[COMMITTED] Prepare for 0.176

[COMMITTED] Prepare for 0.176

[Mark Wielaard]

Set version to 0.176.
Update NEWS and elfutils.spec.in.
Update GPG-KEY.
Regenerate po/*.po files.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 ChangeLog               |   7 ++
 GPG-KEY                 | 141 ++++++++++++++++++++------
 NEWS                    |  10 ++
 config/ChangeLog        |   4 +
 config/elfutils.spec.in |   7 ++
 configure.ac            |   2 +-
 po/ChangeLog            |   4 +
 po/de.po                | 264 ++++++++++++++++++++++++------------------------
 po/es.po                | 264 ++++++++++++++++++++++++------------------------
 po/ja.po                | 264 ++++++++++++++++++++++++------------------------
 po/pl.po                | 264 ++++++++++++++++++++++++------------------------
 po/uk.po                | 264 ++++++++++++++++++++++++------------------------
 12 files changed, 804 insertions(+), 691 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 148ce77..5c45ccc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2019-02-14  Mark Wielaard  <mark@klomp.org>
+
+	* configure.ac: Set version to 0.176.
+	* NEWS: Mention riscv backend updates, new --enable-install-elfh
+	configure flag and fixed CVEs.
+	* GPG-KEY: Update.
+
 2019-01-18  Mark Wielaard  <mark@klomp.org>
 
 	* configure.ac: Add new --enable-install-elfh.
diff --git a/NEWS b/NEWS
index 95fbac0..5a06047 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,13 @@
+Version 0.176
+
+build: Add new --enable-install-elfh option.
+       Do NOT use this for system installs (it overrides glibc elf.h).
+
+backends: riscv improved core file and return value location support.
+
+Fixes CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7150,
+      CVE-2019-7664, CVE-2019-7665
+
 Version 0.175
 
 readelf: Handle mutliple .debug_macro sections.
diff --git a/config/ChangeLog b/config/ChangeLog
index 40d6f85..f956780 100644
--- a/config/ChangeLog
+++ b/config/ChangeLog
@@ -1,3 +1,7 @@
+2019-02-14  Mark Wielaard  <mark@klomp.org>
+
+	* elfutils.spec.in: Update for 0.176.
+
 2018-11-19  Mark Wielaard  <mark@klomp.org>
 
 	* eu.am (AM_CFLAGS): Add -Wtrampolines.
diff --git a/config/elfutils.spec.in b/config/elfutils.spec.in
index e2fb0e4..794cbaf 100644
--- a/config/elfutils.spec.in
+++ b/config/elfutils.spec.in
@@ -227,6 +227,13 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_sysctldir}/10-default-yama-scope.conf
 
 %changelog
+* Thu Feb 14 2019 Mark Wielaard <mark@klomp.org> 0.176-1
+- build: Add new --enable-install-elfh option.
+  Do NOT use this for system installs (it overrides glibc elf.h).
+- backends: riscv improved core file and return value location support.
+- Fixes CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7150,
+        CVE-2019-7664, CVE-2019-7665.
+
 * Wed Nov 14 2018 Mark Wielaard <mark@klomp.org> 0.175-1
 - readelf: Handle mutliple .debug_macro sections.
   Recognize and parse GNU Property notes, NT_VERSION notes and
diff --git a/configure.ac b/configure.ac
index 7d4e69d..b4e012d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -17,7 +17,7 @@ dnl  GNU General Public License for more details.
 dnl
 dnl  You should have received a copy of the GNU General Public License
 dnl  along with this program.  If not, see <http://www.gnu.org/licenses/>.
-AC_INIT([elfutils],[0.175],[https://sourceware.org/bugzilla],[elfutils],[http://elfutils.org/])
+AC_INIT([elfutils],[0.176],[https://sourceware.org/bugzilla],[elfutils],[http://elfutils.org/])
 
 dnl Workaround for older autoconf < 2.64
 m4_ifndef([AC_PACKAGE_URL],
diff --git a/po/ChangeLog b/po/ChangeLog
index 8f318aa..2afb9b7 100644
--- a/po/ChangeLog
+++ b/po/ChangeLog
@@ -1,3 +1,7 @@
+2019-02-14  Mark Wielaard  <mark@klomp.org>
+
+	* *.po: Update for 0.176.
+
 2018-06-11  Mark Wielaard  <mark@klomp.org>
 
 	* *.po: Update for 0.172.
 
-- 
1.8.3.1

Re: [COMMITTED] Prepare for 0.176

[Martin Liška]

Hi.

I see 2 tests failing for s390x:
https://build.opensuse.org/package/live_build_log/home:marxin:branches:Base:System/elfutils/openSUSE_Factory_zSystems/s390x

[  269s] ==========================================
[  269s]    elfutils 0.176: tests/test-suite.log
[  269s] ==========================================
[  269s]
[  269s] # TOTAL: 205
[  269s] # PASS:  196
[  269s] # SKIP:  7
[  269s] # XFAIL: 0
[  269s] # FAIL:  2
[  269s] # XPASS: 0
[  269s] # ERROR: 0
[  269s]
[  269s] .. contents:: :depth: 2
[  269s]
[  269s] FAIL: run-strip-strmerge.sh
[  269s] ===========================
[  269s]
[  269s] elflint /home/abuild/rpmbuild/BUILD/elfutils-0.176/tests/elfstrmerge
[  269s] section [34] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0x5fb8 does not match .got.plt section address 0x6000
[  269s] FAIL run-strip-strmerge.sh (exit status: 1)
[  269s]
[  269s] FAIL: run-elflint-self.sh
[  269s] =========================
[  269s]
[  269s] section [35] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0x6fb0 does not match .got.plt section address 0x7000
[  269s] *** failure in /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/elflint --quiet --gnu-ld /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/addr2line
[  269s] section [35] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0x9fb0 does not match .got.plt section address 0xa000
[  269s] *** failure in /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/elflint --quiet --gnu-ld /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/elfcmp
[  269s] section [35] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0xaf48 does not match .got.plt section address 0xb000
[  269s] *** failure in /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/elflint --quiet --gnu-ld /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/objdump
[  269s] section [35] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0x3ff90 does not match .got.plt section address 0x40000
[  269s] *** failure in /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/elflint --quiet --gnu-ld /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/readelf
[  269s] section [35] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0x1afb8 does not match .got.plt section address 0x1b000
[  269s] *** failure in /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/elflint --quiet --gnu-ld /home/abuild/rpmbuild/BUILD/elfutils-0.176/libelf/libelf.so
[  269s] section [35] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0x56f88 does not match .got.plt section address 0x57000
[  269s] *** failure in /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/elflint --quiet --gnu-ld /home/abuild/rpmbuild/BUILD/elfutils-0.176/libdw/libdw.so
[  269s] section [34] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0xef38 does not match .got.plt section address 0xf000
[  269s] *** failure in /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/elflint --quiet --gnu-ld /home/abuild/rpmbuild/BUILD/elfutils-0.176/backends/libebl_i386.so
[  269s] section [34] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0xff40 does not match .got.plt section address 0x10000
[  269s] *** failure in /home/abuild/rpmbuild/BUILD/elfutils-0.176/src/elflint --quiet --gnu-ld /home/abuild/rpmbuild/BUILD/elfutils-0.176/backends/libebl_x86_64.so
[  269s] FAIL run-elflint-self.sh (exit status: 1)

Thanks,
Martin

Re: [COMMITTED] Prepare for 0.176

[Mark Wielaard]

On Thu, 2019-02-14 at 20:51 +0100, Martin Liška wrote:
> I see 2 tests failing for s390x:
> 
https://build.opensuse.org/package/live_build_log/home:marxin:branches:Base:System/elfutils/openSUSE_Factory_zSystems/s390x
> 

So those are basically the same issue:

> [  269s] elflint /home/abuild/rpmbuild/BUILD/elfutils-0.176/tests/elfstrmerge
> [  269s] section [34] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0x5fb8 does not match .got.plt section address 0x6000

First, is that correct?
Could you provide that binary?

Secondly, when did this start happening?
Did you change linker/version?

It might be this binutils commit:
https://sourceware.org/ml/binutils/2018-07/msg00200.html

Which isn't in binutils-2.29 which is used on the s390x fedora builder.
On which this test passes.

If so, you might have to add a check_special_symbol hook like aarch64
has (see backends/aarch64_symbol.c).

Cheers,

Mark

Re: [COMMITTED] Prepare for 0.176

[Martin Liška]

[-- Attachment #1: Type: text/plain, Size: 1179 bytes --]

On 2/14/19 9:37 PM, Mark Wielaard wrote:
> On Thu, 2019-02-14 at 20:51 +0100, Martin Liška wrote:
>> I see 2 tests failing for s390x:
>>
> https://build.opensuse.org/package/live_build_log/home:marxin:branches:Base:System/elfutils/openSUSE_Factory_zSystems/s390x
>>
> 
> So those are basically the same issue:
> 
>> [  269s] elflint /home/abuild/rpmbuild/BUILD/elfutils-0.176/tests/elfstrmerge
>> [  269s] section [34] '.symtab': _GLOBAL_OFFSET_TABLE_ symbol value 0x5fb8 does not match .got.plt section address 0x6000
> 
> First, is that correct?
> Could you provide that binary?

Hi.

Attached.

> 
> Secondly, when did this start happening?
> Did you change linker/version?

I can confirm it's older, I see in on elfutils-0.175 with binutils 2.31.

> 
> It might be this binutils commit:
> https://sourceware.org/ml/binutils/2018-07/msg00200.html
> 
> Which isn't in binutils-2.29 which is used on the s390x fedora builder.
> On which this test passes.
> 
> If so, you might have to add a check_special_symbol hook like aarch64
> has (see backends/aarch64_symbol.c).

Please let me know and we can eventually create a PR for it.

Thanks,
Martin

> 
> Cheers,
> 
> Mark
> 


[-- Attachment #2: elfstrmerge --]
[-- Type: application/octet-stream, Size: 65616 bytes --]

Re: [COMMITTED] Prepare for 0.176

[Mark Wielaard]

[-- Attachment #1: Type: text/plain, Size: 598 bytes --]

On Fri, 2019-02-15 at 09:42 +0100, Martin Liška wrote:
> > It might be this binutils commit:
> > https://sourceware.org/ml/binutils/2018-07/msg00200.html
> > 
> > Which isn't in binutils-2.29 which is used on the s390x fedora
> > builder.
> > On which this test passes.
> > 
> > If so, you might have to add a check_special_symbol hook like
> > aarch64
> > has (see backends/aarch64_symbol.c).
> 
> Please let me know and we can eventually create a PR for it.

It looks like that was it. Could you try the attached patch?
I'll run it on some older s390x setups.

Thanks,

Mark

[-- Attachment #2: 0001-s390-elflint-should-check-if-_GLOBAL_OFFSET_TABLE_-p.patch --]
[-- Type: text/x-patch, Size: 3130 bytes --]

From 1e52d4ce3aa2093d12901d32fe07aae70211fe2a Mon Sep 17 00:00:00 2001
From: Mark Wielaard <mark@klomp.org>
Date: Fri, 15 Feb 2019 14:39:57 +0100
Subject: [PATCH] s390: elflint should check if _GLOBAL_OFFSET_TABLE_ points to
 .got.

The _GLOBAL_OFFSET_TABLE_ symbol might point to the DT_PLTGOT,
which is in the .got section, even if the symbol itself is
associated with the .got.plt section.

See https://sourceware.org/ml/binutils/2018-07/msg00200.html

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 backends/ChangeLog     |  5 +++++
 backends/s390_init.c   |  1 +
 backends/s390_symbol.c | 38 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 44 insertions(+)

diff --git a/backends/ChangeLog b/backends/ChangeLog
index 58a1b77..0c61a0b 100644
--- a/backends/ChangeLog
+++ b/backends/ChangeLog
@@ -1,3 +1,8 @@
+2019-02-15  Mark Wielaard  <mark@klomp.org>
+
+	* s390_init.c (s390_init): Hook check_special_symbol.
+	* s390_symbol.c (s390_check_sepcial_symbol): New function.
+
 2018-12-27  Jim Wilson  <jimw@sifive.com>
 
 	* Makefile.am (riscv_SRCS): Add riscv64_corenote.c.
diff --git a/backends/s390_init.c b/backends/s390_init.c
index ba8df45..0004aee 100644
--- a/backends/s390_init.c
+++ b/backends/s390_init.c
@@ -54,6 +54,7 @@ s390_init (Elf *elf __attribute__ ((unused)),
   eh->name = "IBM S/390";
   s390_init_reloc (eh);
   HOOK (eh, reloc_simple_type);
+  HOOK (eh, check_special_symbol);
   HOOK (eh, register_info);
   HOOK (eh, return_value_location);
   if (eh->class == ELFCLASS64)
diff --git a/backends/s390_symbol.c b/backends/s390_symbol.c
index f91e137..9e80eca 100644
--- a/backends/s390_symbol.c
+++ b/backends/s390_symbol.c
@@ -32,6 +32,7 @@
 
 #include <elf.h>
 #include <stddef.h>
+#include <string.h>
 
 #define BACKEND		s390_
 #include "libebl_CPU.h"
@@ -55,3 +56,40 @@ s390_reloc_simple_type (Ebl *ebl __attribute__ ((unused)), int type,
       return ELF_T_NUM;
     }
 }
+
+/* The _GLOBAL_OFFSET_TABLE_ symbol might point to the DT_PLTGOT,
+   which is in the .got section, even if the symbol itself is
+   associated with the is a .got.plt section.
+   https://sourceware.org/ml/binutils/2018-07/msg00200.html  */
+bool
+s390_check_special_symbol (Elf *elf, const GElf_Sym *sym,
+                              const char *name, const GElf_Shdr *destshdr)
+{
+  if (name != NULL
+      && strcmp (name, "_GLOBAL_OFFSET_TABLE_") == 0)
+    {
+      size_t shstrndx;
+      if (elf_getshdrstrndx (elf, &shstrndx) != 0)
+	return false;
+      const char *sname = elf_strptr (elf, shstrndx, destshdr->sh_name);
+      if (sname != NULL
+	  && (strcmp (sname, ".got") == 0 || strcmp (sname, ".got.plt") == 0))
+	{
+	  Elf_Scn *scn = NULL;
+	  while ((scn = elf_nextscn (elf, scn)) != NULL)
+	    {
+	      GElf_Shdr shdr_mem;
+	      GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_mem);
+	      if (shdr != NULL)
+		{
+		  sname = elf_strptr (elf, shstrndx, shdr->sh_name);
+		  if (sname != NULL && strcmp (sname, ".got") == 0)
+		    return (sym->st_value >= shdr->sh_addr
+			    && sym->st_value < shdr->sh_addr + shdr->sh_size);
+		}
+	    }
+	}
+    }
+
+  return false;
+}
-- 
1.8.3.1

Re: [COMMITTED] Prepare for 0.176

[Mark Wielaard]

On Fri, 2019-02-15 at 14:43 +0100, Mark Wielaard wrote:
> On Fri, 2019-02-15 at 09:42 +0100, Martin Liška wrote:
> > > It might be this binutils commit:
> > > https://sourceware.org/ml/binutils/2018-07/msg00200.html
> > > 
> > > Which isn't in binutils-2.29 which is used on the s390x fedora
> > > builder.
> > > On which this test passes.
> > > 
> > > If so, you might have to add a check_special_symbol hook like
> > > aarch64
> > > has (see backends/aarch64_symbol.c).
> > 
> > Please let me know and we can eventually create a PR for it.
> 
> It looks like that was it. Could you try the attached patch?
> I'll run it on some older s390x setups.

This seemed to work out nicely. Both on an older binutils setup and a
newer one. So I have pushed the commit. If the buildbot keeps being
green I'll do a release soon.

Thanks,

Mark