08049ed8 0x08049ed8 0x00128 0x00128 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame 03 .init_array .fini_array .jcr .dynamic .got .data .bss 04 .dynamic 05 .note.ABI-tag .note.gnu.build-id 06 .eh_frame_hdr 07 08 .init_array .fini_array .jcr .dynamic .got Dynamic section at offset 0xee4 contains 26 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x804833c 0x0000000d (FINI) 0x80485e4 0x00000019 (INIT_ARRAY) 0x8049ed8 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x8049edc 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ac 0x00000005 (STRTAB) 0x804823c 0x00000006 (SYMTAB) 0x80481cc 0x0000000a (STRSZ) 130 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x8049fdc 0x00000002 (PLTRELSZ) 40 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048314 0x00000011 (REL) 0x804830c 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x00000018 (BIND_NOW) 0x6ffffffb (FLAGS_1) Flags: NOW 0x6ffffffe (VERNEED) 0x80482cc 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482be 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x30c contains 1 entries: Offset Info Type Sym. Value Symbol's Name 08049ffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x314 contains 5 entries: Offset Info Type Sym. Value Symbol's Name 08049fe8 00000107 R_386_JUMP_SLOT 00000000 __stack_chk_fail 08049fec 00000207 R_386_JUMP_SLOT 00000000 __gmon_start__ 08049ff0 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main 08049ff4 00000407 R_386_JUMP_SLOT 00000000 snprintf 08049ff8 00000507 R_386_JUMP_SLOT 00000000 __printf_chk Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (3) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (3) 5: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 6: 080485fc 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used Symbol table '.symtab' contains 69 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048154 0 SECTION LOCAL DEFAULT 1 2: 08048168 0 SECTION LOCAL DEFAULT 2 3: 08048188 0 SECTION LOCAL DEFAULT 3 4: 080481ac 0 SECTION LOCAL DEFAULT 4 5: 080481cc 0 SECTION LOCAL DEFAULT 5 6: 0804823c 0 SECTION LOCAL DEFAULT 6 7: 080482be 0 SECTION LOCAL DEFAULT 7 8: 080482cc 0 SECTION LOCAL DEFAULT 8 9: 0804830c 0 SECTION LOCAL DEFAULT 9 10: 08048314 0 SECTION LOCAL DEFAULT 10 11: 0804833c 0 SECTION LOCAL DEFAULT 11 12: 08048360 0 SECTION LOCAL DEFAULT 12 13: 080483c0 0 SECTION LOCAL DEFAULT 13 14: 080485e4 0 SECTION LOCAL DEFAULT 14 15: 080485f8 0 SECTION LOCAL DEFAULT 15 16: 08048614 0 SECTION LOCAL DEFAULT 16 17: 08048648 0 SECTION LOCAL DEFAULT 17 18: 08049ed8 0 SECTION LOCAL DEFAULT 18 19: 08049edc 0 SECTION LOCAL DEFAULT 19 20: 08049ee0 0 SECTION LOCAL DEFAULT 20 21: 08049ee4 0 SECTION LOCAL DEFAULT 21 22: 08049fdc 0 SECTION LOCAL DEFAULT 22 23: 0804a000 0 SECTION LOCAL DEFAULT 23 24: 0804a004 0 SECTION LOCAL DEFAULT 24 25: 00000000 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 27: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 28: 08049ee0 0 OBJECT LOCAL DEFAULT 20 __JCR_LIST__ 29: 08048420 0 FUNC LOCAL DEFAULT 13 deregister_tm_clones 30: 08048450 0 FUNC LOCAL DEFAULT 13 register_tm_clones 31: 08048490 0 FUNC LOCAL DEFAULT 13 __do_global_dtors_aux 32: 0804a004 1 OBJECT LOCAL DEFAULT 24 completed.5981 33: 08049edc 0 OBJECT LOCAL DEFAULT 19 __do_global_dtors_aux_fini_array_entry 34: 080484c0 0 FUNC LOCAL DEFAULT 13 frame_dummy 35: 08049ed8 0 OBJECT LOCAL DEFAULT 18 __frame_dummy_init_array_entry 36: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 37: 0804871c 0 OBJECT LOCAL DEFAULT 17 __FRAME_END__ 38: 08049ee0 0 OBJECT LOCAL DEFAULT 20 __JCR_END__ 39: 00000000 0 FILE LOCAL DEFAULT ABS 40: 08049edc 0 NOTYPE LOCAL DEFAULT 18 __init_array_end 41: 08049ee4 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 42: 08049ed8 0 NOTYPE LOCAL DEFAULT 18 __init_array_start 43: 08049fdc 0 OBJECT LOCAL DEFAULT 22 _GLOBAL_OFFSET_TABLE_ 44: 080485e0 2 FUNC GLOBAL DEFAULT 13 __libc_csu_fini 45: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 46: 08048410 4 FUNC GLOBAL HIDDEN 13 __x86.get_pc_thunk.bx 47: 0804a000 0 NOTYPE WEAK DEFAULT 23 data_start 48: 0804a004 0 NOTYPE GLOBAL DEFAULT 23 _edata 49: 080485e4 0 FUNC GLOBAL DEFAULT 14 _fini 50: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 51: 0804a000 0 NOTYPE GLOBAL DEFAULT 23 __data_start 52: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 53: 08048600 0 OBJECT GLOBAL HIDDEN 15 __dso_handle 54: 080484f0 122 FUNC GLOBAL DEFAULT 13 announcement 55: 080485fc 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used 56: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 57: 08048570 97 FUNC GLOBAL DEFAULT 13 __libc_csu_init 58: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 59: 0804a008 0 NOTYPE GLOBAL DEFAULT 24 _end 60: 080483e0 0 FUNC GLOBAL DEFAULT 13 _start 61: 080485f8 4 OBJECT GLOBAL DEFAULT 15 _fp_hw 62: 0804a004 0 NOTYPE GLOBAL DEFAULT 24 __bss_start 63: 080483c0 32 FUNC GLOBAL DEFAULT 13 main 64: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 65: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses 66: 0804a004 0 OBJECT GLOBAL HIDDEN 23 __TMC_END__ 67: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 68: 0804833c 0 FUNC GLOBAL DEFAULT 11 _init # Run twice to show off PIE, if available in kernel ../build-tree/wrapper-test-linked ../build-tree/wrapper-test-linked: ok (0x80484f0) ../build-tree/wrapper-test-linked ../build-tree/wrapper-test-linked: ok (0x80484f0) # Check state of hardening features via check script perl ../build-tree/hardening-check -p ../build-tree/wrapper-test-linked ../build-tree/wrapper-test-linked: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes # Manually check state of hardening features # Skipped PIE test # Test Stack Protector nm ../build-tree/wrapper-test-linked | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Test Fortify nm ../build-tree/wrapper-test-linked | egrep '__(sn)?printf_chk($|@@GLIBC)' U __printf_chk@@GLIBC_2.3.4 # Test Format (no-op currently) # Test for RELRO readelf -lW ../build-tree/wrapper-test-linked | grep GNU_RELRO GNU_RELRO 0x000ed8 0x08049ed8 0x08049ed8 0x00128 0x00128 R 0x1 # Test for BIND_NOW readelf -dW ../build-tree/wrapper-test-linked | grep BIND_NOW 0x00000018 (BIND_NOW) # Build directly with -fPIC already defined ../build-tree/hardened-cc -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC-direct hello.c /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC-direct hello.c /usr/bin/ld.bfd -z relro -z now --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-fPIC-direct /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crt1.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crti.o /usr/lib/gcc/i686-redhat-linux/4.8.2/crtbegin.o -L../build-tree -L/usr/lib/gcc/i686-redhat-linux/4.8.2 -L/usr/lib/gcc/i686-redhat-linux/4.8.2/../../.. /tmp/ccHNPOLC.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/gcc/i686-redhat-linux/4.8.2/crtend.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crtn.o ../build-tree/wrapper-test-fPIC-direct ../build-tree/wrapper-test-fPIC-direct: ok (0x8048500) # Build .o with -fPIC already defined ../build-tree/hardened-cc -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC.o -c hello.c /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC.o -c hello.c # Link .o with -fPIC already defined ../build-tree/hardened-cc -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC ../build-tree/wrapper-test-fPIC.o /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC ../build-tree/wrapper-test-fPIC.o /usr/bin/ld.bfd -z relro -z now --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-fPIC /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crt1.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crti.o /usr/lib/gcc/i686-redhat-linux/4.8.2/crtbegin.o -L../build-tree -L/usr/lib/gcc/i686-redhat-linux/4.8.2 -L/usr/lib/gcc/i686-redhat-linux/4.8.2/../../.. ../build-tree/wrapper-test-fPIC.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/gcc/i686-redhat-linux/4.8.2/crtend.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crtn.o ../build-tree/wrapper-test-fPIC ../build-tree/wrapper-test-fPIC: ok (0x8048500) # Make sure build fails due to -Werror=format-security ! ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-format-security format.c /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-format-security format.c format.c: In function 'main': format.c:11:5: error: format not a string literal and no format arguments [-Werror=format-security] return fprintf(stderr, argv[0]); ^ cc1: some warnings being treated as errors # Make sure build succeeds with -Wno-format-security ../build-tree/hardened-cc -B ../build-tree/ -O2 -Wno-format-security -o ../build-tree/wrapper-test-format-security format.c /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -Wno-format-security -o ../build-tree/wrapper-test-format-security format.c /usr/bin/ld.bfd -z relro -z now --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-format-security /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crt1.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crti.o /usr/lib/gcc/i686-redhat-linux/4.8.2/crtbegin.o -L../build-tree -L/usr/lib/gcc/i686-redhat-linux/4.8.2 -L/usr/lib/gcc/i686-redhat-linux/4.8.2/../../.. /tmp/ccE1UdsW.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/gcc/i686-redhat-linux/4.8.2/crtend.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crtn.o # Make sure build stack-protects a small ssp buffer ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-size-protect ssp-buffer-size-protect.c /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-size-protect ssp-buffer-size-protect.c /usr/bin/ld.bfd -z relro -z now --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-ssp-buffer-size-protect /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crt1.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crti.o /usr/lib/gcc/i686-redhat-linux/4.8.2/crtbegin.o -L../build-tree -L/usr/lib/gcc/i686-redhat-linux/4.8.2 -L/usr/lib/gcc/i686-redhat-linux/4.8.2/../../.. /tmp/ccA7sz82.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/gcc/i686-redhat-linux/4.8.2/crtend.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crtn.o # Test Stack Protector nm ../build-tree/wrapper-test-ssp-buffer-size-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Make sure build does not stack-protects a tiny ssp buffer ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-size-skip ssp-buffer-size-skip.c /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-size-skip ssp-buffer-size-skip.c /usr/bin/ld.bfd -z relro -z now --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-ssp-buffer-size-skip /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crt1.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crti.o /usr/lib/gcc/i686-redhat-linux/4.8.2/crtbegin.o -L../build-tree -L/usr/lib/gcc/i686-redhat-linux/4.8.2 -L/usr/lib/gcc/i686-redhat-linux/4.8.2/../../.. /tmp/ccVFrmRZ.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/gcc/i686-redhat-linux/4.8.2/crtend.o /usr/lib/gcc/i686-redhat-linux/4.8.2/../../../crtn.o # Test Stack Protector is correctly skipped ! nm ../build-tree/wrapper-test-ssp-buffer-size-skip | egrep '__stack_chk_fail($|@@GLIBC)' ../build-tree/hardened-cc -B ../build-tree/ -O2 -c -o ../build-tree/wrapper-test-all.o hello.c /usr/bin/gcc -fstack-protector --param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -c -o ../build-tree/wrapper-test-all.o hello.c ar r ../build-tree/wrapper-test-all.a ../build-tree/wrapper-test-all.o ar: creating ../build-tree/wrapper-test-all.a readelf -ldrsW ../build-tree/wrapper-test-all.a File: ../build-tree/wrapper-test-all.a(wrapper-test-all.o) There are no program headers in this file. Relocation section '.rel.text' at offset 0x584 contains 6 entries: Offset Info Type Sym. Value Symbol's Name 00000025 00000501 R_386_32 00000000 .rodata.str1.1 00000039 00000b02 R_386_PC32 00000000 snprintf 00000041 00000a01 R_386_32 00000000 announcement 0000004d 00000501 R_386_32 00000000 .rodata.str1.1 00000059 00000c02 R_386_PC32 00000000 __printf_chk 00000076 00000d02 R_386_PC32 00000000 __stack_chk_fail Relocation section '.rel.text.startup' at offset 0x5b4 contains 1 entries: Offset Info Type Sym. Value Symbol's Name 00000012 00000a02 R_386_PC32 00000000 announcement Relocation section '.rel.eh_frame' at offset 0x5bc contains 2 entries: Offset Info Type Sym. Value Symbol's Name 00000020 00000202 R_386_PC32 00000000 .text 00000048 00000602 R_386_PC32 00000000 .text.startup Symbol table '.symtab' contains 15 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 00000000 0 SECTION LOCAL DEFAULT 1 3: 00000000 0 SECTION LOCAL DEFAULT 3 4: 00000000 0 SECTION LOCAL DEFAULT 4 5: 00000000 0 SECTION LOCAL DEFAULT 5 6: 00000000 0 SECTION LOCAL DEFAULT 6 7: 00000000 0 SECTION LOCAL DEFAULT 9 8: 00000000 0 SECTION LOCAL DEFAULT 10 9: 00000000 0 SECTION LOCAL DEFAULT 8 10: 00000000 122 FUNC GLOBAL DEFAULT 1 announcement 11: 00000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 12: 00000000 0 NOTYPE GLOBAL DEFAULT UND __printf_chk 13: 00000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 14: 00000000 32 FUNC GLOBAL DEFAULT 6 main perl ../build-tree/hardening-check -p ../build-tree/wrapper-test-all.a ../build-tree/wrapper-test-all.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) DEB_BUILD_HARDENING=0 ../build-tree/hardened-cc -B ../build-tree/ -c -o ../build-tree/wrapper-test-none.o hello.c /usr/bin/gcc -B ../build-tree/ -c -o ../build-tree/wrapper-test-none.o hello.c ar r ../build-tree/wrapper-test-none.a ../build-tree/wrapper-test-none.o ar: creating ../build-tree/wrapper-test-none.a readelf -ldrsW ../build-tree/wrapper-test-none.a File: ../build-tree/wrapper-test-none.a(wrapper-test-none.o) There are no program headers in this file. Relocation section '.rel.text' at offset 0x4a0 contains 6 entries: Offset Info Type Sym. Value Symbol's Name 00000014 00000501 R_386_32 00000000 .rodata 0000002a 00000a02 R_386_PC32 00000000 snprintf 00000032 00000901 R_386_32 00000000 announcement 00000043 00000501 R_386_32 00000000 .rodata 00000048 00000b02 R_386_PC32 00000000 printf 00000060 00000902 R_386_PC32 00000000 announcement Relocation section '.rel.eh_frame' at offset 0x4d0 contains 2 entries: Offset Info Type Sym. Value Symbol's Name 00000020 00000202 R_386_PC32 00000000 .text 00000040 00000202 R_386_PC32 00000000 .text Symbol table '.symtab' contains 13 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 00000000 0 SECTION LOCAL DEFAULT 1 3: 00000000 0 SECTION LOCAL DEFAULT 3 4: 00000000 0 SECTION LOCAL DEFAULT 4 5: 00000000 0 SECTION LOCAL DEFAULT 5 6: 00000000 0 SECTION LOCAL DEFAULT 7 7: 00000000 0 SECTION LOCAL DEFAULT 8 8: 00000000 0 SECTION LOCAL DEFAULT 6 9: 00000000 78 FUNC GLOBAL DEFAULT 1 announcement 10: 00000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 11: 00000000 0 NOTYPE GLOBAL DEFAULT UND printf 12: 0000004e 32 FUNC GLOBAL DEFAULT 1 main if perl ../build-tree/hardening-check -p ../build-tree/wrapper-test-none.a; then exit 1; fi ../build-tree/wrapper-test-none.a: Position Independent Executable: no, object archive (ignored) Stack protected: no, not found! Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) make[2]: Leaving directory `/builddir/build/BUILD/hardening-wrapper/tests' make -f Makefile.includes check make[2]: Entering directory `/builddir/build/BUILD/hardening-wrapper/tests' # Compiler and linker options disabled. DEB_BUILD_HARDENING=0 cc -o ../build-tree/includes-test-stock hello.c readelf -ldrsW ../build-tree/includes-test-stock Elf file type is EXEC (Executable file) Entry point 0x8048350 There are 9 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00120 0x00120 R E 0x4 INTERP 0x000154 0x08048154 0x08048154 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00678 0x00678 R E 0x1000 LOAD 0x000f08 0x08049f08 0x08049f08 0x00118 0x0011c RW 0x1000 DYNAMIC 0x000f14 0x08049f14 0x08049f14 0x000e8 0x000e8 RW 0x4 NOTE 0x000168 0x08048168 0x08048168 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x000574 0x08048574 0x08048574 0x00034 0x00034 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x000f08 0x08049f08 0x08049f08 0x000f8 0x000f8 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame 03 .init_array .fini_array .jcr .dynamic .got .got.plt .data .bss 04 .dynamic 05 .note.ABI-tag .note.gnu.build-id 06 .eh_frame_hdr 07 08 .init_array .fini_array .jcr .dynamic .got Dynamic section at offset 0xf14 contains 24 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x80482d0 0x0000000d (FINI) 0x8048544 0x00000019 (INIT_ARRAY) 0x8049f08 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x8049f0c 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ac 0x00000005 (STRTAB) 0x804822c 0x00000006 (SYMTAB) 0x80481cc 0x0000000a (STRSZ) 78 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804a000 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x80482b0 0x00000011 (REL) 0x80482a8 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x8048288 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x804827a 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x2a8 contains 1 entries: Offset Info Type Sym. Value Symbol's Name 08049ffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x2b0 contains 4 entries: Offset Info Type Sym. Value Symbol's Name 0804a00c 00000107 R_386_JUMP_SLOT 00000000 printf 0804a010 00000207 R_386_JUMP_SLOT 00000000 __gmon_start__ 0804a014 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main 0804a018 00000407 R_386_JUMP_SLOT 00000000 snprintf Symbol table '.dynsym' contains 6 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND printf@GLIBC_2.0 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (2) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (2) 5: 0804855c 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used Symbol table '.symtab' contains 69 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048154 0 SECTION LOCAL DEFAULT 1 2: 08048168 0 SECTION LOCAL DEFAULT 2 3: 08048188 0 SECTION LOCAL DEFAULT 3 4: 080481ac 0 SECTION LOCAL DEFAULT 4 5: 080481cc 0 SECTION LOCAL DEFAULT 5 6: 0804822c 0 SECTION LOCAL DEFAULT 6 7: 0804827a 0 SECTION LOCAL DEFAULT 7 8: 08048288 0 SECTION LOCAL DEFAULT 8 9: 080482a8 0 SECTION LOCAL DEFAULT 9 10: 080482b0 0 SECTION LOCAL DEFAULT 10 11: 080482d0 0 SECTION LOCAL DEFAULT 11 12: 08048300 0 SECTION LOCAL DEFAULT 12 13: 08048350 0 SECTION LOCAL DEFAULT 13 14: 08048544 0 SECTION LOCAL DEFAULT 14 15: 08048558 0 SECTION LOCAL DEFAULT 15 16: 08048574 0 SECTION LOCAL DEFAULT 16 17: 080485a8 0 SECTION LOCAL DEFAULT 17 18: 08049f08 0 SECTION LOCAL DEFAULT 18 19: 08049f0c 0 SECTION LOCAL DEFAULT 19 20: 08049f10 0 SECTION LOCAL DEFAULT 20 21: 08049f14 0 SECTION LOCAL DEFAULT 21 22: 08049ffc 0 SECTION LOCAL DEFAULT 22 23: 0804a000 0 SECTION LOCAL DEFAULT 23 24: 0804a01c 0 SECTION LOCAL DEFAULT 24 25: 0804a020 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 28: 08049f10 0 OBJECT LOCAL DEFAULT 20 __JCR_LIST__ 29: 08048390 0 FUNC LOCAL DEFAULT 13 deregister_tm_clones 30: 080483c0 0 FUNC LOCAL DEFAULT 13 register_tm_clones 31: 08048400 0 FUNC LOCAL DEFAULT 13 __do_global_dtors_aux 32: 0804a020 1 OBJECT LOCAL DEFAULT 25 completed.5981 33: 08049f0c 0 OBJECT LOCAL DEFAULT 19 __do_global_dtors_aux_fini_array_entry 34: 08048430 0 FUNC LOCAL DEFAULT 13 frame_dummy 35: 08049f08 0 OBJECT LOCAL DEFAULT 18 __frame_dummy_init_array_entry 36: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 37: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 38: 08048674 0 OBJECT LOCAL DEFAULT 17 __FRAME_END__ 39: 08049f10 0 OBJECT LOCAL DEFAULT 20 __JCR_END__ 40: 00000000 0 FILE LOCAL DEFAULT ABS 41: 08049f0c 0 NOTYPE LOCAL DEFAULT 18 __init_array_end 42: 08049f14 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 43: 08049f08 0 NOTYPE LOCAL DEFAULT 18 __init_array_start 44: 0804a000 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 45: 08048540 2 FUNC GLOBAL DEFAULT 13 __libc_csu_fini 46: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 47: 08048380 4 FUNC GLOBAL HIDDEN 13 __x86.get_pc_thunk.bx 48: 0804a01c 0 NOTYPE WEAK DEFAULT 24 data_start 49: 00000000 0 FUNC GLOBAL DEFAULT UND printf@@GLIBC_2.0 50: 0804a020 0 NOTYPE GLOBAL DEFAULT 24 _edata 51: 08048544 0 FUNC GLOBAL DEFAULT 14 _fini 52: 0804a01c 0 NOTYPE GLOBAL DEFAULT 24 __data_start 53: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 54: 08048560 0 OBJECT GLOBAL HIDDEN 15 __dso_handle 55: 08048460 78 FUNC GLOBAL DEFAULT 13 announcement 56: 0804855c 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used 57: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 58: 080484d0 97 FUNC GLOBAL DEFAULT 13 __libc_csu_init 59: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 60: 0804a024 0 NOTYPE GLOBAL DEFAULT 25 _end 61: 08048350 0 FUNC GLOBAL DEFAULT 13 _start 62: 08048558 4 OBJECT GLOBAL DEFAULT 15 _fp_hw 63: 0804a020 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 64: 080484ae 32 FUNC GLOBAL DEFAULT 13 main 65: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses 66: 0804a020 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 67: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 68: 080482d0 0 FUNC GLOBAL DEFAULT 11 _init ../build-tree/includes-test-stock ../build-tree/includes-test-stock: ok (0x8048460) # Compiler options enabled. (linker is not wrapper) cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-compiled hello.c readelf -ldrsW ../build-tree/includes-test-compiled Elf file type is EXEC (Executable file) Entry point 0x80483e0 There are 9 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00120 0x00120 R E 0x4 INTERP 0x000154 0x08048154 0x08048154 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00720 0x00720 R E 0x1000 LOAD 0x000ed8 0x08049ed8 0x08049ed8 0x0012c 0x00130 RW 0x1000 DYNAMIC 0x000ee4 0x08049ee4 0x08049ee4 0x000f8 0x000f8 RW 0x4 NOTE 0x000168 0x08048168 0x08048168 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x000614 0x08048614 0x08048614 0x00034 0x00034 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x000ed8 0x08049ed8 0x08049ed8 0x00128 0x00128 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame 03 .init_array .fini_array .jcr .dynamic .got .data .bss 04 .dynamic 05 .note.ABI-tag .note.gnu.build-id 06 .eh_frame_hdr 07 08 .init_array .fini_array .jcr .dynamic .got Dynamic section at offset 0xee4 contains 26 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x804833c 0x0000000d (FINI) 0x80485e4 0x00000019 (INIT_ARRAY) 0x8049ed8 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x8049edc 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ac 0x00000005 (STRTAB) 0x804823c 0x00000006 (SYMTAB) 0x80481cc 0x0000000a (STRSZ) 130 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x8049fdc 0x00000002 (PLTRELSZ) 40 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048314 0x00000011 (REL) 0x804830c 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x00000018 (BIND_NOW) 0x6ffffffb (FLAGS_1) Flags: NOW 0x6ffffffe (VERNEED) 0x80482cc 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482be 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x30c contains 1 entries: Offset Info Type Sym. Value Symbol's Name 08049ffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x314 contains 5 entries: Offset Info Type Sym. Value Symbol's Name 08049fe8 00000107 R_386_JUMP_SLOT 00000000 __stack_chk_fail 08049fec 00000207 R_386_JUMP_SLOT 00000000 __gmon_start__ 08049ff0 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main 08049ff4 00000407 R_386_JUMP_SLOT 00000000 snprintf 08049ff8 00000507 R_386_JUMP_SLOT 00000000 __printf_chk Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (3) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (3) 5: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 6: 080485fc 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used Symbol table '.symtab' contains 69 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048154 0 SECTION LOCAL DEFAULT 1 2: 08048168 0 SECTION LOCAL DEFAULT 2 3: 08048188 0 SECTION LOCAL DEFAULT 3 4: 080481ac 0 SECTION LOCAL DEFAULT 4 5: 080481cc 0 SECTION LOCAL DEFAULT 5 6: 0804823c 0 SECTION LOCAL DEFAULT 6 7: 080482be 0 SECTION LOCAL DEFAULT 7 8: 080482cc 0 SECTION LOCAL DEFAULT 8 9: 0804830c 0 SECTION LOCAL DEFAULT 9 10: 08048314 0 SECTION LOCAL DEFAULT 10 11: 0804833c 0 SECTION LOCAL DEFAULT 11 12: 08048360 0 SECTION LOCAL DEFAULT 12 13: 080483c0 0 SECTION LOCAL DEFAULT 13 14: 080485e4 0 SECTION LOCAL DEFAULT 14 15: 080485f8 0 SECTION LOCAL DEFAULT 15 16: 08048614 0 SECTION LOCAL DEFAULT 16 17: 08048648 0 SECTION LOCAL DEFAULT 17 18: 08049ed8 0 SECTION LOCAL DEFAULT 18 19: 08049edc 0 SECTION LOCAL DEFAULT 19 20: 08049ee0 0 SECTION LOCAL DEFAULT 20 21: 08049ee4 0 SECTION LOCAL DEFAULT 21 22: 08049fdc 0 SECTION LOCAL DEFAULT 22 23: 0804a000 0 SECTION LOCAL DEFAULT 23 24: 0804a004 0 SECTION LOCAL DEFAULT 24 25: 00000000 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 27: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 28: 08049ee0 0 OBJECT LOCAL DEFAULT 20 __JCR_LIST__ 29: 08048420 0 FUNC LOCAL DEFAULT 13 deregister_tm_clones 30: 08048450 0 FUNC LOCAL DEFAULT 13 register_tm_clones 31: 08048490 0 FUNC LOCAL DEFAULT 13 __do_global_dtors_aux 32: 0804a004 1 OBJECT LOCAL DEFAULT 24 completed.5981 33: 08049edc 0 OBJECT LOCAL DEFAULT 19 __do_global_dtors_aux_fini_array_entry 34: 080484c0 0 FUNC LOCAL DEFAULT 13 frame_dummy 35: 08049ed8 0 OBJECT LOCAL DEFAULT 18 __frame_dummy_init_array_entry 36: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 37: 0804871c 0 OBJECT LOCAL DEFAULT 17 __FRAME_END__ 38: 08049ee0 0 OBJECT LOCAL DEFAULT 20 __JCR_END__ 39: 00000000 0 FILE LOCAL DEFAULT ABS 40: 08049edc 0 NOTYPE LOCAL DEFAULT 18 __init_array_end 41: 08049ee4 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 42: 08049ed8 0 NOTYPE LOCAL DEFAULT 18 __init_array_start 43: 08049fdc 0 OBJECT LOCAL DEFAULT 22 _GLOBAL_OFFSET_TABLE_ 44: 080485e0 2 FUNC GLOBAL DEFAULT 13 __libc_csu_fini 45: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 46: 08048410 4 FUNC GLOBAL HIDDEN 13 __x86.get_pc_thunk.bx 47: 0804a000 0 NOTYPE WEAK DEFAULT 23 data_start 48: 0804a004 0 NOTYPE GLOBAL DEFAULT 23 _edata 49: 080485e4 0 FUNC GLOBAL DEFAULT 14 _fini 50: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 51: 0804a000 0 NOTYPE GLOBAL DEFAULT 23 __data_start 52: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 53: 08048600 0 OBJECT GLOBAL HIDDEN 15 __dso_handle 54: 080484f0 122 FUNC GLOBAL DEFAULT 13 announcement 55: 080485fc 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used 56: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 57: 08048570 97 FUNC GLOBAL DEFAULT 13 __libc_csu_init 58: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 59: 0804a008 0 NOTYPE GLOBAL DEFAULT 24 _end 60: 080483e0 0 FUNC GLOBAL DEFAULT 13 _start 61: 080485f8 4 OBJECT GLOBAL DEFAULT 15 _fp_hw 62: 0804a004 0 NOTYPE GLOBAL DEFAULT 24 __bss_start 63: 080483c0 32 FUNC GLOBAL DEFAULT 13 main 64: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 65: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses 66: 0804a004 0 OBJECT GLOBAL HIDDEN 23 __TMC_END__ 67: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 68: 0804833c 0 FUNC GLOBAL DEFAULT 11 _init # Run twice to show off PIE, if available in kernel ../build-tree/includes-test-compiled ../build-tree/includes-test-compiled: ok (0x80484f0) ../build-tree/includes-test-compiled ../build-tree/includes-test-compiled: ok (0x80484f0) # Compiler and linker options enabled. cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-linked hello.c readelf -ldrsW ../build-tree/includes-test-linked Elf file type is EXEC (Executable file) Entry point 0x80483e0 There are 9 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00120 0x00120 R E 0x4 INTERP 0x000154 0x08048154 0x08048154 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00720 0x00720 R E 0x1000 LOAD 0x000ed8 0x08049ed8 0x08049ed8 0x0012c 0x00130 RW 0x1000 DYNAMIC 0x000ee4 0x08049ee4 0x08049ee4 0x000f8 0x000f8 RW 0x4 NOTE 0x000168 0x08048168 0x08048168 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x000614 0x08048614 0x08048614 0x00034 0x00034 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x000ed8 0x08049ed8 0x08049ed8 0x00128 0x00128 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame 03 .init_array .fini_array .jcr .dynamic .got .data .bss 04 .dynamic 05 .note.ABI-tag .note.gnu.build-id 06 .eh_frame_hdr 07 08 .init_array .fini_array .jcr .dynamic .got Dynamic section at offset 0xee4 contains 26 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x804833c 0x0000000d (FINI) 0x80485e4 0x00000019 (INIT_ARRAY) 0x8049ed8 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x8049edc 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ac 0x00000005 (STRTAB) 0x804823c 0x00000006 (SYMTAB) 0x80481cc 0x0000000a (STRSZ) 130 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x8049fdc 0x00000002 (PLTRELSZ) 40 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048314 0x00000011 (REL) 0x804830c 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x00000018 (BIND_NOW) 0x6ffffffb (FLAGS_1) Flags: NOW 0x6ffffffe (VERNEED) 0x80482cc 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482be 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x30c contains 1 entries: Offset Info Type Sym. Value Symbol's Name 08049ffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x314 contains 5 entries: Offset Info Type Sym. Value Symbol's Name 08049fe8 00000107 R_386_JUMP_SLOT 00000000 __stack_chk_fail 08049fec 00000207 R_386_JUMP_SLOT 00000000 __gmon_start__ 08049ff0 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main 08049ff4 00000407 R_386_JUMP_SLOT 00000000 snprintf 08049ff8 00000507 R_386_JUMP_SLOT 00000000 __printf_chk Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (3) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (3) 5: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 6: 080485fc 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used Symbol table '.symtab' contains 69 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048154 0 SECTION LOCAL DEFAULT 1 2: 08048168 0 SECTION LOCAL DEFAULT 2 3: 08048188 0 SECTION LOCAL DEFAULT 3 4: 080481ac 0 SECTION LOCAL DEFAULT 4 5: 080481cc 0 SECTION LOCAL DEFAULT 5 6: 0804823c 0 SECTION LOCAL DEFAULT 6 7: 080482be 0 SECTION LOCAL DEFAULT 7 8: 080482cc 0 SECTION LOCAL DEFAULT 8 9: 0804830c 0 SECTION LOCAL DEFAULT 9 10: 08048314 0 SECTION LOCAL DEFAULT 10 11: 0804833c 0 SECTION LOCAL DEFAULT 11 12: 08048360 0 SECTION LOCAL DEFAULT 12 13: 080483c0 0 SECTION LOCAL DEFAULT 13 14: 080485e4 0 SECTION LOCAL DEFAULT 14 15: 080485f8 0 SECTION LOCAL DEFAULT 15 16: 08048614 0 SECTION LOCAL DEFAULT 16 17: 08048648 0 SECTION LOCAL DEFAULT 17 18: 08049ed8 0 SECTION LOCAL DEFAULT 18 19: 08049edc 0 SECTION LOCAL DEFAULT 19 20: 08049ee0 0 SECTION LOCAL DEFAULT 20 21: 08049ee4 0 SECTION LOCAL DEFAULT 21 22: 08049fdc 0 SECTION LOCAL DEFAULT 22 23: 0804a000 0 SECTION LOCAL DEFAULT 23 24: 0804a004 0 SECTION LOCAL DEFAULT 24 25: 00000000 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 27: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 28: 08049ee0 0 OBJECT LOCAL DEFAULT 20 __JCR_LIST__ 29: 08048420 0 FUNC LOCAL DEFAULT 13 deregister_tm_clones 30: 08048450 0 FUNC LOCAL DEFAULT 13 register_tm_clones 31: 08048490 0 FUNC LOCAL DEFAULT 13 __do_global_dtors_aux 32: 0804a004 1 OBJECT LOCAL DEFAULT 24 completed.5981 33: 08049edc 0 OBJECT LOCAL DEFAULT 19 __do_global_dtors_aux_fini_array_entry 34: 080484c0 0 FUNC LOCAL DEFAULT 13 frame_dummy 35: 08049ed8 0 OBJECT LOCAL DEFAULT 18 __frame_dummy_init_array_entry 36: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 37: 0804871c 0 OBJECT LOCAL DEFAULT 17 __FRAME_END__ 38: 08049ee0 0 OBJECT LOCAL DEFAULT 20 __JCR_END__ 39: 00000000 0 FILE LOCAL DEFAULT ABS 40: 08049edc 0 NOTYPE LOCAL DEFAULT 18 __init_array_end 41: 08049ee4 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 42: 08049ed8 0 NOTYPE LOCAL DEFAULT 18 __init_array_start 43: 08049fdc 0 OBJECT LOCAL DEFAULT 22 _GLOBAL_OFFSET_TABLE_ 44: 080485e0 2 FUNC GLOBAL DEFAULT 13 __libc_csu_fini 45: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_deregisterTMCloneTable 46: 08048410 4 FUNC GLOBAL HIDDEN 13 __x86.get_pc_thunk.bx 47: 0804a000 0 NOTYPE WEAK DEFAULT 23 data_start 48: 0804a004 0 NOTYPE GLOBAL DEFAULT 23 _edata 49: 080485e4 0 FUNC GLOBAL DEFAULT 14 _fini 50: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 51: 0804a000 0 NOTYPE GLOBAL DEFAULT 23 __data_start 52: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 53: 08048600 0 OBJECT GLOBAL HIDDEN 15 __dso_handle 54: 080484f0 122 FUNC GLOBAL DEFAULT 13 announcement 55: 080485fc 4 OBJECT GLOBAL DEFAULT 15 _IO_stdin_used 56: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 57: 08048570 97 FUNC GLOBAL DEFAULT 13 __libc_csu_init 58: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 59: 0804a008 0 NOTYPE GLOBAL DEFAULT 24 _end 60: 080483e0 0 FUNC GLOBAL DEFAULT 13 _start 61: 080485f8 4 OBJECT GLOBAL DEFAULT 15 _fp_hw 62: 0804a004 0 NOTYPE GLOBAL DEFAULT 24 __bss_start 63: 080483c0 32 FUNC GLOBAL DEFAULT 13 main 64: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 65: 00000000 0 NOTYPE WEAK DEFAULT UND _Jv_RegisterClasses 66: 0804a004 0 OBJECT GLOBAL HIDDEN 23 __TMC_END__ 67: 00000000 0 NOTYPE WEAK DEFAULT UND _ITM_registerTMCloneTable 68: 0804833c 0 FUNC GLOBAL DEFAULT 11 _init # Run twice to show off PIE, if available in kernel ../build-tree/includes-test-linked ../build-tree/includes-test-linked: ok (0x80484f0) ../build-tree/includes-test-linked ../build-tree/includes-test-linked: ok (0x80484f0) # Check state of hardening features via check script perl ../build-tree/hardening-check -p ../build-tree/includes-test-linked ../build-tree/includes-test-linked: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes # Manually check state of hardening features # Skipped PIE test # Test Stack Protector nm ../build-tree/includes-test-linked | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Test Fortify nm ../build-tree/includes-test-linked | egrep '__(sn)?printf_chk($|@@GLIBC)' U __printf_chk@@GLIBC_2.3.4 # Test Format (no-op currently) # Test for RELRO readelf -lW ../build-tree/includes-test-linked | grep GNU_RELRO GNU_RELRO 0x000ed8 0x08049ed8 0x08049ed8 0x00128 0x00128 R 0x1 # Test for BIND_NOW readelf -dW ../build-tree/includes-test-linked | grep BIND_NOW 0x00000018 (BIND_NOW) # Build directly with -fPIC already defined cc -fPIC -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-fPIC-direct hello.c ../build-tree/includes-test-fPIC-direct ../build-tree/includes-test-fPIC-direct: ok (0x8048500) # Build .o with -fPIC already defined cc -fPIC -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-fPIC.o -c hello.c # Link .o with -fPIC already defined cc -fPIC -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-fPIC ../build-tree/includes-test-fPIC.o ../build-tree/includes-test-fPIC ../build-tree/includes-test-fPIC: ok (0x8048500) # Make sure build fails due to -Werror=format-security ! cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-format-security format.c format.c: In function 'main': format.c:11:5: error: format not a string literal and no format arguments [-Werror=format-security] return fprintf(stderr, argv[0]); ^ cc1: some warnings being treated as errors # Make sure build succeeds with -Wno-format-security cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wno-format-security -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-format-security format.c # Make sure build stack-protects a small ssp buffer cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-ssp-buffer-size-protect ssp-buffer-size-protect.c # Test Stack Protector nm ../build-tree/includes-test-ssp-buffer-size-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Make sure build does not stack-protects a tiny ssp buffer cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-ssp-buffer-size-skip ssp-buffer-size-skip.c # Test Stack Protector is correctly skipped ! nm ../build-tree/includes-test-ssp-buffer-size-skip | egrep '__stack_chk_fail($|@@GLIBC)' cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -c -o ../build-tree/includes-test-all.o hello.c ar r ../build-tree/includes-test-all.a ../build-tree/includes-test-all.o ar: creating ../build-tree/includes-test-all.a readelf -ldrsW ../build-tree/includes-test-all.a File: ../build-tree/includes-test-all.a(includes-test-all.o) There are no program headers in this file. Relocation section '.rel.text' at offset 0x584 contains 6 entries: Offset Info Type Sym. Value Symbol's Name 00000025 00000501 R_386_32 00000000 .rodata.str1.1 00000039 00000b02 R_386_PC32 00000000 snprintf 00000041 00000a01 R_386_32 00000000 announcement 0000004d 00000501 R_386_32 00000000 .rodata.str1.1 00000059 00000c02 R_386_PC32 00000000 __printf_chk 00000076 00000d02 R_386_PC32 00000000 __stack_chk_fail Relocation section '.rel.text.startup' at offset 0x5b4 contains 1 entries: Offset Info Type Sym. Value Symbol's Name 00000012 00000a02 R_386_PC32 00000000 announcement Relocation section '.rel.eh_frame' at offset 0x5bc contains 2 entries: Offset Info Type Sym. Value Symbol's Name 00000020 00000202 R_386_PC32 00000000 .text 00000048 00000602 R_386_PC32 00000000 .text.startup Symbol table '.symtab' contains 15 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 00000000 0 SECTION LOCAL DEFAULT 1 3: 00000000 0 SECTION LOCAL DEFAULT 3 4: 00000000 0 SECTION LOCAL DEFAULT 4 5: 00000000 0 SECTION LOCAL DEFAULT 5 6: 00000000 0 SECTION LOCAL DEFAULT 6 7: 00000000 0 SECTION LOCAL DEFAULT 9 8: 00000000 0 SECTION LOCAL DEFAULT 10 9: 00000000 0 SECTION LOCAL DEFAULT 8 10: 00000000 122 FUNC GLOBAL DEFAULT 1 announcement 11: 00000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 12: 00000000 0 NOTYPE GLOBAL DEFAULT UND __printf_chk 13: 00000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 14: 00000000 32 FUNC GLOBAL DEFAULT 6 main perl ../build-tree/hardening-check -p ../build-tree/includes-test-all.a ../build-tree/includes-test-all.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) DEB_BUILD_HARDENING=0 cc -c -o ../build-tree/includes-test-none.o hello.c ar r ../build-tree/includes-test-none.a ../build-tree/includes-test-none.o ar: creating ../build-tree/includes-test-none.a readelf -ldrsW ../build-tree/includes-test-none.a File: ../build-tree/includes-test-none.a(includes-test-none.o) There are no program headers in this file. Relocation section '.rel.text' at offset 0x4a0 contains 6 entries: Offset Info Type Sym. Value Symbol's Name 00000014 00000501 R_386_32 00000000 .rodata 0000002a 00000a02 R_386_PC32 00000000 snprintf 00000032 00000901 R_386_32 00000000 announcement 00000043 00000501 R_386_32 00000000 .rodata 00000048 00000b02 R_386_PC32 00000000 printf 00000060 00000902 R_386_PC32 00000000 announcement Relocation section '.rel.eh_frame' at offset 0x4d0 contains 2 entries: Offset Info Type Sym. Value Symbol's Name 00000020 00000202 R_386_PC32 00000000 .text 00000040 00000202 R_386_PC32 00000000 .text Symbol table '.symtab' contains 13 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 00000000 0 SECTION LOCAL DEFAULT 1 3: 00000000 0 SECTION LOCAL DEFAULT 3 4: 00000000 0 SECTION LOCAL DEFAULT 4 5: 00000000 0 SECTION LOCAL DEFAULT 5 6: 00000000 0 SECTION LOCAL DEFAULT 7 7: 00000000 0 SECTION LOCAL DEFAULT 8 8: 00000000 0 SECTION LOCAL DEFAULT 6 9: 00000000 78 FUNC GLOBAL DEFAULT 1 announcement 10: 00000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 11: 00000000 0 NOTYPE GLOBAL DEFAULT UND printf 12: 0000004e 32 FUNC GLOBAL DEFAULT 1 main if perl ../build-tree/hardening-check -p ../build-tree/includes-test-none.a; then exit 1; fi ../build-tree/includes-test-none.a: Position Independent Executable: no, object archive (ignored) Stack protected: no, not found! Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) # Disable stack protector cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -fno-stack-protector -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: no, not found! Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes # Disable fortify cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -U_FORTIFY_SOURCE -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: yes Immediate binding: yes # Disable relro cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -Wl,-z,norelro -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, not found! Immediate binding: yes # Disable bindnow cc -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -Wl,-z,lazy -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: no, not found! # Disable everything cc \ -fstack-protector --param ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 \ -Wl,-z,relro -Wl,-z,now \ -fno-stack-protector \ -U_FORTIFY_SOURCE \ -Wno-format-security \ -Wl,-z,norelro \ -Wl,-z,lazy \ -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: no, not found! Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, not found! Immediate binding: no, not found! readelf -ldW ../build-tree/includes-disabled Elf file type is EXEC (Executable file) Entry point 0x8048350 There are 8 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00100 0x00100 R E 0x4 INTERP 0x000134 0x08048134 0x08048134 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x0065c 0x0065c R E 0x1000 LOAD 0x00065c 0x0804965c 0x0804965c 0x00118 0x0011c RW 0x1000 DYNAMIC 0x000668 0x08049668 0x08049668 0x000e8 0x000e8 RW 0x4 NOTE 0x000148 0x08048148 0x08048148 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x000554 0x08048554 0x08048554 0x00034 0x00034 R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame 03 .init_array .fini_array .jcr .dynamic .got .got.plt .data .bss 04 .dynamic 05 .note.ABI-tag .note.gnu.build-id 06 .eh_frame_hdr 07 Dynamic section at offset 0x668 contains 24 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x80482b0 0x0000000d (FINI) 0x8048524 0x00000019 (INIT_ARRAY) 0x804965c 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x8049660 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x804818c 0x00000005 (STRTAB) 0x804820c 0x00000006 (SYMTAB) 0x80481ac 0x0000000a (STRSZ) 78 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x8049754 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048290 0x00000011 (REL) 0x8048288 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x8048268 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x804825a 0x00000000 (NULL) 0x0 make[2]: Leaving directory `/builddir/build/BUILD/hardening-wrapper/tests' make[1]: Leaving directory `/builddir/build/BUILD/hardening-wrapper/tests' + exit 0 Processing files: hardening-check-2.5-1.fc19.noarch Executing(%doc): /bin/sh -e /var/tmp/rpm-tmp.Zmio9D + umask 022 + cd /builddir/build/BUILD + cd hardening-wrapper + DOCDIR=/builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/share/doc/hardening-check-2.5 + export DOCDIR + /usr/bin/mkdir -p /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/share/doc/hardening-check-2.5 + cp -pr AUTHORS /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/share/doc/hardening-check-2.5 + cp -pr TODO /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/share/doc/hardening-check-2.5 + cp -pr debian/changelog /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/share/doc/hardening-check-2.5 + cp -pr debian/copyright /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/share/doc/hardening-check-2.5 + cp -pr debian/README.Debian /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch/usr/share/doc/hardening-check-2.5 + exit 0 Provides: hardening-check = 2.5-1.fc19 Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 Requires: /usr/bin/perl perl(Getopt::Long) perl(IPC::Open3) perl(Pod::Usage) perl(Symbol) perl(Term::ANSIColor) perl(strict) perl(warnings) Checking for unpackaged file(s): /usr/lib/rpm/check-files /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch warning: Could not canonicalize hostname: buildvm-04.phx2.fedoraproject.org Wrote: /builddir/build/RPMS/hardening-check-2.5-1.fc19.noarch.rpm Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.ijctCx + umask 022 + cd /builddir/build/BUILD + cd hardening-wrapper + /usr/bin/rm -rf /builddir/build/BUILDROOT/hardening-check-2.5-1.fc19.noarch + exit 0 Child return code was: 0 LEAVE do -->