--- ./configure.orig 2014-10-28 12:00:00.000000000 -0600
+++ ./configure 2014-10-28 12:00:00.000000000 -0600
@@ -7695,9 +7695,11 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #define CAN_UNRANDOMIZE_SBRK 1
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char **argv,char **envp) {
- #include "h/unrandomize.h"
+ UNRANDOMIZE_SBRK;
return 0;}
_ACEOF
if ac_fn_c_try_run "$LINENO"; then :
@@ -7725,12 +7727,11 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char * argv[],char * envp[]) {
FILE *f;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
if (!(f=fopen("conftest1","w"))) return -1;
fprintf(f,"%u",sbrk(0));
return 0;}
@@ -7755,12 +7756,11 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char * argv[],char * envp[]) {
FILE *f;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
if (!(f=fopen("conftest1","w"))) return -1;
fprintf(f,"%u",sbrk(0));
return 0;}
@@ -7814,6 +7814,7 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void *
foo() {
int i;
@@ -7826,9 +7827,7 @@ else
FILE *fp = fopen("conftest1","w");
unsigned long i,j;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
j=1;
j<<=$PAGEWIDTH;
j<<=16;
@@ -7872,6 +7871,7 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void *
foo() {
int i;
@@ -7884,9 +7884,7 @@ else
FILE *fp = fopen("conftest1","w");
unsigned long i,j;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
j=1;
j<<=$PAGEWIDTH;
j<<=16;
@@ -7931,11 +7929,10 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char **argv,char **envp) {
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
return (long)$cstack_address<0 ? 0 : -1;
}
_ACEOF
@@ -7970,14 +7967,13 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char **argv,char **envp) {
void *b,*c;
FILE *fp = fopen("conftest1","w");
long n;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
b=alloca(sizeof(b));
c=alloca(sizeof(c));
n=b>c ? b-c : c-b;
@@ -8017,6 +8013,7 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void *
foo(void) {
int i;
@@ -8027,9 +8024,7 @@ else
int main(int argc,char **argv,char **envp) {
char *b;
FILE *fp = fopen("conftest1","w");
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
fprintf(fp,"%d",((long) &b) > ((long) foo()) ? -1 : 1);
fclose(fp);
return 0;
--- ./configure.in.orig 2014-10-28 12:00:00.000000000 -0600
+++ ./configure.in 2014-10-28 12:00:00.000000000 -0600
@@ -1435,9 +1435,11 @@ if test "$HAVE_SBRK" = "1" ; then
AC_LANG_SOURCE([[
#include <stdio.h>
#include <stdlib.h>
+ #define CAN_UNRANDOMIZE_SBRK 1
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char **argv,char **envp) {
- #include "h/unrandomize.h"
+ UNRANDOMIZE_SBRK;
return 0;}]])],
[AC_MSG_RESULT(yes)
AC_DEFINE(CAN_UNRANDOMIZE_SBRK,1,[can prevent sbrk from returning random values])],
@@ -1447,12 +1449,11 @@ if test "$HAVE_SBRK" = "1" ; then
AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char * argv[],char * envp[]) {
FILE *f;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
if (!(f=fopen("conftest1","w"))) return -1;
fprintf(f,"%u",sbrk(0));
return 0;}]])],SBRK=`cat conftest1`,SBRK=0,SBRK=0)
@@ -1462,12 +1463,11 @@ if test "$HAVE_SBRK" = "1" ; then
AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char * argv[],char * envp[]) {
FILE *f;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
if (!(f=fopen("conftest1","w"))) return -1;
fprintf(f,"%u",sbrk(0));
return 0;}]])],SBRK1=`cat conftest1`,SBRK1=0,SBRK1=0)
@@ -1539,6 +1539,7 @@ AC_MSG_CHECKING(CSTACK_ADDRESS)
AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void *
foo() {
int i;
@@ -1551,9 +1552,7 @@ AC_RUN_IFELSE([AC_LANG_SOURCE([[
FILE *fp = fopen("conftest1","w");
unsigned long i,j;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
j=1;
j<<=$PAGEWIDTH;
j<<=16;
@@ -1573,6 +1572,7 @@ AC_MSG_CHECKING([cstack bits])
AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void *
foo() {
int i;
@@ -1585,9 +1585,7 @@ AC_RUN_IFELSE([AC_LANG_SOURCE([[
FILE *fp = fopen("conftest1","w");
unsigned long i,j;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
j=1;
j<<=$PAGEWIDTH;
j<<=16;
@@ -1608,11 +1606,10 @@ AC_MSG_CHECKING(NEG_CSTACK_ADDRESS)
AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char **argv,char **envp) {
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
return (long)$cstack_address<0 ? 0 : -1;
}]])],[AC_MSG_RESULT(yes)
neg_cstack_address=1
@@ -1625,14 +1622,13 @@ AC_MSG_CHECKING([finding CSTACK_ALIGNMEN
AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void gprof_cleanup() {}
int main(int argc,char **argv,char **envp) {
void *b,*c;
FILE *fp = fopen("conftest1","w");
long n;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
b=alloca(sizeof(b));
c=alloca(sizeof(c));
n=b>c ? b-c : c-b;
@@ -1648,6 +1644,7 @@ AC_MSG_CHECKING(CSTACK_DIRECTION)
AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
void *
foo(void) {
int i;
@@ -1658,9 +1655,7 @@ AC_RUN_IFELSE([AC_LANG_SOURCE([[
int main(int argc,char **argv,char **envp) {
char *b;
FILE *fp = fopen("conftest1","w");
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
fprintf(fp,"%d",((long) &b) > ((long) foo()) ? -1 : 1);
fclose(fp);
return 0;
--- ./h/unrandomize.h.orig 2014-10-23 15:29:00.000000000 -0600
+++ ./h/unrandomize.h 2014-10-28 12:00:00.000000000 -0600
@@ -1,3 +1,5 @@
+#include <stdio.h>
+#include <stdlib.h>
#include <sys/personality.h>
#include <syscall.h>
#include <unistd.h>
@@ -5,61 +7,66 @@
#include <alloca.h>
#include <errno.h>
-{
- errno=0;
-
- {
-
- /*READ_IMPLIES_EXEC is for selinux, but selinux will reset it in the child*/
- long pers = personality(READ_IMPLIES_EXEC|personality(0xffffffffUL));
- long flag = ADDR_NO_RANDOMIZE;
-
- if (sizeof(long)==4) flag|=ADDR_LIMIT_3GB|ADDR_COMPAT_LAYOUT;
-
- if (pers==-1) {printf("personality failure %d\n",errno);exit(-1);}
- if ((pers & flag)!=flag && !getenv("GCL_UNRANDOMIZE")) {
- errno=0;
- if (personality(pers | flag) != -1 && (personality(0xffffffffUL) & flag)==flag) {
- int i,j,k;
- char **n,**a;
- void *v;
- for (i=j=0;argv[i];i++)
- j+=strlen(argv[i])+1;
- for (k=0;envp[k];k++)
- j+=strlen(envp[k])+1;
- j+=(i+k+3)*sizeof(char *);
- if ((v=sbrk(j))==(void *)-1) {
- printf("Cannot brk environment space\n");
- exit(-1);
- }
- a=v;
- v=a+i+1;
- n=v;
- v=n+k+2;
- for (i=0;argv[i];i++) {
- a[i]=v;
- strcpy(v,argv[i]);
- v+=strlen(v)+1;
- }
- a[i]=0;
- for (k=0;envp[k];k++) {
- n[k]=v;
- strcpy(v,envp[k]);
- v+=strlen(v)+1;
- }
- n[k]="GCL_UNRANDOMIZE=t";
- n[k+1]=0;
-#ifdef GCL_GPROF
- gprof_cleanup();
+#ifdef CAN_UNRANDOMIZE_SBRK
+# ifdef GCL_GPROF
+# define GPROF_CLEANUP gprof_cleanup()
+# else
+# define GPROF_CLEANUP
+# endif
+# define UNRANDOMIZE_SBRK do { \
+ errno=0; \
+ { \
+ /*READ_IMPLIES_EXEC is for selinux, but selinux will reset it in the child*/ \
+ long pers = personality(0xffffffffUL); \
+ long flag = ADDR_NO_RANDOMIZE; \
+ \
+ if (sizeof(long)==4) flag|=ADDR_LIMIT_3GB|ADDR_COMPAT_LAYOUT; \
+ \
+ if (pers==-1) {printf("personality failure %d\n",errno);exit(-1);} \
+ if ((pers & flag)!=flag && !getenv("GCL_UNRANDOMIZE")) { \
+ errno=0; \
+ if (personality(pers | flag) != -1 && (personality(0xffffffffUL) & flag)==flag) { \
+ int i,j,k; \
+ char **n,**a; \
+ void *v; \
+ for (i=j=0;argv[i];i++) \
+ j+=strlen(argv[i])+1; \
+ for (k=0;envp[k];k++) \
+ j+=strlen(envp[k])+1; \
+ j+=(i+k+3)*sizeof(char *); \
+ if ((v=sbrk(j))==(void *)-1) { \
+ printf("Cannot brk environment space\n"); \
+ exit(-1); \
+ } \
+ a=v; \
+ v=a+i+1; \
+ n=v; \
+ v=n+k+2; \
+ for (i=0;argv[i];i++) { \
+ a[i]=v; \
+ strcpy(v,argv[i]); \
+ v+=strlen(v)+1; \
+ } \
+ a[i]=0; \
+ for (k=0;envp[k];k++) { \
+ n[k]=v; \
+ strcpy(v,envp[k]); \
+ v+=strlen(v)+1; \
+ } \
+ n[k]="GCL_UNRANDOMIZE=t"; \
+ n[k+1]=0; \
+ GPROF_CLEANUP; \
+ errno=0; \
+ execve(*a,a,n); \
+ printf("execve failure %d\n",errno); \
+ exit(-1); \
+ } else { \
+ printf("personality change failure %d\n",errno); \
+ exit(-1); \
+ } \
+ } \
+ } \
+} while (0)
+#else
+# define UNRANDOMIZE_SBRK
#endif
- errno=0;
- execve(*a,a,n);
- printf("execve failure %d\n",errno);
- exit(-1);
- } else {
- printf("personality change failure %d\n",errno);
- exit(-1);
- }
- }
- }
-}
--- ./o/main.c.orig 2014-10-23 15:29:00.000000000 -0600
+++ ./o/main.c 2014-10-28 12:00:00.000000000 -0600
@@ -50,6 +50,7 @@ void initialize_process();
#include "include.h"
#include <signal.h>
#include "page.h"
+#include "unrandomize.h"
bool saving_system=FALSE;
@@ -370,11 +371,7 @@ main(int argc, char **argv, char **envp)
#endif
*argv=kcl_self;
-#ifdef CAN_UNRANDOMIZE_SBRK
-#include <stdio.h>
-#include <stdlib.h>
-#include "unrandomize.h"
-#endif
+ UNRANDOMIZE_SBRK;
#ifdef LD_BIND_NOW
#include <stdio.h>