Project

General

Profile

Actions
Copy link

Bug #15335

closed

Ruby 2.6.0 is not properly fortified

Added by vo.x (Vit Ondruch) almost 6 years ago. Updated almost 6 years ago.

Status:
Closed
Assignee:
ioquatix (Samuel Williams)
Target version:
-
ruby -v:
ruby 2.6.0dev (2018-11-22 trunk 65928) [x86_64-linux]
Backport:
2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: UNKNOWN
[ruby-core:90000]

Description

For some while, we carry this test in Fedora package 1:

checksec -f libruby.so.%{ruby_version} | \	
  grep "Full RELRO.*Canary found.*NX enabled.*DSO.*No RPATH.*No RUNPATH.*Yes.*\d*.*\d*.*libruby.so.%{ruby_version}"

This should ensure, that the library is properly fortified 2. This test was passing with preview3, but it started to fail, testing with r65928:

$ checksec -f libruby.so.2.6.0
WARNING: 'openssl' not found! It's required for most checks.

WARNING: Not all necessary commands found. Some tests might not work!

RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH	FORTIFY	Fortified Fortifiable  FILE
Full RELRO      Canary found      NX disabled   DSO             No RPATH   No RUNPATH   Yes	16		42	libruby.so.2.6.0

The NX disabled is the difference. Looking at the log, it is definitely not about configuration options. So if I should point finger at something, it seems to me that this must be it:

... snip ...

assembling coroutine/amd64/Context.s
gcc -I. -I.ext/include/x86_64-linux -I./include -I. -I./enc/unicode/10.0.0 -o coroutine/amd64/Context.o -c coroutine/amd64/Context.s

... snip ...

gcc -shared -Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-soname,libruby.so.2.6 -fstack-protector-strong  -m64 dln.o localeinit.o loadpath.o array.o ast.o bignum.o class.o compar.o compile.o complex.o cont.o debug.o debug_counter.o dir.o dln_find.o encoding.o enum.o enumerator.o error.o eval.o file.o gc.o hash.o inits.o io.o iseq.o load.o marshal.o math.o mjit.o mjit_compile.o node.o numeric.o object.o pack.o parse.o proc.o process.o random.o range.o rational.o re.o regcomp.o regenc.o regerror.o regexec.o regparse.o regsyntax.o ruby.o safe.o signal.o sprintf.o st.o strftime.o string.o struct.o symbol.o thread.o time.o transcode.o transient_heap.o util.o variable.o version.o vm.o vm_backtrace.o vm_dump.o vm_trace.o coroutine/amd64/Context.o probes.o enc/ascii.o enc/us_ascii.o enc/unicode.o enc/utf_8.o enc/trans/newline.o setproctitle.o strlcat.o strlcpy.o addr2line.o  prelude.o dmyext.o dmyenc.o -lpthread -lrt -lrt -lgmp -ldl -lcrypt -lm   -o libruby.so.2.6.0

... snip ...

I.e. the coroutines assembly. Not sure how to prove it nor fix it.

Related issues 1 (0 open1 closed)

Related to Ruby master - Bug #16762: Ruby is not properly fortified on armv7hlClosedioquatix (Samuel Williams)Actions
Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0Like0