--- gcc-3.3.2-r4.ebuild 2003-12-14 09:24:28.000000000 -0500 +++ gcc-3.3.2-r5.ebuild 2003-12-25 18:39:52.000000000 -0500 @@ -50,7 +50,7 @@ STDCXX_INCDIR="${LIBPATH}/include/g++-v$ # ProPolice version PP_VER="3_3" -PP_FVER="${PP_VER//_/.}-5" +PP_FVER="${PP_VER//_/.}-7" # Patch tarball support ... #PATCH_VER="1.0" @@ -236,41 +236,6 @@ src_unpack() { version_patch ${FILESDIR}/3.3.2/gcc332-gentoo-branding.patch \ "${BRANCH_UPDATE} (Gentoo Linux ${PVR}, propolice)" \ || die "Failed Branding" - - # check for the glibc to have the guard - if [ "$(readelf -s /lib/libc.so.6 | grep GLOBAL | grep OBJECT | grep '__guard')" ] && - [ "$(readelf -s /lib/libc.so.6 | grep GLOBAL | grep FUNC | grep '__stack_smash_handler')" ] - then - ewarn "This sys-libs/glibc has __guard object and __stack_smash_handler functions" - ewarn "scanning the system for binaries with __guard - this may take 5-10 minutes" - ewarn "Please do not press crtl-C or crtl-Z during this period - it will continue" - SCANPATH="$(for i in $(cat /etc/ld.so.conf | grep -v '/usr/lib/gcc-lib' | grep -v '^\#'); do echo -n $i; echo -n ' '; done) $(echo ${PATH} | sed 's,:, ,g')" - if [ "$(find ${SCANPATH} -type f -perm -1 -maxdepth 9 -exec readelf -s {} \; 2>&1 | grep "__guard\@GCC" 2>&1 1>/dev/null; echo $?)" == "0" ] - then - echo - eerror "Found binaries that are dynamically linked to the libgcc with __guard@@GCC" - eerror "You need to compile these binaries without CFLAGS -fstack-protector/hcc -r" - echo - eerror "Also, you have to make sure that using ccache needs the cache to be flushed" - eerror "wipe out /var/tmp/ccache or /root/.ccache. This will remove possible saved" - eerror "-fstack-protector arguments that still may reside in such a compiler cache" - echo - eerror "When such binaries are found, gcc cannot remove libgcc propolice functions" - eerror "leading to gcc -static -fstack-protector breaking, see gentoo bug id 25299" - einfo "You can run 'qpkg -f' from the gentoolkit package and reemerge the program" - einfo "To do a full scan on your system, enter this following command in a shell:" - echo - einfo "find / -type f -perm -1 -maxdepth 9 -exec echo -n '__guard at GCC check in: {} ' \; -exec qpkg -f {} \; -exec readelf -s {} \; 2>&1 | grep __guard | grep -B1 '__guard\@GCC'" - echo - exit 1 - else - echo - einfo "No binaries with suspicious libgcc __guard@GCC dependencies in ${SCANPATH}" - echo - epatch ${FILESDIR}/3.2.3/gcc-3.2.3-move-propolice-into-glibc.patch - fi - fi - # end of check for the glibc to have the guard fi # Install our pre generated manpages if we do not have perl ... @@ -283,6 +248,9 @@ src_unpack() { cp -a ${S}/libstdc++-v3/config/cpu/i{4,3}86/atomicity.h cd ${S}; ./contrib/gcc_update --touch &> /dev/null + + # after all patching we add the final ssp branding -solar@gentoo + sed -i -e s:"propolice)":"ssp-${PP_FVER})":g gcc/version.c } src_compile() { @@ -333,6 +301,41 @@ src_compile() { myconf="${myconf} --disable-multilib" fi + # check for the glibc to have the guard + if [ "$(readelf -s /lib/libc.so.6 | grep GLOBAL | grep OBJECT | grep '__guard')" ] && + [ "$(readelf -s /lib/libc.so.6 | grep GLOBAL | grep FUNC | grep '__stack_smash_handler')" ] + then + ewarn "This sys-libs/glibc has __guard object and __stack_smash_handler functions" + ewarn "scanning the system for binaries with __guard - this may take 5-10 minutes" + ewarn "Please do not press crtl-C or crtl-Z during this period - it will continue" + SCANPATH="$(for i in $(cat /etc/ld.so.conf | grep -v '/usr/lib/gcc-lib' | grep -v '^\#'); do echo -n $i; echo -n ' '; done) $(echo ${PATH} | sed 's,:, ,g')" + if [ "$(find ${SCANPATH} -type f -perm -1 -maxdepth 9 -exec readelf -s {} \; 2>&1 | grep "__guard\@GCC" 2>&1 1>/dev/null; echo $?)" == "0" ] + then + echo + eerror "Found binaries that are dynamically linked to the libgcc with __guard@@GCC" + eerror "You need to compile these binaries without CFLAGS -fstack-protector/hcc -r" + echo + eerror "Also, you have to make sure that using ccache needs the cache to be flushed" + eerror "wipe out /var/tmp/ccache or /root/.ccache. This will remove possible saved" + eerror "-fstack-protector arguments that still may reside in such a compiler cache" + echo + eerror "When such binaries are found, gcc cannot remove libgcc propolice functions" + eerror "leading to gcc -static -fstack-protector breaking, see gentoo bug id 25299" + einfo "You can run 'qpkg -f' from the gentoolkit package and reemerge the program" + einfo "To do a full scan on your system, enter this following command in a shell:" + echo + einfo "find / -type f -perm -1 -maxdepth 9 -exec echo -n '__guard at GCC check in: {} ' \; -exec qpkg -f {} \; -exec readelf -s {} \; 2>&1 | grep __guard | grep -B1 '__guard\@GCC'" + echo + exit 1 + else + echo + einfo "No binaries with suspicious libgcc __guard@GCC dependencies in ${SCANPATH}" + echo + CFLAGS="${CFLAGS} -D_LIBC_PROVIDES_SSP_" + fi + fi + # end of check for the glibc to have the guard + # Fix linking problem with c++ apps which where linkedi # agains a 3.2.2 libgcc [ "${ARCH}" = "hppa" ] && myconf="${myconf} --enable-sjlj-exceptions"