Bug#493678: libtheora0: Code not built with -fpic or -fPIC

Russell Coker russell at coker.com.au
Mon Aug 4 05:41:57 UTC 2008

Package: libtheora0
Version: 1.0~beta3-1
Severity: important


The above URL has background information on the execmod denial from SE

The following command shows that some parts of the library have not been
comiled with -fpic or -fPIC, I believe that this will prevent it from
working on some architectures (it's also a minor security problem - and
it prevents using the library on SE Linux systems).

# eu-findtextrel /usr/lib/libtheora.so.0.3.3 |uniq
either the file containing the function 'theora_decode_init' or the file
containing the function 'theora_encode_header' is not compiled with

Below I have a cc command taken from the library build process, a simple
cc command to create a shared object, and a run of eu-findtextrel to
demonstrate that the problem is in the source file in question (it seems
that running against the entire shared object doesn't identify the right
function as the source of the problem):

cc -DHAVE_CONFIG_H -I. -I.. -I../include -I../lib -I../lib/dec \
-I../lib/enc -Wall -Wno-parentheses -O3 -fforce-addr \
-fomit-frame-pointer -finline-functions -funroll-loops -g -O2 -g -Wall \
-O2 -c enc/x86_32/dct_decode_mmx.c  -fPIC -fpic -DPIC -o \
cc -shared .libs/dct_decode_mmx.o -o t.so
eu-findtextrel t.so
enc/x86_32/dct_decode_mmx.c not compiled with -fpic/-fPIC

So it seems that assembly code in enc/x86_32/dct_decode_mmx.c is
responsible.  It would be ideal if this code could be fixed in time for

More information about the pkg-xiph-maint mailing list