<86>Jul 17 07:34:51 userdel[4965]: delete user 'rooter' <86>Jul 17 07:34:51 userdel[4965]: removed group 'rooter' owned by 'rooter' <86>Jul 17 07:34:51 userdel[4965]: removed shadow group 'rooter' owned by 'rooter' <86>Jul 17 07:34:51 groupadd[4979]: group added to /etc/group: name=rooter, GID=603 <86>Jul 17 07:34:51 groupadd[4979]: group added to /etc/gshadow: name=rooter <86>Jul 17 07:34:51 groupadd[4979]: new group: name=rooter, GID=603 <86>Jul 17 07:34:51 useradd[4994]: new user: name=rooter, UID=603, GID=603, home=/root, shell=/bin/bash <86>Jul 17 07:34:51 userdel[5011]: delete user 'builder' <86>Jul 17 07:34:51 userdel[5011]: removed group 'builder' owned by 'builder' <86>Jul 17 07:34:51 userdel[5011]: removed shadow group 'builder' owned by 'builder' <86>Jul 17 07:34:51 groupadd[5081]: group added to /etc/group: name=builder, GID=604 <86>Jul 17 07:34:51 groupadd[5081]: group added to /etc/gshadow: name=builder <86>Jul 17 07:34:51 groupadd[5081]: new group: name=builder, GID=604 <86>Jul 17 07:34:51 useradd[5096]: new user: name=builder, UID=604, GID=604, home=/usr/src, shell=/bin/bash warning: user mike does not exist - using root warning: group mike does not exist - using root warning: user mike does not exist - using root warning: group mike does not exist - using root warning: user mike does not exist - using root warning: group mike does not exist - using root <13>Jul 17 07:34:54 rpmi: perl-Term-Cap-1.17-alt1 1445018869 installed <13>Jul 17 07:34:54 rpmi: perl-Term-ANSIColor-4.06-alt1 1479407083 installed <13>Jul 17 07:34:54 rpmi: perl-Pod-Escapes-1.07-alt1 1418767892 installed <13>Jul 17 07:34:54 rpmi: perl-Filter-1.59-alt1.1 sisyphus+219907.400.1.1 1548343389 installed <13>Jul 17 07:34:54 rpmi: perl-Encode-3.01-alt1 sisyphus+224923.100.1.1 1552474122 installed <13>Jul 17 07:34:54 rpmi: perl-Pod-Simple-3.39-alt1 sisyphus+234046.100.1.1 1562497785 installed <13>Jul 17 07:34:54 rpmi: perl-Pod-Usage-1.69-alt1 1464274721 installed <13>Jul 17 07:34:54 rpmi: perl-podlators-4.12-alt1 sisyphus+231574.100.1.1 1559749961 installed Building target platforms: i586 Building for target i586 Wrote: /usr/src/in/nosrpm/hardening-wrapper-2.6-alt1.nosrc.rpm Installing hardening-wrapper-2.6-alt1.src.rpm Building target platforms: i586 Building for target i586 Executing(%prep): /bin/sh -e /usr/src/tmp/rpm-tmp.69259 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + rm -rf hardening-wrapper-2.6 + /bin/mkdir -p hardening-wrapper-2.6 + cd hardening-wrapper-2.6 + echo 'Source #0 (hardening-wrapper_2.6.tar.xz):' Source #0 (hardening-wrapper_2.6.tar.xz): + /usr/bin/xz -dc /usr/src/RPM/SOURCES/hardening-wrapper_2.6.tar.xz + /bin/tar -xf - + /bin/chmod -c -Rf u+rwX,go-w . + echo 'Patch #0 (hardening-wrapper-2.6-fix_perl.patch):' Patch #0 (hardening-wrapper-2.6-fix_perl.patch): + /usr/bin/patch -p1 patching file hardening-wrapper/Makefile + sed -i.debian -e '/^[ \t]*if \[ -z \"\$.DEB_/d' hardening-wrapper/Makefile + exit 0 Executing(%build): /bin/sh -e /usr/src/tmp/rpm-tmp.69259 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + cd hardening-wrapper-2.6 + make -j8 -C hardening-wrapper make: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper' mkdir -p build-tree # Construct wrappers. install hardened-cc hardened-ld build-tree/ # Set defaults, based on OS and ARCH. perl -pi -e 's/ #OS#/ '""'/; s/ #ARCH#/ '""'/;' build-tree/hardened-cc build-tree/hardened-ld perl -pi -e "s/default\{'DEB_BUILD_HARDENING_PIE'\}=1;/default{'DEB_BUILD_HARDENING_PIE'}=0;/;" build-tree/hardened-cc build-tree/hardened-ld perl -pi -e "s/default\{'DEB_BUILD_HARDENING_STACKPROTECTOR'\}=1;/default{'DEB_BUILD_HARDENING_STACKPROTECTOR'}=1;/;" build-tree/hardened-cc build-tree/hardened-ld # Duplicate cc wrapper to c++. install build-tree/hardened-cc build-tree/hardened-c++ perl -pi -e 's/hardened-cc/hardened-c++/g; s|/usr/bin/cc|/usr/bin/c++|g;' build-tree/hardened-c++ # Construct tools. install hardening.make hardening-check build-tree/ # Do not use "shell" here because it eats newlines. We want those. perl -pi -e "s/^my %libc;/my %libc = (\n$(perl hardening-check --find-libc-functions /bin/ls)\n);/;" build-tree/hardening-check # Construct man pages. install hardened-cc.1 hardened-ld.1 build-tree/ pod2man hardening-check > build-tree/hardening-check.1 # Duplicate cc man page to c++. install build-tree/hardened-cc.1 build-tree/hardened-c++.1 perl -pi -e 's/hardened-cc/hardened-c++/g; s/gcc/g++/g;' build-tree/hardened-c++.1 touch build-tree/stamp-build make: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper' + exit 0 Executing(%install): /bin/sh -e /usr/src/tmp/rpm-tmp.28630 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + /bin/chmod -Rf u+rwX -- /usr/src/tmp/hardening-wrapper-buildroot + : + /bin/rm -rf -- /usr/src/tmp/hardening-wrapper-buildroot + cd hardening-wrapper-2.6 + install -pDm0755 hardening-wrapper/build-tree/hardening-check /usr/src/tmp/hardening-wrapper-buildroot/usr/bin/hardening-check + install -pDm0644 hardening-wrapper/build-tree/hardening-check.1 /usr/src/tmp/hardening-wrapper-buildroot/usr/share/man/man1/hardening-check.1 + /usr/lib/rpm/brp-alt Cleaning files in /usr/src/tmp/hardening-wrapper-buildroot (auto) Verifying and fixing files in /usr/src/tmp/hardening-wrapper-buildroot (binconfig,pkgconfig,libtool,desktop) Checking contents of files in /usr/src/tmp/hardening-wrapper-buildroot/ (default) Compressing files in /usr/src/tmp/hardening-wrapper-buildroot (auto) Verifying ELF objects in /usr/src/tmp/hardening-wrapper-buildroot (arch=normal,fhs=normal,lfs=relaxed,lint=relaxed,rpath=normal,stack=normal,textrel=normal,unresolved=normal) Hardlinking identical .pyc and .pyo files Executing(%check): /bin/sh -e /usr/src/tmp/rpm-tmp.28630 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + cd hardening-wrapper-2.6 + make -j8 -C hardening-wrapper check make: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper' make -C tests check make[1]: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make[1]: warning: jobserver unavailable: using -j1. Add '+' to parent make rule. make[1]: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make[1]: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' # Check the stack protector and PIE options directly, just to have # a historical record in the build logs. cc -Wall -fstack-protector hello.c -o ../build-tree/cc-test || true ../build-tree/cc-test || true ../build-tree/cc-test: ok (0x8049182) cc -Wall -fstack-protector-strong hello.c -o ../build-tree/cc-test || true ../build-tree/cc-test || true ../build-tree/cc-test: ok (0x8049182) cc -Wall -fPIE -pie hello.c -o ../build-tree/cc-test || true ../build-tree/cc-test || true ../build-tree/cc-test: ok (0x566141c9) ../build-tree/cc-test || true ../build-tree/cc-test: ok (0x566531c9) make -f Makefile.wrapper check make[2]: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' # Test basic perl syntax for script in ../build-tree/hardened-cc ../build-tree/hardened-ld ../build-tree/hardened-c++; do perl -c $script; done ../build-tree/hardened-cc syntax OK ../build-tree/hardened-ld syntax OK ../build-tree/hardened-c++ syntax OK touch syntax.stamp # Compiler and linker options disabled. DEB_BUILD_HARDENING=0 ../build-tree/hardened-cc -B ../build-tree/ -o ../build-tree/wrapper-test-stock hello.c /usr/bin/gcc_wrapper -B ../build-tree/ -o ../build-tree/wrapper-test-stock hello.c readelf -ldrsW ../build-tree/wrapper-test-stock Elf file type is EXEC (Executable file) Entry point 0x8049090 There are 11 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00160 0x00160 R 0x4 INTERP 0x000194 0x08048194 0x08048194 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x0034c 0x0034c R 0x1000 LOAD 0x001000 0x08049000 0x08049000 0x002a8 0x002a8 R E 0x1000 LOAD 0x002000 0x0804a000 0x0804a000 0x00158 0x00158 R 0x1000 LOAD 0x002f0c 0x0804bf0c 0x0804bf0c 0x00114 0x00118 RW 0x1000 DYNAMIC 0x002f14 0x0804bf14 0x0804bf14 0x000e8 0x000e8 RW 0x4 NOTE 0x0001a8 0x080481a8 0x080481a8 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x00201c 0x0804a01c 0x0804a01c 0x0003c 0x0003c R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x002f0c 0x0804bf0c 0x0804bf0c 0x000f4 0x000f4 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .dynamic .got .got.plt .data .bss 06 .dynamic 07 .note.ABI-tag .note.gnu.build-id 08 .eh_frame_hdr 09 10 .init_array .fini_array .dynamic .got Dynamic section at offset 0x2f14 contains 24 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x8049000 0x0000000d (FINI) 0x8049294 0x00000019 (INIT_ARRAY) 0x804bf0c 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x804bf10 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ec 0x00000005 (STRTAB) 0x804827c 0x00000006 (SYMTAB) 0x804820c 0x0000000a (STRSZ) 105 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804c000 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x804832c 0x00000011 (REL) 0x8048324 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x80482f4 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482e6 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x324 contains 1 entry: Offset Info Type Sym. Value Symbol's Name 0804bffc 00000306 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x32c contains 4 entries: Offset Info Type Sym. Value Symbol's Name 0804c00c 00000107 R_386_JUMP_SLOT 00000000 printf@GLIBC_2.0 0804c010 00000207 R_386_JUMP_SLOT 00000000 __stack_chk_fail@GLIBC_2.4 0804c014 00000407 R_386_JUMP_SLOT 00000000 __libc_start_main@GLIBC_2.0 0804c018 00000507 R_386_JUMP_SLOT 00000000 snprintf@GLIBC_2.0 Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND printf@GLIBC_2.0 (2) 2: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (3) 3: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 4: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (2) 5: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (2) 6: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used Symbol table '.symtab' contains 76 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048194 0 SECTION LOCAL DEFAULT 1 2: 080481a8 0 SECTION LOCAL DEFAULT 2 3: 080481c8 0 SECTION LOCAL DEFAULT 3 4: 080481ec 0 SECTION LOCAL DEFAULT 4 5: 0804820c 0 SECTION LOCAL DEFAULT 5 6: 0804827c 0 SECTION LOCAL DEFAULT 6 7: 080482e6 0 SECTION LOCAL DEFAULT 7 8: 080482f4 0 SECTION LOCAL DEFAULT 8 9: 08048324 0 SECTION LOCAL DEFAULT 9 10: 0804832c 0 SECTION LOCAL DEFAULT 10 11: 08049000 0 SECTION LOCAL DEFAULT 11 12: 08049030 0 SECTION LOCAL DEFAULT 12 13: 08049080 0 SECTION LOCAL DEFAULT 13 14: 08049090 0 SECTION LOCAL DEFAULT 14 15: 08049294 0 SECTION LOCAL DEFAULT 15 16: 0804a000 0 SECTION LOCAL DEFAULT 16 17: 0804a01c 0 SECTION LOCAL DEFAULT 17 18: 0804a058 0 SECTION LOCAL DEFAULT 18 19: 0804bf0c 0 SECTION LOCAL DEFAULT 19 20: 0804bf10 0 SECTION LOCAL DEFAULT 20 21: 0804bf14 0 SECTION LOCAL DEFAULT 21 22: 0804bffc 0 SECTION LOCAL DEFAULT 22 23: 0804c000 0 SECTION LOCAL DEFAULT 23 24: 0804c01c 0 SECTION LOCAL DEFAULT 24 25: 0804c020 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 SECTION LOCAL DEFAULT 27 28: 00000000 0 SECTION LOCAL DEFAULT 28 29: 00000000 0 SECTION LOCAL DEFAULT 29 30: 00000000 0 SECTION LOCAL DEFAULT 30 31: 00000000 0 SECTION LOCAL DEFAULT 31 32: 00000000 0 SECTION LOCAL DEFAULT 32 33: 00000000 0 SECTION LOCAL DEFAULT 33 34: 00000000 0 FILE LOCAL DEFAULT ABS init.c 35: 00000000 0 FILE LOCAL DEFAULT ABS static-reloc.c 36: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 37: 080490d0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 38: 08049110 0 FUNC LOCAL DEFAULT 14 register_tm_clones 39: 08049150 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 40: 0804c020 1 OBJECT LOCAL DEFAULT 25 completed.7552 41: 0804bf10 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 42: 08049180 0 FUNC LOCAL DEFAULT 14 frame_dummy 43: 0804bf0c 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 44: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 45: 00000000 0 FILE LOCAL DEFAULT ABS elf-init.c 46: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 47: 0804a154 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 48: 00000000 0 FILE LOCAL DEFAULT ABS 49: 0804bf10 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 50: 0804bf14 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 51: 0804bf0c 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 52: 0804a01c 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 53: 0804c000 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 54: 08049290 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 55: 080490c0 4 FUNC GLOBAL HIDDEN 14 __x86.get_pc_thunk.bx 56: 0804c01c 0 NOTYPE WEAK DEFAULT 24 data_start 57: 00000000 0 FUNC GLOBAL DEFAULT UND printf@@GLIBC_2.0 58: 0804c020 0 NOTYPE GLOBAL DEFAULT 24 _edata 59: 08049294 0 FUNC GLOBAL DEFAULT 15 _fini 60: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 61: 0804c01c 0 NOTYPE GLOBAL DEFAULT 24 __data_start 62: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 63: 0804a008 0 OBJECT GLOBAL HIDDEN 16 __dso_handle 64: 08049182 107 FUNC GLOBAL DEFAULT 14 announcement 65: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 66: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 67: 08049230 85 FUNC GLOBAL DEFAULT 14 __libc_csu_init 68: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 69: 0804c024 0 NOTYPE GLOBAL DEFAULT 25 _end 70: 08049090 0 FUNC GLOBAL DEFAULT 14 _start 71: 0804a000 4 OBJECT GLOBAL DEFAULT 16 _fp_hw 72: 0804c020 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 73: 080491ed 52 FUNC GLOBAL DEFAULT 14 main 74: 0804c020 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 75: 08049000 0 FUNC GLOBAL DEFAULT 11 _init ../build-tree/wrapper-test-stock ../build-tree/wrapper-test-stock: ok (0x8049182) # Compiler options enabled. (linker is not wrapper) ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-compiled hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-compiled hello.c readelf -ldrsW ../build-tree/wrapper-test-compiled Elf file type is EXEC (Executable file) Entry point 0x80490be There are 11 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00160 0x00160 R 0x4 INTERP 0x000194 0x08048194 0x08048194 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00374 0x00374 R 0x1000 LOAD 0x001000 0x08049000 0x08049000 0x00298 0x00298 R E 0x1000 LOAD 0x002000 0x0804a000 0x0804a000 0x00180 0x00180 R 0x1000 LOAD 0x002f0c 0x0804bf0c 0x0804bf0c 0x00114 0x00118 RW 0x1000 DYNAMIC 0x002f14 0x0804bf14 0x0804bf14 0x000e8 0x000e8 RW 0x4 NOTE 0x0001a8 0x080481a8 0x080481a8 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x00201c 0x0804a01c 0x0804a01c 0x0003c 0x0003c R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x002f0c 0x0804bf0c 0x0804bf0c 0x000f4 0x000f4 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .dynamic .got .got.plt .data .bss 06 .dynamic 07 .note.ABI-tag .note.gnu.build-id 08 .eh_frame_hdr 09 10 .init_array .fini_array .dynamic .got Dynamic section at offset 0x2f14 contains 24 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x8049000 0x0000000d (FINI) 0x8049284 0x00000019 (INIT_ARRAY) 0x804bf0c 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x804bf10 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ec 0x00000005 (STRTAB) 0x804827c 0x00000006 (SYMTAB) 0x804820c 0x0000000a (STRSZ) 130 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804c000 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048354 0x00000011 (REL) 0x804834c 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x804830c 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482fe 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x34c contains 1 entry: Offset Info Type Sym. Value Symbol's Name 0804bffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x354 contains 4 entries: Offset Info Type Sym. Value Symbol's Name 0804c00c 00000107 R_386_JUMP_SLOT 00000000 __stack_chk_fail@GLIBC_2.4 0804c010 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main@GLIBC_2.0 0804c014 00000407 R_386_JUMP_SLOT 00000000 snprintf@GLIBC_2.0 0804c018 00000507 R_386_JUMP_SLOT 00000000 __printf_chk@GLIBC_2.3.4 Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (3) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (3) 5: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 6: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used Symbol table '.symtab' contains 76 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048194 0 SECTION LOCAL DEFAULT 1 2: 080481a8 0 SECTION LOCAL DEFAULT 2 3: 080481c8 0 SECTION LOCAL DEFAULT 3 4: 080481ec 0 SECTION LOCAL DEFAULT 4 5: 0804820c 0 SECTION LOCAL DEFAULT 5 6: 0804827c 0 SECTION LOCAL DEFAULT 6 7: 080482fe 0 SECTION LOCAL DEFAULT 7 8: 0804830c 0 SECTION LOCAL DEFAULT 8 9: 0804834c 0 SECTION LOCAL DEFAULT 9 10: 08048354 0 SECTION LOCAL DEFAULT 10 11: 08049000 0 SECTION LOCAL DEFAULT 11 12: 08049030 0 SECTION LOCAL DEFAULT 12 13: 08049080 0 SECTION LOCAL DEFAULT 13 14: 08049090 0 SECTION LOCAL DEFAULT 14 15: 08049284 0 SECTION LOCAL DEFAULT 15 16: 0804a000 0 SECTION LOCAL DEFAULT 16 17: 0804a01c 0 SECTION LOCAL DEFAULT 17 18: 0804a058 0 SECTION LOCAL DEFAULT 18 19: 0804bf0c 0 SECTION LOCAL DEFAULT 19 20: 0804bf10 0 SECTION LOCAL DEFAULT 20 21: 0804bf14 0 SECTION LOCAL DEFAULT 21 22: 0804bffc 0 SECTION LOCAL DEFAULT 22 23: 0804c000 0 SECTION LOCAL DEFAULT 23 24: 0804c01c 0 SECTION LOCAL DEFAULT 24 25: 0804c020 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 SECTION LOCAL DEFAULT 27 28: 00000000 0 SECTION LOCAL DEFAULT 28 29: 00000000 0 SECTION LOCAL DEFAULT 29 30: 00000000 0 SECTION LOCAL DEFAULT 30 31: 00000000 0 SECTION LOCAL DEFAULT 31 32: 00000000 0 SECTION LOCAL DEFAULT 32 33: 00000000 0 SECTION LOCAL DEFAULT 33 34: 00000000 0 FILE LOCAL DEFAULT ABS init.c 35: 00000000 0 FILE LOCAL DEFAULT ABS static-reloc.c 36: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 37: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 38: 080490f0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 39: 08049130 0 FUNC LOCAL DEFAULT 14 register_tm_clones 40: 08049170 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 41: 0804c020 1 OBJECT LOCAL DEFAULT 25 completed.7552 42: 0804bf10 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 43: 080491a0 0 FUNC LOCAL DEFAULT 14 frame_dummy 44: 0804bf0c 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 45: 00000000 0 FILE LOCAL DEFAULT ABS elf-init.c 46: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 47: 0804a17c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 48: 00000000 0 FILE LOCAL DEFAULT ABS 49: 0804bf10 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 50: 0804bf14 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 51: 0804bf0c 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 52: 0804a01c 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 53: 0804c000 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 54: 08049280 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 55: 080490e0 4 FUNC GLOBAL HIDDEN 14 __x86.get_pc_thunk.bx 56: 0804c01c 0 NOTYPE WEAK DEFAULT 24 data_start 57: 0804c020 0 NOTYPE GLOBAL DEFAULT 24 _edata 58: 08049284 0 FUNC GLOBAL DEFAULT 15 _fini 59: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 60: 0804c01c 0 NOTYPE GLOBAL DEFAULT 24 __data_start 61: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 62: 0804a008 0 OBJECT GLOBAL HIDDEN 16 __dso_handle 63: 080491b0 99 FUNC GLOBAL DEFAULT 14 announcement 64: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 65: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 66: 08049220 85 FUNC GLOBAL DEFAULT 14 __libc_csu_init 67: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 68: 0804c024 0 NOTYPE GLOBAL DEFAULT 25 _end 69: 080490be 0 FUNC GLOBAL DEFAULT 14 _start 70: 0804a000 4 OBJECT GLOBAL DEFAULT 16 _fp_hw 71: 0804c020 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 72: 08049090 46 FUNC GLOBAL DEFAULT 14 main 73: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 74: 0804c020 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 75: 08049000 0 FUNC GLOBAL DEFAULT 11 _init # Run twice to show off PIE, if available in kernel ../build-tree/wrapper-test-compiled ../build-tree/wrapper-test-compiled: ok (0x80491b0) ../build-tree/wrapper-test-compiled ../build-tree/wrapper-test-compiled: ok (0x80491b0) # Enable symlink for ld to trick gcc into doing wrapped linking (cd ../build-tree && ln -s hardened-ld ld) (cd ../build-tree && ln -s hardened-ld ld.gold) # Compiler and linker options enabled. ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-linked hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-linked hello.c /usr/bin/ld -z relro -z now -plugin /usr/libexec/gcc/i586-alt-linux/8/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/i586-alt-linux/8/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/cc3dtJns.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-linked /usr/lib/gcc/i586-alt-linux/8/../../../crt1.o /usr/lib/gcc/i586-alt-linux/8/../../../crti.o /usr/lib/gcc/i586-alt-linux/8/crtbegin.o -L../build-tree -L/usr/lib/gcc/i586-alt-linux/8 -L/usr/lib/gcc/i586-alt-linux/8/../../.. /usr/src/tmp/ccJGz24l.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib/gcc/i586-alt-linux/8/crtend.o /usr/lib/gcc/i586-alt-linux/8/../../../crtn.o readelf -ldrsW ../build-tree/wrapper-test-linked Elf file type is EXEC (Executable file) Entry point 0x80490be There are 11 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00160 0x00160 R 0x4 INTERP 0x000194 0x08048194 0x08048194 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00374 0x00374 R 0x1000 LOAD 0x001000 0x08049000 0x08049000 0x00298 0x00298 R E 0x1000 LOAD 0x002000 0x0804a000 0x0804a000 0x00180 0x00180 R 0x1000 LOAD 0x002ee0 0x0804bee0 0x0804bee0 0x00124 0x00128 RW 0x1000 DYNAMIC 0x002ee8 0x0804bee8 0x0804bee8 0x000f8 0x000f8 RW 0x4 NOTE 0x0001a8 0x080481a8 0x080481a8 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x00201c 0x0804a01c 0x0804a01c 0x0003c 0x0003c R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x002ee0 0x0804bee0 0x0804bee0 0x00120 0x00120 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .dynamic .got .data .bss 06 .dynamic 07 .note.ABI-tag .note.gnu.build-id 08 .eh_frame_hdr 09 10 .init_array .fini_array .dynamic .got Dynamic section at offset 0x2ee8 contains 26 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x8049000 0x0000000d (FINI) 0x8049284 0x00000019 (INIT_ARRAY) 0x804bee0 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x804bee4 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ec 0x00000005 (STRTAB) 0x804827c 0x00000006 (SYMTAB) 0x804820c 0x0000000a (STRSZ) 130 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804bfe0 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048354 0x00000011 (REL) 0x804834c 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x00000018 (BIND_NOW) 0x6ffffffb (FLAGS_1) Flags: NOW 0x6ffffffe (VERNEED) 0x804830c 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482fe 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x34c contains 1 entry: Offset Info Type Sym. Value Symbol's Name 0804bffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x354 contains 4 entries: Offset Info Type Sym. Value Symbol's Name 0804bfec 00000107 R_386_JUMP_SLOT 00000000 __stack_chk_fail@GLIBC_2.4 0804bff0 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main@GLIBC_2.0 0804bff4 00000407 R_386_JUMP_SLOT 00000000 snprintf@GLIBC_2.0 0804bff8 00000507 R_386_JUMP_SLOT 00000000 __printf_chk@GLIBC_2.3.4 Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (3) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (3) 5: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 6: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used Symbol table '.symtab' contains 75 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048194 0 SECTION LOCAL DEFAULT 1 2: 080481a8 0 SECTION LOCAL DEFAULT 2 3: 080481c8 0 SECTION LOCAL DEFAULT 3 4: 080481ec 0 SECTION LOCAL DEFAULT 4 5: 0804820c 0 SECTION LOCAL DEFAULT 5 6: 0804827c 0 SECTION LOCAL DEFAULT 6 7: 080482fe 0 SECTION LOCAL DEFAULT 7 8: 0804830c 0 SECTION LOCAL DEFAULT 8 9: 0804834c 0 SECTION LOCAL DEFAULT 9 10: 08048354 0 SECTION LOCAL DEFAULT 10 11: 08049000 0 SECTION LOCAL DEFAULT 11 12: 08049030 0 SECTION LOCAL DEFAULT 12 13: 08049080 0 SECTION LOCAL DEFAULT 13 14: 08049090 0 SECTION LOCAL DEFAULT 14 15: 08049284 0 SECTION LOCAL DEFAULT 15 16: 0804a000 0 SECTION LOCAL DEFAULT 16 17: 0804a01c 0 SECTION LOCAL DEFAULT 17 18: 0804a058 0 SECTION LOCAL DEFAULT 18 19: 0804bee0 0 SECTION LOCAL DEFAULT 19 20: 0804bee4 0 SECTION LOCAL DEFAULT 20 21: 0804bee8 0 SECTION LOCAL DEFAULT 21 22: 0804bfe0 0 SECTION LOCAL DEFAULT 22 23: 0804c000 0 SECTION LOCAL DEFAULT 23 24: 0804c004 0 SECTION LOCAL DEFAULT 24 25: 00000000 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 SECTION LOCAL DEFAULT 27 28: 00000000 0 SECTION LOCAL DEFAULT 28 29: 00000000 0 SECTION LOCAL DEFAULT 29 30: 00000000 0 SECTION LOCAL DEFAULT 30 31: 00000000 0 SECTION LOCAL DEFAULT 31 32: 00000000 0 SECTION LOCAL DEFAULT 32 33: 00000000 0 FILE LOCAL DEFAULT ABS init.c 34: 00000000 0 FILE LOCAL DEFAULT ABS static-reloc.c 35: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 36: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 37: 080490f0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 38: 08049130 0 FUNC LOCAL DEFAULT 14 register_tm_clones 39: 08049170 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 40: 0804c004 1 OBJECT LOCAL DEFAULT 24 completed.7552 41: 0804bee4 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 42: 080491a0 0 FUNC LOCAL DEFAULT 14 frame_dummy 43: 0804bee0 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 44: 00000000 0 FILE LOCAL DEFAULT ABS elf-init.c 45: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 46: 0804a17c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 47: 00000000 0 FILE LOCAL DEFAULT ABS 48: 0804bee4 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 49: 0804bee8 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 50: 0804bee0 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 51: 0804a01c 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 52: 0804bfe0 0 OBJECT LOCAL DEFAULT 22 _GLOBAL_OFFSET_TABLE_ 53: 08049280 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 54: 080490e0 4 FUNC GLOBAL HIDDEN 14 __x86.get_pc_thunk.bx 55: 0804c000 0 NOTYPE WEAK DEFAULT 23 data_start 56: 0804c004 0 NOTYPE GLOBAL DEFAULT 23 _edata 57: 08049284 0 FUNC GLOBAL DEFAULT 15 _fini 58: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 59: 0804c000 0 NOTYPE GLOBAL DEFAULT 23 __data_start 60: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 61: 0804a008 0 OBJECT GLOBAL HIDDEN 16 __dso_handle 62: 080491b0 99 FUNC GLOBAL DEFAULT 14 announcement 63: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 64: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 65: 08049220 85 FUNC GLOBAL DEFAULT 14 __libc_csu_init 66: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 67: 0804c008 0 NOTYPE GLOBAL DEFAULT 24 _end 68: 080490be 0 FUNC GLOBAL DEFAULT 14 _start 69: 0804a000 4 OBJECT GLOBAL DEFAULT 16 _fp_hw 70: 0804c004 0 NOTYPE GLOBAL DEFAULT 24 __bss_start 71: 08049090 46 FUNC GLOBAL DEFAULT 14 main 72: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 73: 0804c004 0 OBJECT GLOBAL HIDDEN 23 __TMC_END__ 74: 08049000 0 FUNC GLOBAL DEFAULT 11 _init # Run twice to show off PIE, if available in kernel ../build-tree/wrapper-test-linked ../build-tree/wrapper-test-linked: ok (0x80491b0) ../build-tree/wrapper-test-linked ../build-tree/wrapper-test-linked: ok (0x80491b0) # Check state of hardening features via check script perl ../build-tree/hardening-check -p ../build-tree/wrapper-test-linked ../build-tree/wrapper-test-linked: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes # Manually check state of hardening features # Skipped PIE test # Test Stack Protector nm ../build-tree/wrapper-test-linked | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Test Fortify nm ../build-tree/wrapper-test-linked | egrep '__(sn)?printf_chk($|@@GLIBC)' U __printf_chk@@GLIBC_2.3.4 # Test Format (no-op currently) # Test for RELRO readelf -lW ../build-tree/wrapper-test-linked | grep GNU_RELRO GNU_RELRO 0x002ee0 0x0804bee0 0x0804bee0 0x00120 0x00120 R 0x1 # Test for BIND_NOW readelf -dW ../build-tree/wrapper-test-linked | grep BIND_NOW 0x00000018 (BIND_NOW) # Build directly with -fPIC already defined ../build-tree/hardened-cc -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC-direct hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC-direct hello.c /usr/bin/ld -z relro -z now -plugin /usr/libexec/gcc/i586-alt-linux/8/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/i586-alt-linux/8/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/ccCVZBJq.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-fPIC-direct /usr/lib/gcc/i586-alt-linux/8/../../../crt1.o /usr/lib/gcc/i586-alt-linux/8/../../../crti.o /usr/lib/gcc/i586-alt-linux/8/crtbegin.o -L../build-tree -L/usr/lib/gcc/i586-alt-linux/8 -L/usr/lib/gcc/i586-alt-linux/8/../../.. /usr/src/tmp/ccEJjUEY.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib/gcc/i586-alt-linux/8/crtend.o /usr/lib/gcc/i586-alt-linux/8/../../../crtn.o ../build-tree/wrapper-test-fPIC-direct ../build-tree/wrapper-test-fPIC-direct: ok (0x80491c0) # Build .o with -fPIC already defined ../build-tree/hardened-cc -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC.o -c hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC.o -c hello.c # Link .o with -fPIC already defined ../build-tree/hardened-cc -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC ../build-tree/wrapper-test-fPIC.o /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -fPIC -O2 -o ../build-tree/wrapper-test-fPIC ../build-tree/wrapper-test-fPIC.o /usr/bin/ld -z relro -z now -plugin /usr/libexec/gcc/i586-alt-linux/8/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/i586-alt-linux/8/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/cc9j32yN.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-fPIC /usr/lib/gcc/i586-alt-linux/8/../../../crt1.o /usr/lib/gcc/i586-alt-linux/8/../../../crti.o /usr/lib/gcc/i586-alt-linux/8/crtbegin.o -L../build-tree -L/usr/lib/gcc/i586-alt-linux/8 -L/usr/lib/gcc/i586-alt-linux/8/../../.. ../build-tree/wrapper-test-fPIC.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib/gcc/i586-alt-linux/8/crtend.o /usr/lib/gcc/i586-alt-linux/8/../../../crtn.o ../build-tree/wrapper-test-fPIC ../build-tree/wrapper-test-fPIC: ok (0x80491c0) # Make sure build fails due to -Werror=format-security ! ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-format-security format.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-format-security format.c format.c: In function 'main': format.c:11:5: error: format not a string literal and no format arguments [-Werror=format-security] return fprintf(stderr, argv[0]); ^~~~~~ cc1: some warnings being treated as errors # Make sure build succeeds with -Wno-format-security ../build-tree/hardened-cc -B ../build-tree/ -O2 -Wno-format-security -o ../build-tree/wrapper-test-format-security format.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -Wno-format-security -o ../build-tree/wrapper-test-format-security format.c /usr/bin/ld -z relro -z now -plugin /usr/libexec/gcc/i586-alt-linux/8/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/i586-alt-linux/8/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/cczcWSWJ.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-format-security /usr/lib/gcc/i586-alt-linux/8/../../../crt1.o /usr/lib/gcc/i586-alt-linux/8/../../../crti.o /usr/lib/gcc/i586-alt-linux/8/crtbegin.o -L../build-tree -L/usr/lib/gcc/i586-alt-linux/8 -L/usr/lib/gcc/i586-alt-linux/8/../../.. /usr/src/tmp/ccOF3RGR.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib/gcc/i586-alt-linux/8/crtend.o /usr/lib/gcc/i586-alt-linux/8/../../../crtn.o # Make sure build stack-protects a small ssp buffer ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-size-protect ssp-buffer-size-protect.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-size-protect ssp-buffer-size-protect.c /usr/bin/ld -z relro -z now -plugin /usr/libexec/gcc/i586-alt-linux/8/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/i586-alt-linux/8/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/ccgsIdbl.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-ssp-buffer-size-protect /usr/lib/gcc/i586-alt-linux/8/../../../crt1.o /usr/lib/gcc/i586-alt-linux/8/../../../crti.o /usr/lib/gcc/i586-alt-linux/8/crtbegin.o -L../build-tree -L/usr/lib/gcc/i586-alt-linux/8 -L/usr/lib/gcc/i586-alt-linux/8/../../.. /usr/src/tmp/cc8Yt13g.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib/gcc/i586-alt-linux/8/crtend.o /usr/lib/gcc/i586-alt-linux/8/../../../crtn.o # Test Stack Protector nm ../build-tree/wrapper-test-ssp-buffer-size-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Make sure build stack-protects a non-char array ../build-tree/hardened-cc -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-type-protect ssp-buffer-type-protect.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -o ../build-tree/wrapper-test-ssp-buffer-type-protect ssp-buffer-type-protect.c /usr/bin/ld -z relro -z now -plugin /usr/libexec/gcc/i586-alt-linux/8/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/i586-alt-linux/8/lto-wrapper -plugin-opt=-fresolution=/usr/src/tmp/ccIbHQll.res -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc -plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id --no-add-needed --eh-frame-hdr --hash-style=gnu --as-needed -m elf_i386 -dynamic-linker /lib/ld-linux.so.2 -o ../build-tree/wrapper-test-ssp-buffer-type-protect /usr/lib/gcc/i586-alt-linux/8/../../../crt1.o /usr/lib/gcc/i586-alt-linux/8/../../../crti.o /usr/lib/gcc/i586-alt-linux/8/crtbegin.o -L../build-tree -L/usr/lib/gcc/i586-alt-linux/8 -L/usr/lib/gcc/i586-alt-linux/8/../../.. /usr/src/tmp/ccYXylIf.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc -lgcc --push-state --as-needed -lgcc_s --pop-state /usr/lib/gcc/i586-alt-linux/8/crtend.o /usr/lib/gcc/i586-alt-linux/8/../../../crtn.o # Test Stack Protector nm ../build-tree/wrapper-test-ssp-buffer-type-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 ../build-tree/hardened-cc -B ../build-tree/ -O2 -c -o ../build-tree/wrapper-test-all.o hello.c /usr/bin/gcc_wrapper -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -B ../build-tree/ -O2 -c -o ../build-tree/wrapper-test-all.o hello.c ar r ../build-tree/wrapper-test-all.a ../build-tree/wrapper-test-all.o ar: creating ../build-tree/wrapper-test-all.a readelf -ldrsW ../build-tree/wrapper-test-all.a File: ../build-tree/wrapper-test-all.a(wrapper-test-all.o) There are no program headers in this file. There is no dynamic section in this file. Relocation section '.rel.text' at offset 0x2e4 contains 6 entries: Offset Info Type Sym. Value Symbol's Name 0000001e 00000501 R_386_32 00000000 .rodata.str1.1 0000002d 00000b02 R_386_PC32 00000000 snprintf 00000032 00000a01 R_386_32 00000000 announcement 00000038 00000501 R_386_32 00000000 .rodata.str1.1 0000003f 00000c02 R_386_PC32 00000000 __printf_chk 0000005f 00000d02 R_386_PC32 00000000 __stack_chk_fail Relocation section '.rel.text.startup' at offset 0x314 contains 1 entry: Offset Info Type Sym. Value Symbol's Name 00000017 00000a02 R_386_PC32 00000000 announcement Relocation section '.rel.eh_frame' at offset 0x31c contains 2 entries: Offset Info Type Sym. Value Symbol's Name 00000020 00000202 R_386_PC32 00000000 .text 00000068 00000602 R_386_PC32 00000000 .text.startup Symbol table '.symtab' contains 15 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 00000000 0 SECTION LOCAL DEFAULT 1 3: 00000000 0 SECTION LOCAL DEFAULT 3 4: 00000000 0 SECTION LOCAL DEFAULT 4 5: 00000000 0 SECTION LOCAL DEFAULT 5 6: 00000000 0 SECTION LOCAL DEFAULT 6 7: 00000000 0 SECTION LOCAL DEFAULT 9 8: 00000000 0 SECTION LOCAL DEFAULT 10 9: 00000000 0 SECTION LOCAL DEFAULT 8 10: 00000000 99 FUNC GLOBAL DEFAULT 1 announcement 11: 00000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 12: 00000000 0 NOTYPE GLOBAL DEFAULT UND __printf_chk 13: 00000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 14: 00000000 46 FUNC GLOBAL DEFAULT 6 main perl ../build-tree/hardening-check -p ../build-tree/wrapper-test-all.a ../build-tree/wrapper-test-all.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) DEB_BUILD_HARDENING=0 ../build-tree/hardened-cc -B ../build-tree/ -c -o ../build-tree/wrapper-test-none.o hello.c /usr/bin/gcc_wrapper -B ../build-tree/ -c -o ../build-tree/wrapper-test-none.o hello.c ar r ../build-tree/wrapper-test-none.a ../build-tree/wrapper-test-none.o ar: creating ../build-tree/wrapper-test-none.a readelf -ldrsW ../build-tree/wrapper-test-none.a File: ../build-tree/wrapper-test-none.a(wrapper-test-none.o) There are no program headers in this file. There is no dynamic section in this file. Relocation section '.rel.text' at offset 0x294 contains 7 entries: Offset Info Type Sym. Value Symbol's Name 00000024 00000501 R_386_32 00000000 .rodata 00000035 00000a02 R_386_PC32 00000000 snprintf 00000040 00000901 R_386_32 00000000 announcement 0000004c 00000501 R_386_32 00000000 .rodata 00000051 00000b02 R_386_PC32 00000000 printf 00000065 00000c02 R_386_PC32 00000000 __stack_chk_fail 00000088 00000902 R_386_PC32 00000000 announcement Relocation section '.rel.eh_frame' at offset 0x2cc contains 2 entries: Offset Info Type Sym. Value Symbol's Name 00000020 00000202 R_386_PC32 00000000 .text 00000040 00000202 R_386_PC32 00000000 .text Symbol table '.symtab' contains 14 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 00000000 0 SECTION LOCAL DEFAULT 1 3: 00000000 0 SECTION LOCAL DEFAULT 3 4: 00000000 0 SECTION LOCAL DEFAULT 4 5: 00000000 0 SECTION LOCAL DEFAULT 5 6: 00000000 0 SECTION LOCAL DEFAULT 7 7: 00000000 0 SECTION LOCAL DEFAULT 8 8: 00000000 0 SECTION LOCAL DEFAULT 6 9: 00000000 107 FUNC GLOBAL DEFAULT 1 announcement 10: 00000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 11: 00000000 0 NOTYPE GLOBAL DEFAULT UND printf 12: 00000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 13: 0000006b 52 FUNC GLOBAL DEFAULT 1 main if perl ../build-tree/hardening-check -p ../build-tree/wrapper-test-none.a; then exit 1; fi ../build-tree/wrapper-test-none.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) make[2]: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make -f Makefile.includes check make[2]: Entering directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' # Compiler and linker options disabled. DEB_BUILD_HARDENING=0 cc -o ../build-tree/includes-test-stock hello.c readelf -ldrsW ../build-tree/includes-test-stock Elf file type is EXEC (Executable file) Entry point 0x8049090 There are 11 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00160 0x00160 R 0x4 INTERP 0x000194 0x08048194 0x08048194 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x0034c 0x0034c R 0x1000 LOAD 0x001000 0x08049000 0x08049000 0x002a8 0x002a8 R E 0x1000 LOAD 0x002000 0x0804a000 0x0804a000 0x00158 0x00158 R 0x1000 LOAD 0x002f0c 0x0804bf0c 0x0804bf0c 0x00114 0x00118 RW 0x1000 DYNAMIC 0x002f14 0x0804bf14 0x0804bf14 0x000e8 0x000e8 RW 0x4 NOTE 0x0001a8 0x080481a8 0x080481a8 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x00201c 0x0804a01c 0x0804a01c 0x0003c 0x0003c R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x002f0c 0x0804bf0c 0x0804bf0c 0x000f4 0x000f4 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .dynamic .got .got.plt .data .bss 06 .dynamic 07 .note.ABI-tag .note.gnu.build-id 08 .eh_frame_hdr 09 10 .init_array .fini_array .dynamic .got Dynamic section at offset 0x2f14 contains 24 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x8049000 0x0000000d (FINI) 0x8049294 0x00000019 (INIT_ARRAY) 0x804bf0c 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x804bf10 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ec 0x00000005 (STRTAB) 0x804827c 0x00000006 (SYMTAB) 0x804820c 0x0000000a (STRSZ) 105 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804c000 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x804832c 0x00000011 (REL) 0x8048324 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x80482f4 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482e6 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x324 contains 1 entry: Offset Info Type Sym. Value Symbol's Name 0804bffc 00000306 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x32c contains 4 entries: Offset Info Type Sym. Value Symbol's Name 0804c00c 00000107 R_386_JUMP_SLOT 00000000 printf@GLIBC_2.0 0804c010 00000207 R_386_JUMP_SLOT 00000000 __stack_chk_fail@GLIBC_2.4 0804c014 00000407 R_386_JUMP_SLOT 00000000 __libc_start_main@GLIBC_2.0 0804c018 00000507 R_386_JUMP_SLOT 00000000 snprintf@GLIBC_2.0 Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND printf@GLIBC_2.0 (2) 2: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (3) 3: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 4: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (2) 5: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (2) 6: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used Symbol table '.symtab' contains 76 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048194 0 SECTION LOCAL DEFAULT 1 2: 080481a8 0 SECTION LOCAL DEFAULT 2 3: 080481c8 0 SECTION LOCAL DEFAULT 3 4: 080481ec 0 SECTION LOCAL DEFAULT 4 5: 0804820c 0 SECTION LOCAL DEFAULT 5 6: 0804827c 0 SECTION LOCAL DEFAULT 6 7: 080482e6 0 SECTION LOCAL DEFAULT 7 8: 080482f4 0 SECTION LOCAL DEFAULT 8 9: 08048324 0 SECTION LOCAL DEFAULT 9 10: 0804832c 0 SECTION LOCAL DEFAULT 10 11: 08049000 0 SECTION LOCAL DEFAULT 11 12: 08049030 0 SECTION LOCAL DEFAULT 12 13: 08049080 0 SECTION LOCAL DEFAULT 13 14: 08049090 0 SECTION LOCAL DEFAULT 14 15: 08049294 0 SECTION LOCAL DEFAULT 15 16: 0804a000 0 SECTION LOCAL DEFAULT 16 17: 0804a01c 0 SECTION LOCAL DEFAULT 17 18: 0804a058 0 SECTION LOCAL DEFAULT 18 19: 0804bf0c 0 SECTION LOCAL DEFAULT 19 20: 0804bf10 0 SECTION LOCAL DEFAULT 20 21: 0804bf14 0 SECTION LOCAL DEFAULT 21 22: 0804bffc 0 SECTION LOCAL DEFAULT 22 23: 0804c000 0 SECTION LOCAL DEFAULT 23 24: 0804c01c 0 SECTION LOCAL DEFAULT 24 25: 0804c020 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 SECTION LOCAL DEFAULT 27 28: 00000000 0 SECTION LOCAL DEFAULT 28 29: 00000000 0 SECTION LOCAL DEFAULT 29 30: 00000000 0 SECTION LOCAL DEFAULT 30 31: 00000000 0 SECTION LOCAL DEFAULT 31 32: 00000000 0 SECTION LOCAL DEFAULT 32 33: 00000000 0 SECTION LOCAL DEFAULT 33 34: 00000000 0 FILE LOCAL DEFAULT ABS init.c 35: 00000000 0 FILE LOCAL DEFAULT ABS static-reloc.c 36: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 37: 080490d0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 38: 08049110 0 FUNC LOCAL DEFAULT 14 register_tm_clones 39: 08049150 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 40: 0804c020 1 OBJECT LOCAL DEFAULT 25 completed.7552 41: 0804bf10 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 42: 08049180 0 FUNC LOCAL DEFAULT 14 frame_dummy 43: 0804bf0c 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 44: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 45: 00000000 0 FILE LOCAL DEFAULT ABS elf-init.c 46: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 47: 0804a154 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 48: 00000000 0 FILE LOCAL DEFAULT ABS 49: 0804bf10 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 50: 0804bf14 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 51: 0804bf0c 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 52: 0804a01c 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 53: 0804c000 0 OBJECT LOCAL DEFAULT 23 _GLOBAL_OFFSET_TABLE_ 54: 08049290 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 55: 080490c0 4 FUNC GLOBAL HIDDEN 14 __x86.get_pc_thunk.bx 56: 0804c01c 0 NOTYPE WEAK DEFAULT 24 data_start 57: 00000000 0 FUNC GLOBAL DEFAULT UND printf@@GLIBC_2.0 58: 0804c020 0 NOTYPE GLOBAL DEFAULT 24 _edata 59: 08049294 0 FUNC GLOBAL DEFAULT 15 _fini 60: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 61: 0804c01c 0 NOTYPE GLOBAL DEFAULT 24 __data_start 62: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 63: 0804a008 0 OBJECT GLOBAL HIDDEN 16 __dso_handle 64: 08049182 107 FUNC GLOBAL DEFAULT 14 announcement 65: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 66: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 67: 08049230 85 FUNC GLOBAL DEFAULT 14 __libc_csu_init 68: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 69: 0804c024 0 NOTYPE GLOBAL DEFAULT 25 _end 70: 08049090 0 FUNC GLOBAL DEFAULT 14 _start 71: 0804a000 4 OBJECT GLOBAL DEFAULT 16 _fp_hw 72: 0804c020 0 NOTYPE GLOBAL DEFAULT 25 __bss_start 73: 080491ed 52 FUNC GLOBAL DEFAULT 14 main 74: 0804c020 0 OBJECT GLOBAL HIDDEN 24 __TMC_END__ 75: 08049000 0 FUNC GLOBAL DEFAULT 11 _init ../build-tree/includes-test-stock ../build-tree/includes-test-stock: ok (0x8049182) # Compiler options enabled. (linker is not wrapper) cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-compiled hello.c readelf -ldrsW ../build-tree/includes-test-compiled Elf file type is EXEC (Executable file) Entry point 0x80490be There are 11 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00160 0x00160 R 0x4 INTERP 0x000194 0x08048194 0x08048194 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00374 0x00374 R 0x1000 LOAD 0x001000 0x08049000 0x08049000 0x00298 0x00298 R E 0x1000 LOAD 0x002000 0x0804a000 0x0804a000 0x00180 0x00180 R 0x1000 LOAD 0x002ee0 0x0804bee0 0x0804bee0 0x00124 0x00128 RW 0x1000 DYNAMIC 0x002ee8 0x0804bee8 0x0804bee8 0x000f8 0x000f8 RW 0x4 NOTE 0x0001a8 0x080481a8 0x080481a8 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x00201c 0x0804a01c 0x0804a01c 0x0003c 0x0003c R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x002ee0 0x0804bee0 0x0804bee0 0x00120 0x00120 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .dynamic .got .data .bss 06 .dynamic 07 .note.ABI-tag .note.gnu.build-id 08 .eh_frame_hdr 09 10 .init_array .fini_array .dynamic .got Dynamic section at offset 0x2ee8 contains 26 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x8049000 0x0000000d (FINI) 0x8049284 0x00000019 (INIT_ARRAY) 0x804bee0 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x804bee4 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ec 0x00000005 (STRTAB) 0x804827c 0x00000006 (SYMTAB) 0x804820c 0x0000000a (STRSZ) 130 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804bfe0 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048354 0x00000011 (REL) 0x804834c 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x00000018 (BIND_NOW) 0x6ffffffb (FLAGS_1) Flags: NOW 0x6ffffffe (VERNEED) 0x804830c 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482fe 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x34c contains 1 entry: Offset Info Type Sym. Value Symbol's Name 0804bffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x354 contains 4 entries: Offset Info Type Sym. Value Symbol's Name 0804bfec 00000107 R_386_JUMP_SLOT 00000000 __stack_chk_fail@GLIBC_2.4 0804bff0 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main@GLIBC_2.0 0804bff4 00000407 R_386_JUMP_SLOT 00000000 snprintf@GLIBC_2.0 0804bff8 00000507 R_386_JUMP_SLOT 00000000 __printf_chk@GLIBC_2.3.4 Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (3) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (3) 5: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 6: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used Symbol table '.symtab' contains 75 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048194 0 SECTION LOCAL DEFAULT 1 2: 080481a8 0 SECTION LOCAL DEFAULT 2 3: 080481c8 0 SECTION LOCAL DEFAULT 3 4: 080481ec 0 SECTION LOCAL DEFAULT 4 5: 0804820c 0 SECTION LOCAL DEFAULT 5 6: 0804827c 0 SECTION LOCAL DEFAULT 6 7: 080482fe 0 SECTION LOCAL DEFAULT 7 8: 0804830c 0 SECTION LOCAL DEFAULT 8 9: 0804834c 0 SECTION LOCAL DEFAULT 9 10: 08048354 0 SECTION LOCAL DEFAULT 10 11: 08049000 0 SECTION LOCAL DEFAULT 11 12: 08049030 0 SECTION LOCAL DEFAULT 12 13: 08049080 0 SECTION LOCAL DEFAULT 13 14: 08049090 0 SECTION LOCAL DEFAULT 14 15: 08049284 0 SECTION LOCAL DEFAULT 15 16: 0804a000 0 SECTION LOCAL DEFAULT 16 17: 0804a01c 0 SECTION LOCAL DEFAULT 17 18: 0804a058 0 SECTION LOCAL DEFAULT 18 19: 0804bee0 0 SECTION LOCAL DEFAULT 19 20: 0804bee4 0 SECTION LOCAL DEFAULT 20 21: 0804bee8 0 SECTION LOCAL DEFAULT 21 22: 0804bfe0 0 SECTION LOCAL DEFAULT 22 23: 0804c000 0 SECTION LOCAL DEFAULT 23 24: 0804c004 0 SECTION LOCAL DEFAULT 24 25: 00000000 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 SECTION LOCAL DEFAULT 27 28: 00000000 0 SECTION LOCAL DEFAULT 28 29: 00000000 0 SECTION LOCAL DEFAULT 29 30: 00000000 0 SECTION LOCAL DEFAULT 30 31: 00000000 0 SECTION LOCAL DEFAULT 31 32: 00000000 0 SECTION LOCAL DEFAULT 32 33: 00000000 0 FILE LOCAL DEFAULT ABS init.c 34: 00000000 0 FILE LOCAL DEFAULT ABS static-reloc.c 35: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 36: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 37: 080490f0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 38: 08049130 0 FUNC LOCAL DEFAULT 14 register_tm_clones 39: 08049170 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 40: 0804c004 1 OBJECT LOCAL DEFAULT 24 completed.7552 41: 0804bee4 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 42: 080491a0 0 FUNC LOCAL DEFAULT 14 frame_dummy 43: 0804bee0 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 44: 00000000 0 FILE LOCAL DEFAULT ABS elf-init.c 45: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 46: 0804a17c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 47: 00000000 0 FILE LOCAL DEFAULT ABS 48: 0804bee4 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 49: 0804bee8 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 50: 0804bee0 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 51: 0804a01c 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 52: 0804bfe0 0 OBJECT LOCAL DEFAULT 22 _GLOBAL_OFFSET_TABLE_ 53: 08049280 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 54: 080490e0 4 FUNC GLOBAL HIDDEN 14 __x86.get_pc_thunk.bx 55: 0804c000 0 NOTYPE WEAK DEFAULT 23 data_start 56: 0804c004 0 NOTYPE GLOBAL DEFAULT 23 _edata 57: 08049284 0 FUNC GLOBAL DEFAULT 15 _fini 58: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 59: 0804c000 0 NOTYPE GLOBAL DEFAULT 23 __data_start 60: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 61: 0804a008 0 OBJECT GLOBAL HIDDEN 16 __dso_handle 62: 080491b0 99 FUNC GLOBAL DEFAULT 14 announcement 63: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 64: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 65: 08049220 85 FUNC GLOBAL DEFAULT 14 __libc_csu_init 66: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 67: 0804c008 0 NOTYPE GLOBAL DEFAULT 24 _end 68: 080490be 0 FUNC GLOBAL DEFAULT 14 _start 69: 0804a000 4 OBJECT GLOBAL DEFAULT 16 _fp_hw 70: 0804c004 0 NOTYPE GLOBAL DEFAULT 24 __bss_start 71: 08049090 46 FUNC GLOBAL DEFAULT 14 main 72: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 73: 0804c004 0 OBJECT GLOBAL HIDDEN 23 __TMC_END__ 74: 08049000 0 FUNC GLOBAL DEFAULT 11 _init # Run twice to show off PIE, if available in kernel ../build-tree/includes-test-compiled ../build-tree/includes-test-compiled: ok (0x80491b0) ../build-tree/includes-test-compiled ../build-tree/includes-test-compiled: ok (0x80491b0) # Compiler and linker options enabled. cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-linked hello.c readelf -ldrsW ../build-tree/includes-test-linked Elf file type is EXEC (Executable file) Entry point 0x80490be There are 11 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00160 0x00160 R 0x4 INTERP 0x000194 0x08048194 0x08048194 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x00374 0x00374 R 0x1000 LOAD 0x001000 0x08049000 0x08049000 0x00298 0x00298 R E 0x1000 LOAD 0x002000 0x0804a000 0x0804a000 0x00180 0x00180 R 0x1000 LOAD 0x002ee0 0x0804bee0 0x0804bee0 0x00124 0x00128 RW 0x1000 DYNAMIC 0x002ee8 0x0804bee8 0x0804bee8 0x000f8 0x000f8 RW 0x4 NOTE 0x0001a8 0x080481a8 0x080481a8 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x00201c 0x0804a01c 0x0804a01c 0x0003c 0x0003c R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 GNU_RELRO 0x002ee0 0x0804bee0 0x0804bee0 0x00120 0x00120 R 0x1 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .dynamic .got .data .bss 06 .dynamic 07 .note.ABI-tag .note.gnu.build-id 08 .eh_frame_hdr 09 10 .init_array .fini_array .dynamic .got Dynamic section at offset 0x2ee8 contains 26 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x8049000 0x0000000d (FINI) 0x8049284 0x00000019 (INIT_ARRAY) 0x804bee0 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x804bee4 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481ec 0x00000005 (STRTAB) 0x804827c 0x00000006 (SYMTAB) 0x804820c 0x0000000a (STRSZ) 130 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804bfe0 0x00000002 (PLTRELSZ) 32 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x8048354 0x00000011 (REL) 0x804834c 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x00000018 (BIND_NOW) 0x6ffffffb (FLAGS_1) Flags: NOW 0x6ffffffe (VERNEED) 0x804830c 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x80482fe 0x00000000 (NULL) 0x0 Relocation section '.rel.dyn' at offset 0x34c contains 1 entry: Offset Info Type Sym. Value Symbol's Name 0804bffc 00000206 R_386_GLOB_DAT 00000000 __gmon_start__ Relocation section '.rel.plt' at offset 0x354 contains 4 entries: Offset Info Type Sym. Value Symbol's Name 0804bfec 00000107 R_386_JUMP_SLOT 00000000 __stack_chk_fail@GLIBC_2.4 0804bff0 00000307 R_386_JUMP_SLOT 00000000 __libc_start_main@GLIBC_2.0 0804bff4 00000407 R_386_JUMP_SLOT 00000000 snprintf@GLIBC_2.0 0804bff8 00000507 R_386_JUMP_SLOT 00000000 __printf_chk@GLIBC_2.3.4 Symbol table '.dynsym' contains 7 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@GLIBC_2.4 (2) 2: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 3: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@GLIBC_2.0 (3) 4: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@GLIBC_2.0 (3) 5: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@GLIBC_2.3.4 (4) 6: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used Symbol table '.symtab' contains 75 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 08048194 0 SECTION LOCAL DEFAULT 1 2: 080481a8 0 SECTION LOCAL DEFAULT 2 3: 080481c8 0 SECTION LOCAL DEFAULT 3 4: 080481ec 0 SECTION LOCAL DEFAULT 4 5: 0804820c 0 SECTION LOCAL DEFAULT 5 6: 0804827c 0 SECTION LOCAL DEFAULT 6 7: 080482fe 0 SECTION LOCAL DEFAULT 7 8: 0804830c 0 SECTION LOCAL DEFAULT 8 9: 0804834c 0 SECTION LOCAL DEFAULT 9 10: 08048354 0 SECTION LOCAL DEFAULT 10 11: 08049000 0 SECTION LOCAL DEFAULT 11 12: 08049030 0 SECTION LOCAL DEFAULT 12 13: 08049080 0 SECTION LOCAL DEFAULT 13 14: 08049090 0 SECTION LOCAL DEFAULT 14 15: 08049284 0 SECTION LOCAL DEFAULT 15 16: 0804a000 0 SECTION LOCAL DEFAULT 16 17: 0804a01c 0 SECTION LOCAL DEFAULT 17 18: 0804a058 0 SECTION LOCAL DEFAULT 18 19: 0804bee0 0 SECTION LOCAL DEFAULT 19 20: 0804bee4 0 SECTION LOCAL DEFAULT 20 21: 0804bee8 0 SECTION LOCAL DEFAULT 21 22: 0804bfe0 0 SECTION LOCAL DEFAULT 22 23: 0804c000 0 SECTION LOCAL DEFAULT 23 24: 0804c004 0 SECTION LOCAL DEFAULT 24 25: 00000000 0 SECTION LOCAL DEFAULT 25 26: 00000000 0 SECTION LOCAL DEFAULT 26 27: 00000000 0 SECTION LOCAL DEFAULT 27 28: 00000000 0 SECTION LOCAL DEFAULT 28 29: 00000000 0 SECTION LOCAL DEFAULT 29 30: 00000000 0 SECTION LOCAL DEFAULT 30 31: 00000000 0 SECTION LOCAL DEFAULT 31 32: 00000000 0 SECTION LOCAL DEFAULT 32 33: 00000000 0 FILE LOCAL DEFAULT ABS init.c 34: 00000000 0 FILE LOCAL DEFAULT ABS static-reloc.c 35: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 36: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 37: 080490f0 0 FUNC LOCAL DEFAULT 14 deregister_tm_clones 38: 08049130 0 FUNC LOCAL DEFAULT 14 register_tm_clones 39: 08049170 0 FUNC LOCAL DEFAULT 14 __do_global_dtors_aux 40: 0804c004 1 OBJECT LOCAL DEFAULT 24 completed.7552 41: 0804bee4 0 OBJECT LOCAL DEFAULT 20 __do_global_dtors_aux_fini_array_entry 42: 080491a0 0 FUNC LOCAL DEFAULT 14 frame_dummy 43: 0804bee0 0 OBJECT LOCAL DEFAULT 19 __frame_dummy_init_array_entry 44: 00000000 0 FILE LOCAL DEFAULT ABS elf-init.c 45: 00000000 0 FILE LOCAL DEFAULT ABS crtstuff.c 46: 0804a17c 0 OBJECT LOCAL DEFAULT 18 __FRAME_END__ 47: 00000000 0 FILE LOCAL DEFAULT ABS 48: 0804bee4 0 NOTYPE LOCAL DEFAULT 19 __init_array_end 49: 0804bee8 0 OBJECT LOCAL DEFAULT 21 _DYNAMIC 50: 0804bee0 0 NOTYPE LOCAL DEFAULT 19 __init_array_start 51: 0804a01c 0 NOTYPE LOCAL DEFAULT 17 __GNU_EH_FRAME_HDR 52: 0804bfe0 0 OBJECT LOCAL DEFAULT 22 _GLOBAL_OFFSET_TABLE_ 53: 08049280 1 FUNC GLOBAL DEFAULT 14 __libc_csu_fini 54: 080490e0 4 FUNC GLOBAL HIDDEN 14 __x86.get_pc_thunk.bx 55: 0804c000 0 NOTYPE WEAK DEFAULT 23 data_start 56: 0804c004 0 NOTYPE GLOBAL DEFAULT 23 _edata 57: 08049284 0 FUNC GLOBAL DEFAULT 15 _fini 58: 00000000 0 FUNC GLOBAL DEFAULT UND __stack_chk_fail@@GLIBC_2.4 59: 0804c000 0 NOTYPE GLOBAL DEFAULT 23 __data_start 60: 00000000 0 NOTYPE WEAK DEFAULT UND __gmon_start__ 61: 0804a008 0 OBJECT GLOBAL HIDDEN 16 __dso_handle 62: 080491b0 99 FUNC GLOBAL DEFAULT 14 announcement 63: 0804a004 4 OBJECT GLOBAL DEFAULT 16 _IO_stdin_used 64: 00000000 0 FUNC GLOBAL DEFAULT UND __libc_start_main@@GLIBC_2.0 65: 08049220 85 FUNC GLOBAL DEFAULT 14 __libc_csu_init 66: 00000000 0 FUNC GLOBAL DEFAULT UND snprintf@@GLIBC_2.0 67: 0804c008 0 NOTYPE GLOBAL DEFAULT 24 _end 68: 080490be 0 FUNC GLOBAL DEFAULT 14 _start 69: 0804a000 4 OBJECT GLOBAL DEFAULT 16 _fp_hw 70: 0804c004 0 NOTYPE GLOBAL DEFAULT 24 __bss_start 71: 08049090 46 FUNC GLOBAL DEFAULT 14 main 72: 00000000 0 FUNC GLOBAL DEFAULT UND __printf_chk@@GLIBC_2.3.4 73: 0804c004 0 OBJECT GLOBAL HIDDEN 23 __TMC_END__ 74: 08049000 0 FUNC GLOBAL DEFAULT 11 _init # Run twice to show off PIE, if available in kernel ../build-tree/includes-test-linked ../build-tree/includes-test-linked: ok (0x80491b0) ../build-tree/includes-test-linked ../build-tree/includes-test-linked: ok (0x80491b0) # Check state of hardening features via check script perl ../build-tree/hardening-check -p ../build-tree/includes-test-linked ../build-tree/includes-test-linked: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes # Manually check state of hardening features # Skipped PIE test # Test Stack Protector nm ../build-tree/includes-test-linked | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Test Fortify nm ../build-tree/includes-test-linked | egrep '__(sn)?printf_chk($|@@GLIBC)' U __printf_chk@@GLIBC_2.3.4 # Test Format (no-op currently) # Test for RELRO readelf -lW ../build-tree/includes-test-linked | grep GNU_RELRO GNU_RELRO 0x002ee0 0x0804bee0 0x0804bee0 0x00120 0x00120 R 0x1 # Test for BIND_NOW readelf -dW ../build-tree/includes-test-linked | grep BIND_NOW 0x00000018 (BIND_NOW) # Build directly with -fPIC already defined cc -fPIC -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-fPIC-direct hello.c ../build-tree/includes-test-fPIC-direct ../build-tree/includes-test-fPIC-direct: ok (0x80491c0) # Build .o with -fPIC already defined cc -fPIC -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-fPIC.o -c hello.c # Link .o with -fPIC already defined cc -fPIC -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-fPIC ../build-tree/includes-test-fPIC.o ../build-tree/includes-test-fPIC ../build-tree/includes-test-fPIC: ok (0x80491c0) # Make sure build fails due to -Werror=format-security ! cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-format-security format.c format.c: In function 'main': format.c:11:5: error: format not a string literal and no format arguments [-Werror=format-security] return fprintf(stderr, argv[0]); ^~~~~~ cc1: some warnings being treated as errors # Make sure build succeeds with -Wno-format-security cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wno-format-security -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-format-security format.c # Make sure build stack-protects a small ssp buffer cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-ssp-buffer-size-protect ssp-buffer-size-protect.c # Test Stack Protector nm ../build-tree/includes-test-ssp-buffer-size-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 # Make sure build stack-protects a non-char array cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -o ../build-tree/includes-test-ssp-buffer-type-protect ssp-buffer-type-protect.c # Test Stack Protector nm ../build-tree/includes-test-ssp-buffer-type-protect | egrep '__stack_chk_fail($|@@GLIBC)' U __stack_chk_fail@@GLIBC_2.4 cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -c -o ../build-tree/includes-test-all.o hello.c ar r ../build-tree/includes-test-all.a ../build-tree/includes-test-all.o ar: creating ../build-tree/includes-test-all.a readelf -ldrsW ../build-tree/includes-test-all.a File: ../build-tree/includes-test-all.a(includes-test-all.o) There are no program headers in this file. There is no dynamic section in this file. Relocation section '.rel.text' at offset 0x2e4 contains 6 entries: Offset Info Type Sym. Value Symbol's Name 0000001e 00000501 R_386_32 00000000 .rodata.str1.1 0000002d 00000b02 R_386_PC32 00000000 snprintf 00000032 00000a01 R_386_32 00000000 announcement 00000038 00000501 R_386_32 00000000 .rodata.str1.1 0000003f 00000c02 R_386_PC32 00000000 __printf_chk 0000005f 00000d02 R_386_PC32 00000000 __stack_chk_fail Relocation section '.rel.text.startup' at offset 0x314 contains 1 entry: Offset Info Type Sym. Value Symbol's Name 00000017 00000a02 R_386_PC32 00000000 announcement Relocation section '.rel.eh_frame' at offset 0x31c contains 2 entries: Offset Info Type Sym. Value Symbol's Name 00000020 00000202 R_386_PC32 00000000 .text 00000068 00000602 R_386_PC32 00000000 .text.startup Symbol table '.symtab' contains 15 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 00000000 0 SECTION LOCAL DEFAULT 1 3: 00000000 0 SECTION LOCAL DEFAULT 3 4: 00000000 0 SECTION LOCAL DEFAULT 4 5: 00000000 0 SECTION LOCAL DEFAULT 5 6: 00000000 0 SECTION LOCAL DEFAULT 6 7: 00000000 0 SECTION LOCAL DEFAULT 9 8: 00000000 0 SECTION LOCAL DEFAULT 10 9: 00000000 0 SECTION LOCAL DEFAULT 8 10: 00000000 99 FUNC GLOBAL DEFAULT 1 announcement 11: 00000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 12: 00000000 0 NOTYPE GLOBAL DEFAULT UND __printf_chk 13: 00000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 14: 00000000 46 FUNC GLOBAL DEFAULT 6 main perl ../build-tree/hardening-check -p ../build-tree/includes-test-all.a ../build-tree/includes-test-all.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) DEB_BUILD_HARDENING=0 cc -c -o ../build-tree/includes-test-none.o hello.c ar r ../build-tree/includes-test-none.a ../build-tree/includes-test-none.o ar: creating ../build-tree/includes-test-none.a readelf -ldrsW ../build-tree/includes-test-none.a File: ../build-tree/includes-test-none.a(includes-test-none.o) There are no program headers in this file. There is no dynamic section in this file. Relocation section '.rel.text' at offset 0x294 contains 7 entries: Offset Info Type Sym. Value Symbol's Name 00000024 00000501 R_386_32 00000000 .rodata 00000035 00000a02 R_386_PC32 00000000 snprintf 00000040 00000901 R_386_32 00000000 announcement 0000004c 00000501 R_386_32 00000000 .rodata 00000051 00000b02 R_386_PC32 00000000 printf 00000065 00000c02 R_386_PC32 00000000 __stack_chk_fail 00000088 00000902 R_386_PC32 00000000 announcement Relocation section '.rel.eh_frame' at offset 0x2cc contains 2 entries: Offset Info Type Sym. Value Symbol's Name 00000020 00000202 R_386_PC32 00000000 .text 00000040 00000202 R_386_PC32 00000000 .text Symbol table '.symtab' contains 14 entries: Num: Value Size Type Bind Vis Ndx Name 0: 00000000 0 NOTYPE LOCAL DEFAULT UND 1: 00000000 0 FILE LOCAL DEFAULT ABS hello.c 2: 00000000 0 SECTION LOCAL DEFAULT 1 3: 00000000 0 SECTION LOCAL DEFAULT 3 4: 00000000 0 SECTION LOCAL DEFAULT 4 5: 00000000 0 SECTION LOCAL DEFAULT 5 6: 00000000 0 SECTION LOCAL DEFAULT 7 7: 00000000 0 SECTION LOCAL DEFAULT 8 8: 00000000 0 SECTION LOCAL DEFAULT 6 9: 00000000 107 FUNC GLOBAL DEFAULT 1 announcement 10: 00000000 0 NOTYPE GLOBAL DEFAULT UND snprintf 11: 00000000 0 NOTYPE GLOBAL DEFAULT UND printf 12: 00000000 0 NOTYPE GLOBAL DEFAULT UND __stack_chk_fail 13: 0000006b 52 FUNC GLOBAL DEFAULT 1 main if perl ../build-tree/hardening-check -p ../build-tree/includes-test-none.a; then exit 1; fi ../build-tree/includes-test-none.a: Position Independent Executable: no, object archive (ignored) Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, non-ELF (ignored) Immediate binding: no, non-ELF (ignored) # Disable stack protector cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -fno-stack-protector -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: no, not found! Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: yes # Disable fortify cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -U_FORTIFY_SOURCE -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: yes Immediate binding: yes # Disable relro cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -Wl,-z,norelro -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, not found! Immediate binding: yes # Disable bindnow cc -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 -Wl,-z,relro -Wl,-z,now -Wl,-z,lazy -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: no, not found! # Disable everything cc \ -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -O2 \ -Wl,-z,relro -Wl,-z,now \ -fno-stack-protector \ -U_FORTIFY_SOURCE \ -Wno-format-security \ -Wl,-z,norelro \ -Wl,-z,lazy \ -o ../build-tree/includes-disabled hello.c if perl ../build-tree/hardening-check -p ../build-tree/includes-disabled; then exit 1; fi ../build-tree/includes-disabled: Position Independent Executable: no, normal executable! (ignored) Stack protected: no, not found! Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, not found! Immediate binding: no, not found! readelf -ldW ../build-tree/includes-disabled Elf file type is EXEC (Executable file) Entry point 0x80490ae There are 10 program headers, starting at offset 52 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align PHDR 0x000034 0x08048034 0x08048034 0x00140 0x00140 R 0x4 INTERP 0x000174 0x08048174 0x08048174 0x00013 0x00013 R 0x1 [Requesting program interpreter: /lib/ld-linux.so.2] LOAD 0x000000 0x08048000 0x08048000 0x002e8 0x002e8 R 0x1000 LOAD 0x001000 0x08049000 0x08049000 0x00258 0x00258 R E 0x1000 LOAD 0x002000 0x0804a000 0x0804a000 0x0017c 0x0017c R 0x1000 LOAD 0x00217c 0x0804b17c 0x0804b17c 0x00110 0x00114 RW 0x1000 DYNAMIC 0x002184 0x0804b184 0x0804b184 0x000e8 0x000e8 RW 0x4 NOTE 0x000188 0x08048188 0x08048188 0x00044 0x00044 R 0x4 GNU_EH_FRAME 0x00201c 0x0804a01c 0x0804a01c 0x0003c 0x0003c R 0x4 GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x10 Section to Segment mapping: Segment Sections... 00 01 .interp 02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt 03 .init .plt .plt.got .text .fini 04 .rodata .eh_frame_hdr .eh_frame 05 .init_array .fini_array .dynamic .got .got.plt .data .bss 06 .dynamic 07 .note.ABI-tag .note.gnu.build-id 08 .eh_frame_hdr 09 Dynamic section at offset 0x2184 contains 24 entries: Tag Type Name/Value 0x00000001 (NEEDED) Shared library: [libc.so.6] 0x0000000c (INIT) 0x8049000 0x0000000d (FINI) 0x8049244 0x00000019 (INIT_ARRAY) 0x804b17c 0x0000001b (INIT_ARRAYSZ) 4 (bytes) 0x0000001a (FINI_ARRAY) 0x804b180 0x0000001c (FINI_ARRAYSZ) 4 (bytes) 0x6ffffef5 (GNU_HASH) 0x80481cc 0x00000005 (STRTAB) 0x804824c 0x00000006 (SYMTAB) 0x80481ec 0x0000000a (STRSZ) 78 (bytes) 0x0000000b (SYMENT) 16 (bytes) 0x00000015 (DEBUG) 0x0 0x00000003 (PLTGOT) 0x804b270 0x00000002 (PLTRELSZ) 24 (bytes) 0x00000014 (PLTREL) REL 0x00000017 (JMPREL) 0x80482d0 0x00000011 (REL) 0x80482c8 0x00000012 (RELSZ) 8 (bytes) 0x00000013 (RELENT) 8 (bytes) 0x6ffffffe (VERNEED) 0x80482a8 0x6fffffff (VERNEEDNUM) 1 0x6ffffff0 (VERSYM) 0x804829a 0x00000000 (NULL) 0x0 make[2]: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make[1]: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper/tests' make: Leaving directory '/usr/src/RPM/BUILD/hardening-wrapper-2.6/hardening-wrapper' + exit 0 Processing files: hardening-check-2.6-alt1 Executing(%doc): /bin/sh -e /usr/src/tmp/rpm-tmp.16003 + umask 022 + /bin/mkdir -p /usr/src/RPM/BUILD + cd /usr/src/RPM/BUILD + cd hardening-wrapper-2.6 + DOCDIR=/usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + export DOCDIR + rm -rf /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + /bin/mkdir -p /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/TODO /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/debian/README.Debian /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/debian/changelog /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/AUTHORS /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + cp -prL hardening-wrapper/debian/copyright /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R go-w /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + chmod -R a+rX /usr/src/tmp/hardening-wrapper-buildroot/usr/share/doc/hardening-check-2.6 + exit 0 Finding Provides (using /usr/lib/rpm/find-provides) Executing: /bin/sh -e /usr/src/tmp/rpm-tmp.jtd3aJ find-provides: running scripts (debuginfo,lib,pam,perl,pkgconfig,python,shell) Finding Requires (using /usr/lib/rpm/find-requires) Executing: /bin/sh -e /usr/src/tmp/rpm-tmp.3n4M8F find-requires: running scripts (cpp,debuginfo,files,lib,pam,perl,pkgconfig,pkgconfiglib,python,rpmlib,shebang,shell,static,symlinks) /usr/src/tmp/hardening-wrapper-buildroot/usr/bin/hardening-check syntax OK Requires: binutils, /usr/bin/perl, perl(Getopt/Long.pm), perl(IPC/Open3.pm), perl(Pod/Usage.pm), perl(Symbol.pm), perl(Term/ANSIColor.pm) Wrote: /usr/src/RPM/RPMS/noarch/hardening-check-2.6-alt1.noarch.rpm 6.99user 1.56system 0:10.15elapsed 84%CPU (0avgtext+0avgdata 20008maxresident)k 0inputs+0outputs (0major+293645minor)pagefaults 0swaps 12.71user 6.07system 0:20.21elapsed 92%CPU (0avgtext+0avgdata 114516maxresident)k 0inputs+0outputs (0major+555054minor)pagefaults 0swaps