--- configure.orig 2019-04-17 20:17:42.351687679 -0600
+++ configure 2019-04-17 20:22:22.321887572 -0600
@@ -7341,8 +7341,10 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #define CAN_UNRANDOMIZE_SBRK 1
+ #include "h/unrandomize.h"
int main(int argc,char *argv[],char *envp[]) {
- #include "h/unrandomize.h"
+ UNRANDOMIZE_SBRK;
return 0;
}
@@ -7376,11 +7378,10 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int main(int argc,char * argv[],char * envp[]) {
FILE *f;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
if (!(f=fopen("conftest1","w")))
return -1;
fprintf(f,"%p",sbrk(0));
@@ -7411,11 +7412,10 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int main(int argc,char * argv[],char * envp[]) {
FILE *f;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
if (!(f=fopen("conftest1","w"))) return -1;
fprintf(f,"%p",sbrk(0));
return 0;
@@ -7459,7 +7459,7 @@ else
#include <stdio.h>
#include <stdlib.h>
-
+ #include "h/unrandomize.h"
unsigned long w;
void
@@ -7472,9 +7472,7 @@ else
main(int argc,char **argv,char **envp) {
void *b;
FILE *fp = fopen("conftest1","w");
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
foo();
fprintf(fp,"%d",((unsigned long) &b) > w ? -1 : 1);
fclose(fp);
@@ -7512,15 +7510,14 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int
main(int argc,char **argv,char **envp) {
void *v ;
FILE *fp = fopen("conftest1","w");
unsigned long i,j;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
j=1;
j<<=$PAGEWIDTH;
j<<=16;
@@ -7564,15 +7561,14 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int
main(int argc,char **argv,char **envp) {
void *v ;
FILE *fp = fopen("conftest1","w");
unsigned long i,j;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
j=1;
j<<=$PAGEWIDTH;
j<<=16;
@@ -7617,11 +7613,10 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int
main(int argc,char **argv,char **envp) {
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
return (long)$cstack_address<0 ? 0 : -1;
}
_ACEOF
@@ -7655,13 +7650,12 @@ else
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int main(int argc,char **argv,char **envp) {
void *b,*c;
FILE *fp = fopen("conftest1","w");
long n;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
b=alloca(sizeof(b));
c=alloca(sizeof(c));
n=b>c ? b-c : c-b;
--- configure.in.orig 2019-04-17 20:17:42.346687693 -0600
+++ configure.in 2019-04-17 20:22:14.506910168 -0600
@@ -1124,8 +1124,10 @@ if test "$HAVE_SBRK" = "1" ; then
[[
#include <stdio.h>
#include <stdlib.h>
+ #define CAN_UNRANDOMIZE_SBRK 1
+ #include "h/unrandomize.h"
int main(int argc,char *argv[],char *envp[]) {
- #include "h/unrandomize.h"
+ UNRANDOMIZE_SBRK;
return 0;
}
]])],
@@ -1140,11 +1142,10 @@ if test "$HAVE_SBRK" = "1" ; then
[[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int main(int argc,char * argv[],char * envp[]) {
FILE *f;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
if (!(f=fopen("conftest1","w")))
return -1;
fprintf(f,"%p",sbrk(0));
@@ -1161,11 +1162,10 @@ if test "$HAVE_SBRK" = "1" ; then
[[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int main(int argc,char * argv[],char * envp[]) {
FILE *f;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
if (!(f=fopen("conftest1","w"))) return -1;
fprintf(f,"%p",sbrk(0));
return 0;
@@ -1192,7 +1192,7 @@ AC_RUN_IFELSE(
[[
#include <stdio.h>
#include <stdlib.h>
-
+ #include "h/unrandomize.h"
unsigned long w;
void
@@ -1205,9 +1205,7 @@ AC_RUN_IFELSE(
main(int argc,char **argv,char **envp) {
void *b;
FILE *fp = fopen("conftest1","w");
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
foo();
fprintf(fp,"%d",((unsigned long) &b) > w ? -1 : 1);
fclose(fp);
@@ -1224,15 +1222,14 @@ AC_RUN_IFELSE(
[[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int
main(int argc,char **argv,char **envp) {
void *v ;
FILE *fp = fopen("conftest1","w");
unsigned long i,j;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
j=1;
j<<=$PAGEWIDTH;
j<<=16;
@@ -1255,15 +1252,14 @@ AC_RUN_IFELSE(
[[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int
main(int argc,char **argv,char **envp) {
void *v ;
FILE *fp = fopen("conftest1","w");
unsigned long i,j;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
j=1;
j<<=$PAGEWIDTH;
j<<=16;
@@ -1287,11 +1283,10 @@ AC_RUN_IFELSE(
[[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int
main(int argc,char **argv,char **envp) {
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
return (long)$cstack_address<0 ? 0 : -1;
}]])],
[AC_MSG_RESULT(yes)
@@ -1306,13 +1301,12 @@ AC_RUN_IFELSE(
[[
#include <stdio.h>
#include <stdlib.h>
+ #include "h/unrandomize.h"
int main(int argc,char **argv,char **envp) {
void *b,*c;
FILE *fp = fopen("conftest1","w");
long n;
- #ifdef CAN_UNRANDOMIZE_SBRK
- #include "h/unrandomize.h"
- #endif
+ UNRANDOMIZE_SBRK;
b=alloca(sizeof(b));
c=alloca(sizeof(c));
n=b>c ? b-c : c-b;
--- h/unrandomize.h.orig 2019-04-17 20:11:26.049753854 -0600
+++ h/unrandomize.h 2019-05-04 11:09:26.514874293 -0600
@@ -1,3 +1,5 @@
+#include <stdio.h>
+#include <stdlib.h>
#include <sys/personality.h>
#include <syscall.h>
#include <unistd.h>
@@ -5,61 +7,66 @@
#include <alloca.h>
#include <errno.h>
-{
- errno=0;
-
- {
-
- /*READ_IMPLIES_EXEC is for selinux, but selinux will reset it in the child*/
- long pers = personality(READ_IMPLIES_EXEC|personality(0xffffffffUL));
- long flag = ADDR_NO_RANDOMIZE;
-
- if (sizeof(long)==4) flag|=ADDR_LIMIT_3GB/* |ADDR_COMPAT_LAYOUT */;
-
- if (pers==-1) {printf("personality failure %d\n",errno);exit(-1);}
- if ((pers & flag)!=flag && !getenv("GCL_UNRANDOMIZE")) {
- errno=0;
- if (personality(pers | flag) != -1 && (personality(0xffffffffUL) & flag)==flag) {
- int i,j,k;
- char **n,**a;
- void *v;
- for (i=j=0;argv[i];i++)
- j+=strlen(argv[i])+1;
- for (k=0;envp[k];k++)
- j+=strlen(envp[k])+1;
- j+=(i+k+3)*sizeof(char *);
- if ((v=sbrk(j))==(void *)-1) {
- printf("Cannot brk environment space\n");
- exit(-1);
- }
- a=v;
- v=a+i+1;
- n=v;
- v=n+k+2;
- for (i=0;argv[i];i++) {
- a[i]=v;
- strcpy(v,argv[i]);
- v+=strlen(v)+1;
- }
- a[i]=0;
- for (k=0;envp[k];k++) {
- n[k]=v;
- strcpy(v,envp[k]);
- v+=strlen(v)+1;
- }
- n[k]="GCL_UNRANDOMIZE=t";
- n[k+1]=0;
- errno=0;
-#ifdef HAVE_GCL_CLEANUP
- gcl_cleanup(0);
+#ifdef CAN_UNRANDOMIZE_SBRK
+# ifdef HAVE_GCL_CLEANUP
+# define GCL_CLEANUP gcl_cleanup(0)
+# else
+# define GCL_CLEANUP
+# endif
+# define UNRANDOMIZE_SBRK do { \
+ errno=0; \
+ { \
+ /*READ_IMPLIES_EXEC is for selinux, but selinux will reset it in the child*/ \
+ long pers = personality(READ_IMPLIES_EXEC|personality(0xffffffffUL)); \
+ long flag = ADDR_NO_RANDOMIZE; \
+ \
+ if (sizeof(long)==4) flag|=ADDR_LIMIT_3GB/* |ADDR_COMPAT_LAYOUT */; \
+ \
+ if (pers==-1) {printf("personality failure %d\n",errno);exit(-1);} \
+ if (/*(pers & flag)!=flag &&*/ !getenv("GCL_UNRANDOMIZE")) { \
+ errno=0; \
+ if (personality(pers | flag) != -1 && (personality(0xffffffffUL) & flag)==flag) { \
+ int i,j,k; \
+ char **n,**a; \
+ void *v; \
+ for (i=j=0;argv[i];i++) \
+ j+=strlen(argv[i])+1; \
+ for (k=0;envp[k];k++) \
+ j+=strlen(envp[k])+1; \
+ j+=(i+k+3)*sizeof(char *); \
+ if ((v=sbrk(j))==(void *)-1) { \
+ printf("Cannot brk environment space\n"); \
+ exit(-1); \
+ } \
+ a=v; \
+ v=a+i+1; \
+ n=v; \
+ v=n+k+2; \
+ for (i=0;argv[i];i++) { \
+ a[i]=v; \
+ strcpy(v,argv[i]); \
+ v+=strlen(v)+1; \
+ } \
+ a[i]=0; \
+ for (k=0;envp[k];k++) { \
+ n[k]=v; \
+ strcpy(v,envp[k]); \
+ v+=strlen(v)+1; \
+ } \
+ n[k]="GCL_UNRANDOMIZE=t"; \
+ n[k+1]=0; \
+ errno=0; \
+ GCL_CLEANUP; \
+ execve(*a,a,n); \
+ printf("execve failure %d\n",errno); \
+ exit(-1); \
+ } else { \
+ printf("personality change failure %d\n",errno); \
+ exit(-1); \
+ } \
+ } \
+ } \
+} while (0)
+#else
+# define UNRANDOMIZE_SBRK
#endif
- execve(*a,a,n);
- printf("execve failure %d\n",errno);
- exit(-1);
- } else {
- printf("personality change failure %d\n",errno);
- exit(-1);
- }
- }
- }
-}
--- o/main.c.orig 2019-04-17 20:10:11.025965895 -0600
+++ o/main.c 2019-05-04 11:34:06.174604494 -0600
@@ -53,6 +53,7 @@ void initialize_process();
#include "include.h"
#include <signal.h>
#include "page.h"
+#include "unrandomize.h"
bool saving_system=FALSE;
@@ -504,11 +505,7 @@ main(int argc, char **argv, char **envp)
GET_FULL_PATH_SELF(kcl_self);
*argv=kcl_self;
-#ifdef CAN_UNRANDOMIZE_SBRK
-#include <stdio.h>
-#include <stdlib.h>
-#include "unrandomize.h"
-#endif
+ UNRANDOMIZE_SBRK;
gcl_init_alloc(&argv);