Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ELF built without PIE & Stack Protection #77

Closed
juan-dambra opened this issue Jul 5, 2018 · 8 comments
Closed

ELF built without PIE & Stack Protection #77

juan-dambra opened this issue Jul 5, 2018 · 8 comments
Assignees
@stealthcopter
Labels
enhancement help wanted

Comments

@juan-dambra
Copy link

We have a client whose Infosec team have run a vulnerability scanning tool on our app and found that libtool-checker.so from RootBeer is compiled without -pie and -fstack-protector flags.

Is there a reason not to use these flags? If not, could you please add them?
@stealthcopter stealthcopter self-assigned this Jul 5, 2018
@stealthcopter
Copy link
Collaborator

I don't see any reason why not

@pich4ya
Copy link

pich4ya commented Aug 16, 2018

up

@azbesthu
Copy link

azbesthu commented Feb 19, 2019
edited
Loading

Hey @stealthcopter

Which NDK version was in use while building v0.0.7?
I just asking, because it seems current NDK v19b by default has " -stack-protector 2" in verbose log while building, that seems to be "-fstack-protector-strong" equivalent in LLVM.
I saw an issue in NDK v18 about they accidently removed this flag, but they re-enabled it in v18b.
android/ndk#815
Also do you know which NDK was used for v0.0.6 relese?

Hey @juan-dambra
Is this "-pie" issue happening only on MIPS platform? I just asking, because our security team mentioned it only for mips64 with v0.0.6 release. If I understand correctly, v0.0.7 dropped mips support, because google also dropped it from newer NDK versions. So maybe it is not a problem any more with that.

@stealthcopter
Copy link
Collaborator

Hi @azbesthu I'm really sorry I didn't see this until just now. I'm not sure what version was used to compile 0.0.7 but I've just built 0.0.8 using version 21 so that should have all the protections mentioned.

I'm going to close this issue as I believe it's solved however please feel free to open more issues if you find issues with the native libraries! Thanks all.

@slawert
Copy link
Contributor

slawert commented Apr 9, 2020

Hello,

I have tested the library with different tools(readelf, decomp) and found the following result: while the 32bit archs are indeed protected against stack smashing (armv7 an x86) however the more common 64 bit archs (arm64 and x86_64) don’t seem to be built the same way, and don’t have the needed checks.

Is there a chance that this can be fixed on your end ?@stealthcopter @scottyab

Thanks a lot!

@stealthcopter
Copy link
Collaborator

@slawert As this is an area I'm not very familiar with it's going to take me a while to research this. We'd love for someone to make a PR if there is anyone has more of a clue how to change this without removing support for any devices. Thanks :)

@stealthcopter stealthcopter reopened this Apr 9, 2020
@slawert slawert mentioned this issue Apr 13, 2020
Merged
@Stephane84
Copy link

@stealthcopter thanks for the merged of the PR.
Is a 0.0.9 release is plan with the rebuild of the .so files ?
Thx

@benjosantony
Copy link

The PR was merged, but not released, possible to make a release with the fix ?

@nfmobile nfmobile mentioned this issue May 21, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stealthcopter stealthcopter

Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@stealthcopter @azbesthu @slawert @pich4ya @benjosantony @Stephane84 @juan-dambra