[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [Git][tpo/applications/tor-browser-build][maint-12.0] Bug 40822: --disable-reloc-section on NSIS stubs.

Title: GitLab

Pier Angelo Vendrame pushed to branch maint-12.0 at The Tor Project / Applications / tor-browser-build

Commits:

  • 1044b8c7
    by Pier Angelo Vendrame at 2023-03-30T09:30:10+02:00 
    Bug 40822: --disable-reloc-section on NSIS stubs.

Out binutils version adds the reloc sections by default, but NSIS does
not work with them.
So, we need to pass a flag to disable them, otherwise users with
mandatory ASLR turned on will not be able to install Tor Browser.

3 changed files:

Changes:

  • projects/nsis/build
    ... ... @@ -13,6 +13,12 @@ cd /var/tmp/build/nsis-[% c('version') %]-src
    13 13 
     # only valid for the Windows linker. Therefore we add it using a patch
    14 14 
     # to the cross-compilation part only. Still needed as of 3.06.1, see: #40090.
    15 15 
     patch -p1 < $rootdir/no-insert-timestamp.patch
    16 
    +# tor-browser-build#40822: NSIS adds a flag to tell it supports ASLR, but it
    17 
    +# does so only to pass MS certifications. According to the NSIS forums, they
    18 
    +# intended not to ship the .reloc to save space. But, according to the bug
    19 
    +# tracker, binutils 2.36 started adding a .reloc section by default, and we need
    20 
    +# to disable it with this patch.
    21 
    +patch -p1 < $rootdir/no-reloc-section.diff
    16 22
    17 23 
     [% IF c("var/windows-x86_64") %]
    18 24 
       # Seems like setting TARGET_ARCH is not enough so we need to patch build.cpp

  • projects/nsis/config
    ... ... @@ -24,6 +24,7 @@ input_files:
    24 24 
         URL: 'https://downloads.sourceforge.net/nsis/nsis-[% c("version") %]-src.tar.bz2'
    25 25 
         sha256sum: a85270ad5386182abecb2470e3d7e9bec9fe4efd95210b13551cb386830d1e87
    26 26 
       - filename: no-insert-timestamp.patch
    27 
    +  - filename: no-reloc-section.diff
    27 28 
       - name: '[% c("var/compiler") %]'
    28 29 
         project: '[% c("var/compiler") %]'
    29 30 
       - name: zlib

  • projects/nsis/no-reloc-section.diff
    1 
    +diff -Naur nsis-3.08-orig/SCons/Config/gnu nsis-3.08-src/SCons/Config/gnu
    2 
    +--- nsis-3.08-orig/SCons/Config/gnu	2023-03-23 09:22:46.315471779 +0100
    3 
    ++++ nsis-3.08-src/SCons/Config/gnu	2023-03-23 09:24:05.260933879 +0100
    4 
    +@@ -103,6 +103,10 @@
    5 
    + stub_env.Append(LINKFLAGS = ['$ALIGN_FLAG'])        # 512 bytes align
    6 
    + stub_env.Append(LINKFLAGS = ['$MAP_FLAG'])          # generate map file
    7 
    +
    8 
    ++# https://sourceforge.net/p/nsis/bugs/1283/?limit=25#e303,
    9 
    ++# https://sourceforge.net/p/nsis/bugs/1283/?limit=25#e303/e90f
    10 
    ++stub_env.Append(LINKFLAGS = ['-Wl,--disable-reloc-section'])
    11 
    ++
    12 
    + conf = FlagsConfigure(stub_env)
    13 
    + conf.CheckCompileFlag('-fno-tree-loop-distribute-patterns')  # GCC 10: Don't generate msvcrt!memmove calls (bug #1248)
    14 
    + conf.Finish()


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications · Help 

    _______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits