build: fix RELOC_SECTION security check for bitcoin-util #20939
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The binutils we use for gitian builds strips the reloc section from Windows binaries, which breaks ASLR. As a temporary workaround, export main(). This is the same workaround as bitcoin#18702 (bitcoin-cli), and will fix the currently failing security check: ```bash + make -j1 -C src check-security make: Entering directory '/home/ubuntu/build/bitcoin/distsrc-x86_64-w64-mingw32/src' Checking binary security... bitcoin-util.exe: failed RELOC_SECTION make: *** [check-security] Error 1 ``` Relevant upstream issue: https://sourceware.org/bugzilla/show_bug.cgi?id=19011
c7ba085 to
c061800
Compare
|
Good catch! ACK c061800 |
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this pull request
Jan 17, 2021
…oin-util c061800 build: fix RELOC_SECTION security check for bitcoin-util (fanquake) Pull request description: The binutils we use for gitian builds strips the reloc section from Windows binaries, which breaks ASLR. As a temporary workaround, export main(). This is the same workaround as bitcoin#18702 (bitcoin-cli), and will fix the currently failing security check: ```bash + make -j1 -C src check-security make: Entering directory '/home/ubuntu/build/bitcoin/distsrc-x86_64-w64-mingw32/src' Checking binary security... bitcoin-util.exe: failed RELOC_SECTION make: *** [check-security] Error 1 ``` Relevant upstream issue: https://sourceware.org/bugzilla/show_bug.cgi?id=19011 ACKs for top commit: dongcarl: ACK c061800 laanwj: ACK c061800 Tree-SHA512: a1a4da0b2cddfc377190b9044a04f42a859ca79f11ce2c2ab4c3d066a2786c34d5446d75f8eec634f308d2d3349ebbd7c9f76dcaebeeb28e471c829851592367
Gitian builds
|
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The binutils we use for gitian builds strips the reloc section from
Windows binaries, which breaks ASLR. As a temporary workaround, export
main(). This is the same workaround as #18702 (bitcoin-cli), and will
fix the currently failing security check:
Relevant upstream issue:
https://sourceware.org/bugzilla/show_bug.cgi?id=19011