Re: [Bug 537650] [NEW] slmodemd has an executable stack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Antonio,
Probably something like
execstack -c "/usr/sbin/slmodemd -c USA /dev/slamr0"
in place of
execstack -c /usr/sbin/slmodemd -c USA /dev/slamr0

My guess is that execstack takes -c USA /dev/slamr0 as a second instance of the execstack clear option to be applied
to expected libraries USA and /dev/slamr0
See man execstack which lists the option:
-c --clear-execstack
Mark binary or shared library as not requiring executable
stack.

Jacques

Antonio Olivares wrote

:

Ahmed,

I cannot run
1) :

^C[root@localhost ~]# execstack -c /usr/sbin/slmodemd -c USA /dev/slamr0
execstack: cannot open "USA": No such file or directory
execstack: "/dev/slamr0" is not an ELF file

C[root@localhost ~]# execstack -c /usr/sbin/slmodemd -c USA /dev/slamr0
execstack: cannot open "USA": No such file or directory
execstack: "/dev/slamr0" is not an ELF file

I have to use:

[root@localhost ~]# slmodemd -c USA /dev/slamr0
SmartLink Soft Modem: version 2.9.11 Mar 12 2010 18:28:10
symbolic link `/dev/ttySL0' -> `/dev/pts/2' created.
modem `slamr0' created. TTY is `/dev/pts/2'
Use `/dev/ttySL0' as modem device, Ctrl+C for termination.

device 10b9:5459 is grabbed by driver serial: try to release
serial 0000:05:02.0: PCI INT A disabled
slamr: module license 'Smart Link Ltd.' taints kernel.
Disabling lock debugging due to kernel taint
slamr: SmartLink AMRMO modem.
slamr: probe 10b9:5459 SL1800 card...
slamr 0000:05:02.0: PCI INT A -> GSI 18 (level, low) -> IRQ 18
slamr: mc97 codec is SIL26
slamr: slamr0 is SL1800 card.
PPP generic driver version 2.4.2
PPP Deflate Compression module registered
[olivares@localhost ~]$ uname -r
2.6.32.9-70.fc12.i686.PAE

Is there anything else I can do?  I am not sure that I did it right
and sorry for not getting back.  I have been kind of busy :(

Regards,

Antonio

On 3/12/10, أحمد المحمودي <aelmahmoudy@xxxxxxxxxx> wrote:
Hello,

  I got the following security vulnerability report from an Ubuntu
developer,

On Thu, Mar 11, 2010 at 09:02:43PM -0000, Kees Cook wrote:
*** This bug is a security vulnerability ***

Public security bug reported:

execstack -q /usr/sbin/slmodemd
 X /usr/sbin/slmodemd

This is potentially dangerous, and should be addressed.  Please see:
https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks
for details.
---end quoted text---

  He mentioned in a following email that issue is caused by dsplibs.o,
  anyways, according to the wiki page mentioned above, this can be
  solved by running the following after building slmodemd:

  execstack -c slmodemd

  I can do this in the Debian/Ubuntu package, but I need to make sure
  that it won't break the usability of sl-modem, can Antonio or others
  test the following:

  1) Run: execstack -c /usr/sbin/slmodemd (I assume that slmodemd is
  installed in /usr/sbin on your systems)

  2) Try using the modem (internet, faxing,...) with the modified
  slmodemd, please try two cases:
    a) with ALSA driver
    b) with slamr driver

  I might be able to get my hands on a machine that has a smartlink
  modem (but using ALSA driver) today, in that case I'll try testing
  case (a).

--
 ‎أحمد المحمودي (Ahmed El-Mahmoudy)
  Digital design engineer
 GPG KeyID: 0xEDDDA1B7
 GPG Fingerprint: 8206 A196 2084 7E6D 0DF8  B176 BC19 6A94 EDDD A1B7



[Index of Archives]     [Linux Media Development]     [Asterisk]     [DCCP]     [Netdev]     [X.org]     [Xfree86]     [Fedora Women]     [Linux USB]

  Powered by Linux