This is the mail archive of the
binutils@sourceware.cygnus.com
mailing list for the binutils project.
Re: Patch to eliminate garbage in DJGPP execs
- To: snowball3 at bigfoot dot com
- Subject: Re: Patch to eliminate garbage in DJGPP execs
- From: DJ Delorie <dj at delorie dot com>
- Date: Sat, 1 Jul 2000 22:35:32 -0400
- CC: binutils at sourceware dot cygnus dot com
- References: <395D0C26.31584.1CD7F6@localhost>
> In DJGPP executables, the area between the end of the section
> headers and the start of the first section's data (typically the
> .text section's) contains garbage. This garbage is what was already
> there when the space was allocated on the disk. It's there because
> the operating system doesn't blank the space out when seeking past
> EOF, like the object file output routine does. This presents an
> obvious security risk if you distribute this executable. The patch
> below blanks out this area for DJGPP-specific targets to eliminate
> this risk.
Other targets, like MinGW, have this problem too, and it's not limited
to that one spot in the file. A generic fix was suggested for
bfd_seek at one point, I don't remember what happened to it. I'd
prefer such a fix to something platform-specific. I can provide some
hints based on fixing this problem in cygwin's lseek() (djgpp probably
should have a similar fix to its lseek also).
Basically:
When you seek, set a flag. When you write to the file, check and
reset the flag. If it was set, see if we've seeked past EOF and use
write to extend the file with zeros. Some cacheing of where bfd
thinks EOF is might be needed for robustness.
This limits the extra check (tell can be expensive) to *only*
write-after-seek cases.