From: pascal <pascal@openbsd.org>
Date: Thu, 22 Oct 2015 14:53:00 +0000 (+0000)
Subject: Add pledge(2) to some binutils that handle untrusted data.  Most can do with
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=c1f838d9e76e0a1f34f7e2784d8627328f33dd46;p=openbsd

Add pledge(2) to some binutils that handle untrusted data.  Most can do with
"stdio rpath", while objdump(1) also needs "tmppath" for objdump -i.

ok deraadt@, comments sthen@ kettenis@
---

diff --git a/gnu/usr.bin/binutils-2.17/binutils/addr2line.c b/gnu/usr.bin/binutils-2.17/binutils/addr2line.c
index 7cd67bc0a1b..47367093140 100644
--- a/gnu/usr.bin/binutils-2.17/binutils/addr2line.c
+++ b/gnu/usr.bin/binutils-2.17/binutils/addr2line.c
@@ -331,6 +331,9 @@ main (int argc, char **argv)
   bindtextdomain (PACKAGE, LOCALEDIR);
   textdomain (PACKAGE);
 
+  if (pledge ("stdio rpath", NULL) == -1)
+    fatal (_("Failed to pledge"));
+
   program_name = *argv;
   xmalloc_set_program_name (program_name);
 
diff --git a/gnu/usr.bin/binutils-2.17/binutils/objdump.c b/gnu/usr.bin/binutils-2.17/binutils/objdump.c
index 6e5eab56da2..bcd1a20a299 100644
--- a/gnu/usr.bin/binutils-2.17/binutils/objdump.c
+++ b/gnu/usr.bin/binutils-2.17/binutils/objdump.c
@@ -2962,6 +2962,9 @@ main (int argc, char **argv)
   bindtextdomain (PACKAGE, LOCALEDIR);
   textdomain (PACKAGE);
 
+  if (pledge ("stdio rpath tmppath", NULL) == -1)
+    fatal (_("Failed to pledge"));
+
   program_name = *argv;
   xmalloc_set_program_name (program_name);
 
diff --git a/gnu/usr.bin/binutils-2.17/binutils/readelf.c b/gnu/usr.bin/binutils-2.17/binutils/readelf.c
index 3b2b15bd6dc..fa3ce65cfef 100644
--- a/gnu/usr.bin/binutils-2.17/binutils/readelf.c
+++ b/gnu/usr.bin/binutils-2.17/binutils/readelf.c
@@ -9357,6 +9357,11 @@ main (int argc, char **argv)
 
   parse_args (argc, argv);
 
+  if (pledge ("stdio rpath", NULL) == -1) {
+    error (_("Failed to pledge\n"));
+    return 1;
+  }
+
   if (num_dump_sects > 0)
     {
       /* Make a copy of the dump_sects array.  */
diff --git a/gnu/usr.bin/binutils-2.17/binutils/strings.c b/gnu/usr.bin/binutils-2.17/binutils/strings.c
index a04cb581eae..ede1bd59dd4 100644
--- a/gnu/usr.bin/binutils-2.17/binutils/strings.c
+++ b/gnu/usr.bin/binutils-2.17/binutils/strings.c
@@ -183,6 +183,9 @@ main (int argc, char **argv)
   bindtextdomain (PACKAGE, LOCALEDIR);
   textdomain (PACKAGE);
 
+  if (pledge ("stdio rpath", NULL) == -1)
+    fatal (_("Failed to pledge"));
+
   program_name = argv[0];
   xmalloc_set_program_name (program_name);