[asterisk-bugs] [JIRA] (ASTERISK-28685) check_expr2: linking (when hardening) and cross-compiling troubles

Joshua C. Colp (JIRA) noreply at issues.asterisk.org
Sun Jan 12 07:56:25 CST 2020


     [ https://issues.asterisk.org/jira/browse/ASTERISK-28685?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joshua C. Colp updated ASTERISK-28685:
--------------------------------------

    Assignee: Sebastian Kemper

> check_expr2: linking (when hardening) and cross-compiling troubles
> ------------------------------------------------------------------
>
>                 Key: ASTERISK-28685
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28685
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Utilities/General
>    Affects Versions: 16.6.1
>         Environment: OpenWrt gcc-8.3.0, binutils 2.31.1
>            Reporter: Sebastian Kemper
>            Assignee: Sebastian Kemper
>            Severity: Minor
>
> Hi all,
> Honestly I'm not too sure what check_expr2 is used for, but we bundle it as an optional package on OpenWrt.
> In the past we already had to comment out the test run "./check_expr2 expr2.testinput" because we're cross-compiling. And now OpenWrt introduced another hardening option into our buildroot: ASLR PIE. It's not enabled by default (yet), but if you select it the asterisk package fails to build:
> ccache_cc -g -c -I/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.6.1/include -DSTANDALONE /home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.6.1/main/ast_expr2f.c -o ast_expr2fz.o
> cc1: note: someone does not honour COPTS correctly, passed 0 times
> ccache_cc -g -c -I/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.6.1/include -DSTANDALONE2 /home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.6.1/main/ast_expr2.c -o ast_expr2z.o
> cc1: note: someone does not honour COPTS correctly, passed 0 times
> ccache_cc -g -o check_expr2 ast_expr2fz.o ast_expr2z.o astmm.o -lm -L/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib -L/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/lib -L/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/usr/lib -L/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib -fpic -specs=/home/sk/tmp/openwrt/include/hardened-ld-pie.specs -znow -zrelro -L/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libiconv-stub/lib -Wl,-rpath-link=/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libiconv-stub/lib -L/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libintl-stub/lib -Wl,-rpath-link=/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libintl-stub/lib   
> /home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: ast_expr2fz.o: relocation R_MIPS_HI16 against `stdin' can not be used when making a shared object; recompile with -fPIC
> /home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: ast_expr2z.o: relocation R_MIPS_26 against `a local symbol' can not be used when making a shared object; recompile with -fPIC
> /home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: non-dynamic relocations refer to dynamic symbol stdin
> /home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: failed to set dynamic section sizes: bad value
> collect2: error: ld returned 1 exit status
> So the first thing that happens is that the compiler warns us that there are no compiler flags provided. And this is followed by linker failure.
> I'm not sure why Asterisk chooses to compile the objects that make up check_expr2 without compiler flags. Maybe it's just an oversight. When I add them all this goes away.
> I also ran check_expr2 (so, the one compiled with the compiler flags) against the test file on a target device. The output looks reasonable to me:
> root at hank2:/tmp# ./check_expr2 expr2.testinput 
> Expression: 2 + 2    Result: [1] '4'
> Expression:       2     +       2                Result: [1] '4'
> Expression:     Result: [0] ''
> Expression: 2 - 4    Result: [2] '-2'
> Expression: 4 - 2    Result: [1] '2'
> Expression: -4 - -2    Result: [2] '-2'
> Expression: 4 + 2 * 8    Result: [2] '20'
> Expression: (4 + 2) * 8    Result: [2] '48'
> Expression: 4 + (2 * 8)    Result: [2] '20'
> Expression: 4 + (2 * 8) ? 3 :: 6    Result: [1] '3'
> Expression: 4 + 8 / 2    Result: [1] '8'
> Expression: 4 + 8 / 3    Result: [19] '6.66666666666666607'
> Expression: (4+8) / 3    Result: [1] '4'
> Expression: 4 + 8 % 3    Result: [1] '6'
> Expression: 4 + 9 % 3    Result: [1] '4'
> Expression: (4+9) %3    Result: [1] '1'
> Expression: (4+8) %3    Result: [1] '0'
> Expression: (4+9) %3    Result: [1] '1'
> Expression: (4+8) %3    Result: [1] '0'
> Expression: (4+9) % 3    Result: [1] '1'
> Expression: (4+8) % 3    Result: [1] '0'
> Expression: (4+9) % 3    Result: [1] '1'
> Expression: (4+8) % 3    Result: [1] '0'
> Expression: (4+9)% 3    Result: [1] '1'
> Expression: (4+8)% 3    Result: [1] '0'
> Expression: (4+9)% 3    Result: [1] '1'
> Expression: (4+8)% 3    Result: [1] '0'
> Expression: 4 & 4    Result: [1] '4'
> Expression: 0 & 4    Result: [1] '0'
> Expression: 0 & 0    Result: [1] '0'
> Expression: 2 | 0    Result: [1] '2'
> Expression: 2 | 4    Result: [1] '2'
> Expression: 0 | 0    Result: [1] '0'
> Expression: !0 | 0    Result: [1] '1'
> Expression: !4 | 0    Result: [1] '0'
> Expression: 4 | !0    Result: [1] '4'
> Expression: !4 | !0    Result: [1] '1'
> Expression: 3 < 4    Result: [1] '1'
> Expression: 4 < 3    Result: [1] '0'
> Expression: 3 > 4    Result: [1] '0'
> Expression: 4 > 3    Result: [1] '1'
> Expression: 3 = 3    Result: [1] '1'
> Expression: 3 = 4    Result: [1] '0'
> Expression: 3 != 3    Result: [1] '0'
> Expression: 3 != 4    Result: [1] '1'
> Expression: 3 >= 4    Result: [1] '0'
> Expression: 3 >= 3    Result: [1] '1'
> Expression: 4 >= 3    Result: [1] '1'
> Expression: 3 <= 4    Result: [1] '1'
> Expression: 4 <= 3    Result: [1] '0'
> Expression: 4 <= 4    Result: [1] '1'
> Expression: 3 > 4 & 4 < 3    Result: [1] '0'
> Expression: 4 > 3 & 3 < 4    Result: [1] '1'
> Expression: x = x    Result: [1] '1'
> Expression: y = x    Result: [1] '0'
> Expression: x != y    Result: [1] '1'
> Expression: x != x    Result: [1] '0'
> Expression: "Something interesting" =~ interesting    Result: [2] '11'
> Expression: "Something interesting" =~ Something    Result: [1] '9'
> Expression: "Something interesting" : Something    Result: [1] '9'
> Expression: "Something interesting" : interesting    Result: [1] '0'
> Expression: "Something interesting" =~ "interesting"    Result: [2] '11'
> Expression: "Something interesting" =~ "Something"    Result: [1] '9'
> Expression: "Something interesting" : "Something"    Result: [1] '9'
> Expression: "Something interesting" : "interesting"    Result: [1] '0'
> Expression: "Something interesting" =~ (interesting)    Result: [2] '11'
> Expression: "Something interesting" =~ (Something)    Result: [1] '9'
> Expression: "Something interesting" : (Something)    Result: [1] '9'
> Expression: "Something interesting" : (interesting)    Result: [1] '0'
> Expression: "Something interesting" =~ "\(interesting\)"    Result: [1] '0'
> Expression: "Something interesting" =~ "\(Something\)"    Result: [1] '0'
> Expression: "Something interesting" : "\(Something\)"    Result: [1] '0'
> Expression: "Something interesting" : "\(interesting\)"    Result: [1] '0'
> Expression: "011043567857575" : "011\(..\)"    Result: [1] '0'
> Expression: "9011043567857575" : "011\(..\)"    Result: [1] '0'
> Expression: "011043567857575" =~ "011\(..\)"    Result: [1] '0'
> Expression: "9011043567857575" =~ "011\(..\)"    Result: [1] '0'
> Expression: "Something interesting" =~ (interesting)    Result: [2] '11'
> Expression: "Something interesting" =~ (Something)    Result: [1] '9'
> Expression: "Something interesting" : (Something)    Result: [1] '9'
> Expression: "Something interesting" : (interesting)    Result: [1] '0'
> Expression: "Something interesting" =~ "(interesting)"    Result: [11] 'interesting'
> Expression: "Something interesting" =~ "(Something)"    Result: [9] 'Something'
> Expression: "Something interesting" : "(Something)"    Result: [9] 'Something'
> Expression: "Something interesting" : "(interesting)"    Result: [0] ''
> Expression: "011043567857575" : "011(..)"    Result: [2] '04'
> Expression: "9011043567857575" : "011(..)"    Result: [0] ''
> Expression: "011043567857575" =~ "011(..)"    Result: [2] '04'
> Expression: "9011043567857575" =~ "011(..)"    Result: [2] '04'
> Expression: 3    Result: [1] '3'
> Expression: something    Result: [9] 'something'
> Expression: 043    Result: [3] '043'
> Expression: 2.1+4.2    Result: [19] '6.30000000000000071'
> Expression: 1.500003+1.4999999999999898989898989898989898989889898    Result: [19] '3.00000299999998976'
> Expression: 1/4    Result: [4] '0.25'
> Expression: 2.3 + COS(3.141592653)    Result: [19] '1.29999999999999982'
> Expression: REMAINDER(13,3)    Result: [1] '1'
> Expression: 2.3 + SIN(3.1415823)    Result: [19] '2.30001035358979289'
> Expression: TAN(45) + 2.3    Result: [19] '3.91977519054386114'
> Expression: POW(10.0,4.0)    Result: [5] '10000'
> LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'SQRT' is not available in the standalone version!
> Expression: SQRT(4)    Result: [1] '0'
> LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'SQRT' is not available in the standalone version!
> Expression: SQRT(2)    Result: [1] '0'
> Expression: FLOOR(2.4)    Result: [1] '2'
> Expression: FLOOR(2.6)    Result: [1] '2'
> Expression: CEIL(2.4)    Result: [1] '3'
> Expression: CEIL(2.6)    Result: [1] '3'
> Expression: ROUND(2.4)    Result: [1] '2'
> Expression: ROUND(2.5)    Result: [1] '3'
> Expression: ROUND(2.6)    Result: [1] '3'
> Expression: RINT(2.4)    Result: [1] '2'
> Expression: RINT(2.5)    Result: [1] '2'
> Expression: RINT(2.6)    Result: [1] '3'
> Expression: TRUNC(2.4)    Result: [1] '2'
> Expression: TRUNC(2.5)    Result: [1] '2'
> Expression: TRUNC(2.6)    Result: [1] '2'
> Expression: EXP(1.0)    Result: [19] '2.71828182845904509'
> Expression: EXP2(1.0)    Result: [1] '2'
> Expression: LOG(10)    Result: [18] '2.3025850929940459'
> Expression: LOG2(10)    Result: [19] '3.32192809488736218'
> Expression: LOG10(10)    Result: [1] '1'
> Expression: ATAN2(4,5)    Result: [20] '0.674740942223552742'
> Expression: ACOS(12)    Result: [3] 'nan'
> Expression: ASIN(1)    Result: [19] '1.57079632679489656'
> Expression: ATAN(10)    Result: [18] '1.4711276743037347'
> LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'SQRT' is not available in the standalone version!
> LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'SQRT' is not available in the standalone version!
> Expression: SQRT(2)*SQRT(2)    Result: [1] '0'
> LOG: lev:3 file:ast_expr2.y  line:1468 func: op_times  overflow
> LOG: lev:3 file:ast_expr2.y  line:1468 func: op_times  overflow
> Expression: ATAN(12) + TRUNC(2.4) *ASIN(14.3) *ACOS(1.2)    Result: [3] 'nan'
> Expression: ATAN(.912)    Result: [19] '1.57079632679489656'
> Expression: TRUNC(2.4)    Result: [1] '2'
> Expression: ASIN(0.705)    Result: [19] '0.78242314584342898'
> Expression: ACOS(.12)    Result: [3] 'nan'
> Expression: ATAN(.912) + TRUNC(2.4) - ASIN(0.705) + ACOS(.12)    Result: [3] 'nan'
> LOG: lev:4 file:ast_expr2.y  line:1071 func: op_func  Error! 'MATH' is not available in the standalone version!
> Expression: MATH(3*9)    Result: [1] '0'
> Expression: ${GLOBAL(ULKOPREFIX)}9${x}    Result: [26] '${GLOBAL(ULKOPREFIX)}9${x}'
> Expression: 512059${x}    Result: [10] '512059${x}'
> root at hank2:/tmp#
> I'll raise a Gerrit case against this and add a patch which adds the compiler flags and prevents the test run when cross-compiling.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list