[Date Prev][Date Next] [Chronological] [Thread] [Top]

Fw: Re: (ITS#8959) duplicate symbols

To: openldap-its@OpenLDAP.org
Subject: Fw: Re: (ITS#8959) duplicate symbols
From: ruga@protonmail.com
Date: Mon, 28 Jan 2019 12:15:44 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 Original Me=
ssage =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90
On Monday, January 28, 2019 12:10 PM, Rupert Gallagher <ruga@protonmail.com=
> wrote:

> I can replicate your log when using the default tool-chain by Apple.
>
> The following causes my system to fail with openldap, replicating my orig=
inal bug.
> The same settings succeed with many other open source projects: openldap =
is the only one that fails.
>
> 1.  install the official clang/llvm tool-chain from llvm.org;
> 2.  set up the shell as follows:
>
>     export CC=3D"/opt/llvm/bin/clang"; # gcc
>     export CMAKE_C_COMPILER=3D"/opt/llvm/bin/clang";
>     export CPP=3D"/opt/llvm/bin/clang -E"; # cpp
>     export CXX=3D"/opt/llvm/bin/clang++"; # g++
>     export CMAKE_CXX_COMPILER=3D"/opt/llvm/bin/clang++"; # g++
>     export AR=3D"/opt/llvm/bin/llvm-ar"; # ar
>     export CMAKE_AR=3D"/opt/llvm/bin/llvm-ar"; # ar
>     export CMAKE_LINKER=3D"/usr/bin/ld"; # Apple's own
>     export NM=3D"/opt/llvm/bin/llvm-nm"; # nm
>     export CMAKE_NM=3D"/opt/llvm/bin/llvm-nm"; # nm
>     export CMAKE_OBJDUMP=3D"/opt/llvm/bin/llvm-objdump";
>     export RANLIB=3D"/opt/llvm/bin/llvm-ranlib";
>     export CMAKE_RANLIB=3D"/opt/llvm/bin/llvm-ranlib";
>     sdk_p=3D"$( /usr/bin/xcode-select -print-path )";
>     sdk_v=3D"$( /usr/bin/xcrun --show-sdk-version )";
>
>
> runtime compatibility with former versions:
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> sdk_c=3D"${sdk_v}";
> case $sdk_v in
> 10.14) sdk_c=3D"10.13";;
> 10.13) sdk_c=3D"10.13";;
> esac
>
> CFLAGS=3D"";
> CCFLAGS=3D"";
> CPPFLAGS=3D"";
> LDFLAGS=3D"";
>
> export MACOSX_DEPLOYMENT_TARGET=3D"${sdk_c}";
> CFLAGS=3D"$CFLAGS -g -mmacosx-version-min=3D${sdk_c} -isysroot ${sdk_p}/P=
latforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk";
> CFLAGS=3D"$CFLAGS -arch x86_64";
>
> exploit mitigation: RELRO + BIND_NOW
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> LDFLAGS=3D"$LDFLAGS -Wl,-z,relro,-z,now";
>
> exploit mitigation: stack canary
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -fstack-protector-all";
>
> nicer stack traces in error messages
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -fno-omit-frame-pointer";
>
> exploit mitigations:
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -fPIC -fPIE";
> LDFLAGS=3D"$LDFLAGS -pie";
>
> exploit mitigation: protect memory and string functions
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -O2";
> CPPFLAGS=3D"$CPPFLAGS -D_FORTIFY_SOURCE=3D2";
>
> exploit mitigation: format string warnings as errors
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -Wformat -Wformat-security -Werror=3Dformat-security";
>
> export CFLAGS;
> export CCFLAGS=3D"$CFLAGS";
> export CPPFLAGS;
> export CXXFLAGS=3D"$CPPFLAGS";
> export LDFLAGS;
> export DSOFLAGS=3D"$LDFLAGS";

Prev by Date: Re: (ITS#8959) duplicate symbols
Next by Date: Re: (ITS#8959) duplicate symbols
Index(es):
- Chronological
- Thread