toolchain: make paranoid check of library/header paths unconditional
When we introduced support for the paranoid check of unsafe libraries and headers path with commit2023.02.x4ac8f78d37(Add option for paranoid unsafe path checking) back in 2014, we made it optional, as we expected that would break quite a few packages. Now, almost 8 years later, we only have three packages that explicitly reference the option (dillo, gnuradio, and libtalloc), either in a patch or in their .mk. The option has been enabled by default since 2016, with61c8854cef(toolchain: enable paranoid unsafe path check by default), and that has not triggered many build failures in a while. The minimal defconfig used by test-pkg has also had it enabled as ofb6c98b3549(minimal.config: add BR2_COMPILER_PARANOID_UNSAFE_PATH=y) in 2017. It is time to make that globally unconditional now. There is still a remnant, in our binutils patches. As our toolchain may get used outside of Buildroot, people may got the expectation that path poisoning is only a warning, so we keep the current behaviour. Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Cc: Romain Naour <romain.naour@gmail.com> Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann E. MORIN
parent
d4ecefa3cc
commit
93e7fc3e53
18
Config.in
18
Config.in
|
|
@ -685,24 +685,6 @@ config BR2_GLOBAL_PATCH_DIR
|
|||
|
||||
menu "Advanced"
|
||||
|
||||
config BR2_COMPILER_PARANOID_UNSAFE_PATH
|
||||
bool "paranoid check of library/header paths"
|
||||
default y
|
||||
help
|
||||
By default, when this option is disabled, when the Buildroot
|
||||
cross-compiler will encounter an unsafe library or header path
|
||||
(such as /usr/include, or /usr/lib), the compiler will display
|
||||
a warning.
|
||||
|
||||
By enabling this option, this warning is turned into an error,
|
||||
which will completely abort the build when such unsafe paths
|
||||
are encountered.
|
||||
|
||||
Note that this mechanism is available for both the internal
|
||||
toolchain (through the toolchain wrapper and binutils patches)
|
||||
and external toolchain backends (through the toolchain
|
||||
wrapper).
|
||||
|
||||
config BR2_FORCE_HOST_BUILD
|
||||
bool "Force the building of host dependencies"
|
||||
help
|
||||
|
|
|
|||
|
|
@ -426,9 +426,8 @@ else ifeq ($(BR2_SHARED_STATIC_LIBS),y)
|
|||
SHARED_STATIC_LIBS_OPTS = --enable-static --enable-shared
|
||||
endif
|
||||
|
||||
ifeq ($(BR2_COMPILER_PARANOID_UNSAFE_PATH),y)
|
||||
# Used by our binutils patches.
|
||||
export BR_COMPILER_PARANOID_UNSAFE_PATH=enabled
|
||||
endif
|
||||
|
||||
include package/pkg-download.mk
|
||||
include package/pkg-autotools.mk
|
||||
|
|
|
|||
|
|
@ -4,5 +4,4 @@ BR2_INIT_NONE=y
|
|||
BR2_SYSTEM_BIN_SH_NONE=y
|
||||
# BR2_PACKAGE_BUSYBOX is not set
|
||||
# BR2_TARGET_ROOTFS_TAR is not set
|
||||
BR2_COMPILER_PARANOID_UNSAFE_PATH=y
|
||||
BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y
|
||||
|
|
|
|||
|
|
@ -154,12 +154,9 @@ static const struct str_len_s unsafe_opts[] = {
|
|||
* or separated (e.g. -I /foo/bar). In the first case, we need only print
|
||||
* the argument as it already contains the path (arg_has_path), while in
|
||||
* the second case we need to print both (!arg_has_path).
|
||||
*
|
||||
* If paranoid, exit in error instead of just printing a warning.
|
||||
*/
|
||||
static void check_unsafe_path(const char *arg,
|
||||
const char *path,
|
||||
int paranoid,
|
||||
int arg_has_path)
|
||||
{
|
||||
const struct str_len_s *p;
|
||||
|
|
@ -168,14 +165,12 @@ static void check_unsafe_path(const char *arg,
|
|||
if (strncmp(path, p->str, p->len))
|
||||
continue;
|
||||
fprintf(stderr,
|
||||
"%s: %s: unsafe header/library path used in cross-compilation: '%s%s%s'\n",
|
||||
"%s: ERROR: unsafe header/library path used in cross-compilation: '%s%s%s'\n",
|
||||
program_invocation_short_name,
|
||||
paranoid ? "ERROR" : "WARNING",
|
||||
arg,
|
||||
arg_has_path ? "" : "' '", /* close single-quote, space, open single-quote */
|
||||
arg_has_path ? "" : path); /* so that arg and path are properly quoted. */
|
||||
if (paranoid)
|
||||
exit(1);
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -250,8 +245,6 @@ int main(int argc, char **argv)
|
|||
char *progpath = argv[0];
|
||||
char *basename;
|
||||
char *env_debug;
|
||||
char *paranoid_wrapper;
|
||||
int paranoid;
|
||||
int ret, i, count = 0, debug = 0, found_shared = 0;
|
||||
|
||||
/* Debug the wrapper to see arguments it was called with.
|
||||
|
|
@ -470,12 +463,6 @@ int main(int argc, char **argv)
|
|||
#endif
|
||||
}
|
||||
|
||||
paranoid_wrapper = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH");
|
||||
if (paranoid_wrapper && strlen(paranoid_wrapper) > 0)
|
||||
paranoid = 1;
|
||||
else
|
||||
paranoid = 0;
|
||||
|
||||
/* Check for unsafe library and header paths */
|
||||
for (i = 1; i < argc; i++) {
|
||||
const struct str_len_s *opt;
|
||||
|
|
@ -492,9 +479,9 @@ int main(int argc, char **argv)
|
|||
i++;
|
||||
if (i == argc)
|
||||
break;
|
||||
check_unsafe_path(argv[i-1], argv[i], paranoid, 0);
|
||||
check_unsafe_path(argv[i-1], argv[i], 0);
|
||||
} else
|
||||
check_unsafe_path(argv[i], argv[i] + opt->len, paranoid, 1);
|
||||
check_unsafe_path(argv[i], argv[i] + opt->len, 1);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue