From cb7aa4b1fee688342950d02195b927962295514e Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Fri, 24 Jun 2016 15:04:27 +0200 Subject: [PATCH] ebtables: fix segmentation fault due to uninitialized extension data The ebtables code relies on the `-nostartfiles` linker argument to execute the extension modules' `_init()` functions automatically which is not working reliably across all supported targets and gcc versions. Running an ebtables executable linked this way just crashes with a segmentation fault at runtime on program startup, e.g. on ARM architectures. In order to fix the issue ... - remove the use of the -nostartfiles linker flag - rename the init procedures to a generic name without implicit semantics - explicitely annotate those init procedures as constructors The patch has been taken from the Alpine Linux distribution at http://git.alpinelinux.org/cgit/aports/tree/main/ebtables/fix-extension-init.patch Signed-off-by: Jo-Philipp Wich --- package/network/utils/ebtables/Makefile | 2 +- .../patches/200-fix-extension-init.patch | 249 ++++++++++++++++++ 2 files changed, 250 insertions(+), 1 deletion(-) create mode 100644 package/network/utils/ebtables/patches/200-fix-extension-init.patch diff --git a/package/network/utils/ebtables/Makefile b/package/network/utils/ebtables/Makefile index 30bf426d77a3..78b83b817b77 100644 --- a/package/network/utils/ebtables/Makefile +++ b/package/network/utils/ebtables/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ebtables PKG_VERSION:=2.0.10-4 -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=@SF/ebtables diff --git a/package/network/utils/ebtables/patches/200-fix-extension-init.patch b/package/network/utils/ebtables/patches/200-fix-extension-init.patch new file mode 100644 index 000000000000..63d237708ff7 --- /dev/null +++ b/package/network/utils/ebtables/patches/200-fix-extension-init.patch @@ -0,0 +1,249 @@ +--- a/extensions/Makefile ++++ b/extensions/Makefile +@@ -11,13 +11,13 @@ EXT_LIBSI+=$(foreach T,$(EXT_FUNC), -leb + EXT_LIBSI+=$(foreach T,$(EXT_TABLES), -lebtable_$(T)) + + extensions/ebt_%.so: extensions/ebt_%.o +- $(CC) $(LDFLAGS) -shared -o $@ -lc $< -nostartfiles ++ $(CC) $(LDFLAGS) -shared -o $@ -lc $< + + extensions/libebt_%.so: extensions/ebt_%.so + mv $< $@ + + extensions/ebtable_%.so: extensions/ebtable_%.o +- $(CC) $(LDFLAGS) -shared -o $@ -lc $< -nostartfiles ++ $(CC) $(LDFLAGS) -shared -o $@ -lc $< + + extensions/libebtable_%.so: extensions/ebtable_%.so + mv $< $@ +--- a/extensions/ebt_802_3.c ++++ b/extensions/ebt_802_3.c +@@ -141,7 +141,7 @@ static struct ebt_u_match _802_3_match = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&_802_3_match); + } +--- a/extensions/ebt_among.c ++++ b/extensions/ebt_among.c +@@ -490,7 +490,7 @@ static struct ebt_u_match among_match = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&among_match); + } +--- a/extensions/ebt_arp.c ++++ b/extensions/ebt_arp.c +@@ -362,7 +362,7 @@ static struct ebt_u_match arp_match = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&arp_match); + } +--- a/extensions/ebt_arpreply.c ++++ b/extensions/ebt_arpreply.c +@@ -132,7 +132,7 @@ static struct ebt_u_target arpreply_targ + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_target(&arpreply_target); + } +--- a/extensions/ebt_ip.c ++++ b/extensions/ebt_ip.c +@@ -338,7 +338,7 @@ static struct ebt_u_match ip_match = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&ip_match); + } +--- a/extensions/ebt_ip6.c ++++ b/extensions/ebt_ip6.c +@@ -556,7 +556,7 @@ static struct ebt_u_match ip6_match = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&ip6_match); + } +--- a/extensions/ebt_limit.c ++++ b/extensions/ebt_limit.c +@@ -212,7 +212,7 @@ static struct ebt_u_match limit_match = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&limit_match); + } +--- a/extensions/ebt_log.c ++++ b/extensions/ebt_log.c +@@ -217,7 +217,7 @@ static struct ebt_u_watcher log_watcher + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_watcher(&log_watcher); + } +--- a/extensions/ebt_mark.c ++++ b/extensions/ebt_mark.c +@@ -172,7 +172,7 @@ static struct ebt_u_target mark_target = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_target(&mark_target); + } +--- a/extensions/ebt_mark_m.c ++++ b/extensions/ebt_mark_m.c +@@ -121,7 +121,7 @@ static struct ebt_u_match mark_match = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&mark_match); + } +--- a/extensions/ebt_nat.c ++++ b/extensions/ebt_nat.c +@@ -230,7 +230,7 @@ static struct ebt_u_target dnat_target = + .extra_ops = opts_d, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_target(&snat_target); + ebt_register_target(&dnat_target); +--- a/extensions/ebt_nflog.c ++++ b/extensions/ebt_nflog.c +@@ -166,7 +166,7 @@ static struct ebt_u_watcher nflog_watche + .extra_ops = nflog_opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_watcher(&nflog_watcher); + } +--- a/extensions/ebt_pkttype.c ++++ b/extensions/ebt_pkttype.c +@@ -125,7 +125,7 @@ static struct ebt_u_match pkttype_match + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&pkttype_match); + } +--- a/extensions/ebt_redirect.c ++++ b/extensions/ebt_redirect.c +@@ -108,7 +108,7 @@ static struct ebt_u_target redirect_targ + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_target(&redirect_target); + } +--- a/extensions/ebt_standard.c ++++ b/extensions/ebt_standard.c +@@ -84,7 +84,7 @@ static struct ebt_u_target standard = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_target(&standard); + } +--- a/extensions/ebt_stp.c ++++ b/extensions/ebt_stp.c +@@ -337,7 +337,7 @@ static struct ebt_u_match stp_match = + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&stp_match); + } +--- a/extensions/ebt_ulog.c ++++ b/extensions/ebt_ulog.c +@@ -180,7 +180,7 @@ static struct ebt_u_watcher ulog_watcher + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_watcher(&ulog_watcher); + } +--- a/extensions/ebt_vlan.c ++++ b/extensions/ebt_vlan.c +@@ -181,7 +181,7 @@ static struct ebt_u_match vlan_match = { + .extra_ops = opts, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_match(&vlan_match); + } +--- a/extensions/ebtable_broute.c ++++ b/extensions/ebtable_broute.c +@@ -23,7 +23,7 @@ ebt_u_table table = + .help = print_help, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_table(&table); + } +--- a/extensions/ebtable_filter.c ++++ b/extensions/ebtable_filter.c +@@ -29,7 +29,7 @@ static struct ebt_u_table table = + .help = print_help, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_table(&table); + } +--- a/extensions/ebtable_nat.c ++++ b/extensions/ebtable_nat.c +@@ -30,7 +30,7 @@ ebt_u_table table = + .help = print_help, + }; + +-void _init(void) ++__attribute__((constructor)) static void extension_init(void) + { + ebt_register_table(&table); + } -- 2.30.2