-
Notifications
You must be signed in to change notification settings - Fork 436
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ELF built without PIE & Stack Protection #77
Comments
I don't see any reason why not |
up |
Hey @stealthcopter Which NDK version was in use while building v0.0.7? Hey @juan-dambra |
Hi @azbesthu I'm really sorry I didn't see this until just now. I'm not sure what version was used to compile 0.0.7 but I've just built 0.0.8 using version 21 so that should have all the protections mentioned. I'm going to close this issue as I believe it's solved however please feel free to open more issues if you find issues with the native libraries! Thanks all. |
Hello, I have tested the library with different tools(readelf, decomp) and found the following result: while the 32bit archs are indeed protected against stack smashing (armv7 an x86) however the more common 64 bit archs (arm64 and x86_64) don’t seem to be built the same way, and don’t have the needed checks. Is there a chance that this can be fixed on your end ?@stealthcopter @scottyab Thanks a lot! |
@slawert As this is an area I'm not very familiar with it's going to take me a while to research this. We'd love for someone to make a PR if there is anyone has more of a clue how to change this without removing support for any devices. Thanks :) |
@stealthcopter thanks for the merged of the PR. |
The PR was merged, but not released, possible to make a release with the fix ? |
We have a client whose Infosec team have run a vulnerability scanning tool on our app and found that libtool-checker.so from RootBeer is compiled without -pie and -fstack-protector flags.
Is there a reason not to use these flags? If not, could you please add them?
The text was updated successfully, but these errors were encountered: