Package: mupdf
Version: 1.14.0+ds1-4
Severity: normal
The mupdf-x11 binary requests an executable stack from the loader. The
readelf tool shows the GNU_STACK segment requests "RWE" permissions:
$ readelf -L /usr/lib/mupdf/mupdf-x11
This is both unnecessary and risky, especially considering that this
program parses untrusted, complex inputs (PDFs). The program gets an
executable stack only because it fails to consistently request an
non-executable stack during linking. This is due to the use of the
linker ("ld -r -b binary") to embed data, and such data object files do
not, by default, include the necessary .note.GNU-stack section.
The fix is to add "-z noexecstack" when using the linker this way.
Attached is a patch that does so. When built with this new patch, the
stack is no longer executable.
--- a/Makefile
+++ b/Makefile
@@ -60,7 +60,7 @@
LINK_CMD = $(QUIET_LINK) $(MKTGTDIR) ; $(CC) $(LDFLAGS) -o $@ $^ $(LIBS)
TAGS_CMD = $(QUIET_TAGS) ctags $^
WINDRES_CMD = $(QUIET_WINDRES) $(MKTGTDIR) ; $(WINDRES) $< $@
-OBJCOPY_CMD = $(QUIET_OBJCOPY) $(MKTGTDIR) ; $(LD) -r -b binary -o $@ $<
+OBJCOPY_CMD = $(QUIET_OBJCOPY) $(MKTGTDIR) ; $(LD) -r -b binary -z noexecstack
-o $@ $<
# --- Rules ---
