From 521e17b13b1f39739fcffe76134a02c0580f1de3 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Fri, 24 May 2013 16:47:16 -0400
Subject: [PATCH] Attempt to detect PIE failure on Solaris 10 with GNU as and
 GNU ld where we can end up crashing due to malloc() failures.  Sems OK when
 Using Sun as and ld.

---
 aclocal.m4   | 17 +++++++++++++++++
 configure    | 36 ++++++++++++++++++++++++++++++++++--
 configure.in |  6 ++++--
 3 files changed, 55 insertions(+), 4 deletions(-)

diff --git a/aclocal.m4 b/aclocal.m4
index 6cc5a0ed0..e87c85265 100644
--- a/aclocal.m4
+++ b/aclocal.m4
@@ -170,6 +170,23 @@ rm -f core core.* *.core])
 AC_MSG_RESULT($sudo_cv_func_fnmatch)
 AS_IF([test $sudo_cv_func_fnmatch = yes], [$1], [$2])])
 
+dnl
+dnl Attempt to check for working PIE support.
+dnl This is a bit of a hack but on Solaris 10 with GNU ld and GNU as
+dnl we can end up with strange values from malloc().
+dnl A better check would be to verify that ASLR works with PIE.
+dnl
+AC_DEFUN([SUDO_WORKING_PIE],
+[AC_MSG_CHECKING([for working PIE support])
+AC_CACHE_VAL(sudo_cv_working_pie,
+[rm -f conftestdata; > conftestdata
+AC_TRY_RUN(AC_INCLUDES_DEFAULT([])
+[main() { char *p = malloc(1024); if (p == NULL) return 1; memset(p, 0, 1024); return 0; }], [sudo_cv_working_pie=yes], [sudo_cv_working_pie=no],
+  [sudo_cv_working_pie=no])
+rm -f core core.* *.core])
+AC_MSG_RESULT($sudo_cv_working_pie)
+AS_IF([test $sudo_cv_working_pie = yes], [$1], [$2])])
+
 dnl
 dnl check for isblank(3)
 dnl
diff --git a/configure b/configure
index 18878ef96..7f2440004 100755
--- a/configure
+++ b/configure
@@ -21091,8 +21091,40 @@ fi
 $as_echo "$ax_cv_check_ldflags___pie" >&6; }
 if test x"$ax_cv_check_ldflags___pie" = xyes; then :
 
-		PIE_CFLAGS="-fPIE"
-		PIE_LDFLAGS="-Wc,-fPIE -pie"
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for working PIE support" >&5
+$as_echo_n "checking for working PIE support... " >&6; }
+if ${sudo_cv_working_pie+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  rm -f conftestdata; > conftestdata
+if test "$cross_compiling" = yes; then :
+  sudo_cv_working_pie=no
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$ac_includes_default
+main() { char *p = malloc(1024); if (p == NULL) return 1; memset(p, 0, 1024); return 0; }
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  sudo_cv_working_pie=yes
+else
+  sudo_cv_working_pie=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+rm -f core core.* *.core
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $sudo_cv_working_pie" >&5
+$as_echo "$sudo_cv_working_pie" >&6; }
+if test $sudo_cv_working_pie = yes; then :
+
+		    PIE_CFLAGS="-fPIE"
+		    PIE_LDFLAGS="-Wc,-fPIE -pie"
+
+fi
 
 else
   :
diff --git a/configure.in b/configure.in
index e133f3306..0cde2c3bf 100644
--- a/configure.in
+++ b/configure.in
@@ -3447,8 +3447,10 @@ if test -n "$GCC"; then
 	    _CFLAGS="$CFLAGS"
 	    CFLAGS="$CFLAGS -fPIE"
 	    AX_CHECK_LINK_FLAG([-pie], [
-		PIE_CFLAGS="-fPIE"
-		PIE_LDFLAGS="-Wc,-fPIE -pie"
+		SUDO_WORKING_PIE([
+		    PIE_CFLAGS="-fPIE"
+		    PIE_LDFLAGS="-Wc,-fPIE -pie"
+		], [])
 	    ])
 	    CFLAGS="$_CFLAGS"
 	])
-- 
2.49.0