Hi all,
I just commited patch which marks stack as non-executable in NASM
code to trunk.
Currently all binaries, which use accelerated JPEG code (vncviewer and
Xvnc), are built with executable stack. It is not so good from security
perspective, obviously. Patch is attached and should be commited to 1_0 branch.
Do you have any comments?
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
diff -up
tigervnc-1.0.90-20091221svn3929/common/jpeg/simd/jsimdext.inc.noexecstack
tigervnc-1.0.90-20091221svn3929/common/jpeg/simd/jsimdext.inc
--- tigervnc-1.0.90-20091221svn3929/common/jpeg/simd/jsimdext.inc.noexecstack
2010-01-22 10:52:35.968632745 +0100
+++ tigervnc-1.0.90-20091221svn3929/common/jpeg/simd/jsimdext.inc
2010-01-22 10:56:50.877629306 +0100
@@ -53,6 +53,9 @@
; * *BSD family Unix using elf format
; * Unix System V, including Solaris x86, UnixWare and SCO Unix
+; mark stack as non-executable
+section .note.GNU-stack noalloc noexec nowrite progbits
+
; -- segment definition --
;
%ifdef __x86_64__
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Tigervnc-devel mailing list
Tigervnc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tigervnc-devel
