From 0b1e027b12ae755d22b030b29066222b24b6a4cb Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 15 May 2015 15:48:24 -0600 Subject: [PATCH] Force flat namespace on darwin to make the getenv() hooking work as it does on ELF. --- configure | 41 +++++++++++++++++++++++++++++++++++++++++ configure.ac | 5 +++++ src/Makefile.in | 3 ++- 3 files changed, 48 insertions(+), 1 deletion(-) diff --git a/configure b/configure index 6fb5e4991..2d98bac5d 100755 --- a/configure +++ b/configure @@ -792,6 +792,7 @@ LT_LDFLAGS ZLIB_LDFLAGS LIBUTIL_LDFLAGS SUDOERS_LDFLAGS +SUDO_LDFLAGS LDFLAGS CPPFLAGS PROGS @@ -2843,6 +2844,7 @@ $as_echo "$as_me: Configuring Sudo version $PACKAGE_VERSION" >&6;} + # @@ -15213,6 +15215,45 @@ done fi RTLD_PRELOAD_VAR="DYLD_INSERT_LIBRARIES" + # We need to force a flat namespace to make libc + # symbol hooking work like it does on ELF. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Wl,-force_flat_namespace" >&5 +$as_echo_n "checking whether the linker accepts -Wl,-force_flat_namespace... " >&6; } +if ${ax_cv_check_ldflags___Wl__force_flat_namespace+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -Wl,-force_flat_namespace" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___Wl__force_flat_namespace=yes +else + ax_cv_check_ldflags___Wl__force_flat_namespace=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___Wl__force_flat_namespace" >&5 +$as_echo "$ax_cv_check_ldflags___Wl__force_flat_namespace" >&6; } +if test x"$ax_cv_check_ldflags___Wl__force_flat_namespace" = xyes; then : + SUDO_LDFLAGS="${SUDO_LDFLAGS}${SUDO_LDFLAGS+ }-Wl,-force_flat_namespace" +else + : +fi + + # Examples go in share/examples/sudo if test X"$with_exampledir" = X""; then exampledir='$(datarootdir)/examples/$(PACKAGE_TARNAME)' diff --git a/configure.ac b/configure.ac index d2be85ef9..7ee0ee444 100644 --- a/configure.ac +++ b/configure.ac @@ -20,6 +20,7 @@ AC_SUBST([CFLAGS]) AC_SUBST([PROGS]) AC_SUBST([CPPFLAGS]) AC_SUBST([LDFLAGS]) +AC_SUBST([SUDO_LDFLAGS]) AC_SUBST([SUDOERS_LDFLAGS]) AC_SUBST([LIBUTIL_LDFLAGS]) AC_SUBST([ZLIB_LDFLAGS]) @@ -2110,6 +2111,10 @@ case "$host" in fi RTLD_PRELOAD_VAR="DYLD_INSERT_LIBRARIES" + # We need to force a flat namespace to make libc + # symbol hooking work like it does on ELF. + AX_CHECK_LINK_FLAG([-Wl,-force_flat_namespace], [SUDO_LDFLAGS="${SUDO_LDFLAGS}${SUDO_LDFLAGS+ }-Wl,-force_flat_namespace"]) + # Examples go in share/examples/sudo if test X"$with_exampledir" = X""; then exampledir='$(datarootdir)/examples/$(PACKAGE_TARNAME)' diff --git a/src/Makefile.in b/src/Makefile.in index ea4f562b9..e5eca3f70 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -48,6 +48,7 @@ CFLAGS = @CFLAGS@ # Flags to pass to the link stage LDFLAGS = @LDFLAGS@ +SUDO_LDFLAGS = $(LDFLAGS) @SUDO_LDFLAGS@ LT_LDFLAGS = @LT_LDFLAGS@ # PIE flags @@ -130,7 +131,7 @@ Makefile: $(srcdir)/Makefile.in $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< sudo: $(OBJS) $(LT_LIBS) @STATIC_SUDOERS@ - $(LIBTOOL) --mode=link $(CC) -o $@ $(OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @STATIC_SUDOERS@ + $(LIBTOOL) --mode=link $(CC) -o $@ $(OBJS) $(SUDO_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @STATIC_SUDOERS@ sudo_noexec.la: sudo_noexec.lo $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) $(LT_LDFLAGS) $(SSP_LDFLAGS) -o $@ sudo_noexec.lo -module -avoid-version -rpath $(noexecdir) -shrext .so -- 2.40.0