[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Fw: Re: (ITS#8959) duplicate symbols
=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 Original Me=
ssage =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90
On Monday, January 28, 2019 12:10 PM, Rupert Gallagher <ruga@protonmail.com=
> wrote:
> I can replicate your log when using the default tool-chain by Apple.
>
> The following causes my system to fail with openldap, replicating my orig=
inal bug.
> The same settings succeed with many other open source projects: openldap =
is the only one that fails.
>
> 1. install the official clang/llvm tool-chain from llvm.org;
> 2. set up the shell as follows:
>
> export CC=3D"/opt/llvm/bin/clang"; # gcc
> export CMAKE_C_COMPILER=3D"/opt/llvm/bin/clang";
> export CPP=3D"/opt/llvm/bin/clang -E"; # cpp
> export CXX=3D"/opt/llvm/bin/clang++"; # g++
> export CMAKE_CXX_COMPILER=3D"/opt/llvm/bin/clang++"; # g++
> export AR=3D"/opt/llvm/bin/llvm-ar"; # ar
> export CMAKE_AR=3D"/opt/llvm/bin/llvm-ar"; # ar
> export CMAKE_LINKER=3D"/usr/bin/ld"; # Apple's own
> export NM=3D"/opt/llvm/bin/llvm-nm"; # nm
> export CMAKE_NM=3D"/opt/llvm/bin/llvm-nm"; # nm
> export CMAKE_OBJDUMP=3D"/opt/llvm/bin/llvm-objdump";
> export RANLIB=3D"/opt/llvm/bin/llvm-ranlib";
> export CMAKE_RANLIB=3D"/opt/llvm/bin/llvm-ranlib";
> sdk_p=3D"$( /usr/bin/xcode-select -print-path )";
> sdk_v=3D"$( /usr/bin/xcrun --show-sdk-version )";
>
>
> runtime compatibility with former versions:
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> sdk_c=3D"${sdk_v}";
> case $sdk_v in
> 10.14) sdk_c=3D"10.13";;
> 10.13) sdk_c=3D"10.13";;
> esac
>
> CFLAGS=3D"";
> CCFLAGS=3D"";
> CPPFLAGS=3D"";
> LDFLAGS=3D"";
>
> export MACOSX_DEPLOYMENT_TARGET=3D"${sdk_c}";
> CFLAGS=3D"$CFLAGS -g -mmacosx-version-min=3D${sdk_c} -isysroot ${sdk_p}/P=
latforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk";
> CFLAGS=3D"$CFLAGS -arch x86_64";
>
> exploit mitigation: RELRO + BIND_NOW
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> LDFLAGS=3D"$LDFLAGS -Wl,-z,relro,-z,now";
>
> exploit mitigation: stack canary
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -fstack-protector-all";
>
> nicer stack traces in error messages
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -fno-omit-frame-pointer";
>
> exploit mitigations:
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -fPIC -fPIE";
> LDFLAGS=3D"$LDFLAGS -pie";
>
> exploit mitigation: protect memory and string functions
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -O2";
> CPPFLAGS=3D"$CPPFLAGS -D_FORTIFY_SOURCE=3D2";
>
> exploit mitigation: format string warnings as errors
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>
> CFLAGS=3D"$CFLAGS -Wformat -Wformat-security -Werror=3Dformat-security";
>
> export CFLAGS;
> export CCFLAGS=3D"$CFLAGS";
> export CPPFLAGS;
> export CXXFLAGS=3D"$CPPFLAGS";
> export LDFLAGS;
> export DSOFLAGS=3D"$LDFLAGS";