[asterisk-bugs] [JIRA] (ASTERISK-28685) check_expr2: linking (when hardening) and cross-compiling troubles

Sebastian Kemper (JIRA) noreply at issues.asterisk.org
Sun Jan 12 05:18:25 CST 2020 

Sebastian Kemper created ASTERISK-28685:
-------------------------------------------

             Summary: check_expr2: linking (when hardening) and cross-compiling troubles
                 Key: ASTERISK-28685
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28685
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
          Components: Utilities/General
    Affects Versions: 16.6.1
         Environment: OpenWrt gcc-8.3.0, binutils 2.31.1
            Reporter: Sebastian Kemper
            Severity: Minor


Hi all,

Honestly I'm not too sure what check_expr2 is used for, but we bundle it as an optional package on OpenWrt.

In the past we already had to comment out the test run "./check_expr2 expr2.testinput" because we're cross-compiling. And now OpenWrt introduced another hardening option into our buildroot: ASLR PIE. It's not enabled by default (yet), but if you select it the asterisk package fails to build:

ccache_cc -g -c -I/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.6.1/include -DSTANDALONE /home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.6.1/main/ast_expr2f.c -o ast_expr2fz.o
cc1: note: someone does not honour COPTS correctly, passed 0 times
ccache_cc -g -c -I/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.6.1/include -DSTANDALONE2 /home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.6.1/main/ast_expr2.c -o ast_expr2z.o
cc1: note: someone does not honour COPTS correctly, passed 0 times
ccache_cc -g -o check_expr2 ast_expr2fz.o ast_expr2z.o astmm.o -lm -L/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib -L/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/lib -L/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/usr/lib -L/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib -fpic -specs=/home/sk/tmp/openwrt/include/hardened-ld-pie.specs -znow -zrelro -L/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libiconv-stub/lib -Wl,-rpath-link=/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libiconv-stub/lib -L/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libintl-stub/lib -Wl,-rpath-link=/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libintl-stub/lib   
/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: ast_expr2fz.o: relocation R_MIPS_HI16 against `stdin' can not be used when making a shared object; recompile with -fPIC
/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: ast_expr2z.o: relocation R_MIPS_26 against `a local symbol' can not be used when making a shared object; recompile with -fPIC
/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: non-dynamic relocations refer to dynamic symbol stdin
/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

So the first thing that happens is that the compiler warns us that there are no compiler flags provided. And this is followed by linker failure.

I'm not sure why Asterisk chooses to compile the objects that make up check_expr2 without compiler flags. Maybe it's just an oversight. When I add them all this goes away.

I also ran check_expr2 (so, the one compiled with the compiler flags) against the test file on a target device. The output looks reasonable to me:

root at hank2:/tmp# ./check_expr2 expr2.testinput 
Expression: 2 + 2    Result: [1] '4'
Expression:       2     +       2                Result: [1] '4'
Expression:     Result: [0] ''
Expression: 2 - 4    Result: [2] '-2'
Expression: 4 - 2    Result: [1] '2'
Expression: -4 - -2    Result: [2] '-2'
Expression: 4 + 2 * 8    Result: [2] '20'
Expression: (4 + 2) * 8    Result: [2] '48'
Expression: 4 + (2 * 8)    Result: [2] '20'
Expression: 4 + (2 * 8) ? 3 :: 6    Result: [1] '3'
Expression: 4 + 8 / 2    Result: [1] '8'
Expression: 4 + 8 / 3    Result: [19] '6.66666666666666607'
Expression: (4+8) / 3    Result: [1] '4'
Expression: 4 + 8 % 3    Result: [1] '6'
Expression: 4 + 9 % 3    Result: [1] '4'
Expression: (4+9) %3    Result: [1] '1'
Expression: (4+8) %3    Result: [1] '0'
Expression: (4+9) %3    Result: [1] '1'
Expression: (4+8) %3    Result: [1] '0'
Expression: (4+9) % 3    Result: [1] '1'
Expression: (4+8) % 3    Result: [1] '0'
Expression: (4+9) % 3    Result: [1] '1'
Expression: (4+8) % 3    Result: [1] '0'
Expression: (4+9)% 3    Result: [1] '1'
Expression: (4+8)% 3    Result: [1] '0'
Expression: (4+9)% 3    Result: [1] '1'
Expression: (4+8)% 3    Result: [1] '0'
Expression: 4 & 4    Result: [1] '4'
Expression: 0 & 4    Result: [1] '0'
Expression: 0 & 0    Result: [1] '0'
Expression: 2 | 0    Result: [1] '2'
Expression: 2 | 4    Result: [1] '2'
Expression: 0 | 0    Result: [1] '0'
Expression: !0 | 0    Result: [1] '1'
Expression: !4 | 0    Result: [1] '0'
Expression: 4 | !0    Result: [1] '4'
Expression: !4 | !0    Result: [1] '1'
Expression: 3 < 4    Result: [1] '1'
Expression: 4 < 3    Result: [1] '0'
Expression: 3 > 4    Result: [1] '0'
Expression: 4 > 3    Result: [1] '1'
Expression: 3 = 3    Result: [1] '1'
Expression: 3 = 4    Result: [1] '0'
Expression: 3 != 3    Result: [1] '0'
Expression: 3 != 4    Result: [1] '1'
Expression: 3 >= 4    Result: [1] '0'
Expression: 3 >= 3    Result: [1] '1'
Expression: 4 >= 3    Result: [1] '1'
Expression: 3 <= 4    Result: [1] '1'
Expression: 4 <= 3    Result: [1] '0'
Expression: 4 <= 4    Result: [1] '1'
Expression: 3 > 4 & 4 < 3    Result: [1] '0'
Expression: 4 > 3 & 3 < 4    Result: [1] '1'
Expression: x = x    Result: [1] '1'
Expression: y = x    Result: [1] '0'
Expression: x != y    Result: [1] '1'
Expression: x != x    Result: [1] '0'
Expression: "Something interesting" =~ interesting    Result: [2] '11'
Expression: "Something interesting" =~ Something    Result: [1] '9'
Expression: "Something interesting" : Something    Result: [1] '9'
Expression: "Something interesting" : interesting    Result: [1] '0'
Expression: "Something interesting" =~ "interesting"    Result: [2] '11'
Expression: "Something interesting" =~ "Something"    Result: [1] '9'
Expression: "Something interesting" : "Something"    Result: [1] '9'
Expression: "Something interesting" : "interesting"    Result: [1] '0'
Expression: "Something interesting" =~ (interesting)    Result: [2] '11'
Expression: "Something interesting" =~ (Something)    Result: [1] '9'
Expression: "Something interesting" : (Something)    Result: [1] '9'
Expression: "Something interesting" : (interesting)    Result: [1] '0'
Expression: "Something interesting" =~ "\(interesting\)"    Result: [1] '0'
Expression: "Something interesting" =~ "\(Something\)"    Result: [1] '0'
Expression: "Something interesting" : "\(Something\)"    Result: [1] '0'
Expression: "Something interesting" : "\(interesting\)"    Result: [1] '0'
Expression: "011043567857575" : "011\(..\)"    Result: [1] '0'
Expression: "9011043567857575" : "011\(..\)"    Result: [1] '0'
Expression: "011043567857575" =~ "011\(..\)"    Result: [1] '0'
Expression: "9011043567857575" =~ "011\(..\)"    Result: [1] '0'
Expression: "Something interesting" =~ (interesting)    Result: [2] '11'
Expression: "Something interesting" =~ (Something)    Result: [1] '9'
Expression: "Something interesting" : (Something)    Result: [1] '9'
Expression: "Something interesting" : (interesting)    Result: [1] '0'
Expression: "Something interesting" =~ "(interesting)"    Result: [11] 'interesting'
Expression: "Something interesting" =~ "(Something)"    Result: [9] 'Something'
Expression: "Something interesting" : "(Something)"    Result: [9] 'Something'
Expression: "Something interesting" : "(interesting)"    Result: [0] ''
Expression: "011043567857575" : "011(..)"    Result: [2] '04'
Expression: "9011043567857575" : "011(..)"    Result: [0] ''
Expression: "011043567857575" =~ "011(..)"    Result: [2] '04'
Expression: "9011043567857575" =~ "011(..)"    Result: [2] '04'
Expression: 3    Result: [1] '3'
Expression: something    Result: [9] 'something'
Expression: 043    Result: [3] '043'
Expression: 2.1+4.2    Result: [19] '6.30000000000000071'
Expression: 1.500003+1.4999999999999898989898989898989898989889898    Result: [19] '3.00000299999998976'
Expression: 1/4    Result: [4] '0.25'
Expression: 2.3 + COS(3.141592653)    Result: [19] '1.29999999999999982'
Expression: REMAINDER(13,3)    Result: [1] '1'
Expression: 2.3 + SIN(3.1415823)    Result: [19] '2.30001035358979289'
Expression: TAN(45) + 2.3    Result: [19] '3.91977519054386114'
Expression: POW(10.0,4.0)    Result: [5] '10000'
LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'SQRT' is not available in the standalone version!
Expression: SQRT(4)    Result: [1] '0'
LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'SQRT' is not available in the standalone version!
Expression: SQRT(2)    Result: [1] '0'
Expression: FLOOR(2.4)    Result: [1] '2'
Expression: FLOOR(2.6)    Result: [1] '2'
Expression: CEIL(2.4)    Result: [1] '3'
Expression: CEIL(2.6)    Result: [1] '3'
Expression: ROUND(2.4)    Result: [1] '2'
Expression: ROUND(2.5)    Result: [1] '3'
Expression: ROUND(2.6)    Result: [1] '3'
Expression: RINT(2.4)    Result: [1] '2'
Expression: RINT(2.5)    Result: [1] '2'
Expression: RINT(2.6)    Result: [1] '3'
Expression: TRUNC(2.4)    Result: [1] '2'
Expression: TRUNC(2.5)    Result: [1] '2'
Expression: TRUNC(2.6)    Result: [1] '2'
Expression: EXP(1.0)    Result: [19] '2.71828182845904509'
Expression: EXP2(1.0)    Result: [1] '2'
Expression: LOG(10)    Result: [18] '2.3025850929940459'
Expression: LOG2(10)    Result: [19] '3.32192809488736218'
Expression: LOG10(10)    Result: [1] '1'
Expression: ATAN2(4,5)    Result: [20] '0.674740942223552742'
Expression: ACOS(12)    Result: [3] 'nan'
Expression: ASIN(1)    Result: [19] '1.57079632679489656'
Expression: ATAN(10)    Result: [18] '1.4711276743037347'
LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'SQRT' is not available in the standalone version!
LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'SQRT' is not available in the standalone version!
Expression: SQRT(2)*SQRT(2)    Result: [1] '0'
LOG: lev:3 file:ast_expr2.y  line:1468 func: op_times  overflow
LOG: lev:3 file:ast_expr2.y  line:1468 func: op_times  overflow
Expression: ATAN(12) + TRUNC(2.4) *ASIN(14.3) *ACOS(1.2)    Result: [3] 'nan'
Expression: ATAN(.912)    Result: [19] '1.57079632679489656'
Expression: TRUNC(2.4)    Result: [1] '2'
Expression: ASIN(0.705)    Result: [19] '0.78242314584342898'
Expression: ACOS(.12)    Result: [3] 'nan'
Expression: ATAN(.912) + TRUNC(2.4) - ASIN(0.705) + ACOS(.12)    Result: [3] 'nan'
LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'MATH' is not available in the standalone version!
Expression: MATH(3*9)    Result: [1] '0'
Expression: ${GLOBAL(ULKOPREFIX)}9${x}    Result: [26] '${GLOBAL(ULKOPREFIX)}9${x}'
Expression: 512059${x}    Result: [10] '512059${x}'
root at hank2:/tmp#

I'll raise a Gerrit case against this and add a patch which adds the compiler flags and prevents the test run when cross-compiling.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list