Bug#493678: libtheora0: Code not built with -fpic or -fPIC
Russell Coker
russell at coker.com.au
Mon Aug 4 05:41:57 UTC 2008
Package: libtheora0
Version: 1.0~beta3-1
Severity: important
http://etbe.coker.com.au/2007/02/10/execmod/
The above URL has background information on the execmod denial from SE
Linux.
The following command shows that some parts of the library have not been
comiled with -fpic or -fPIC, I believe that this will prevent it from
working on some architectures (it's also a minor security problem - and
it prevents using the library on SE Linux systems).
# eu-findtextrel /usr/lib/libtheora.so.0.3.3 |uniq
either the file containing the function 'theora_decode_init' or the file
containing the function 'theora_encode_header' is not compiled with
-fpic/-fPIC
Below I have a cc command taken from the library build process, a simple
cc command to create a shared object, and a run of eu-findtextrel to
demonstrate that the problem is in the source file in question (it seems
that running against the entire shared object doesn't identify the right
function as the source of the problem):
cc -DHAVE_CONFIG_H -I. -I.. -I../include -I../lib -I../lib/dec \
-I../lib/enc -Wall -Wno-parentheses -O3 -fforce-addr \
-fomit-frame-pointer -finline-functions -funroll-loops -g -O2 -g -Wall \
-O2 -c enc/x86_32/dct_decode_mmx.c -fPIC -fpic -DPIC -o \
.libs/dct_decode_mmx.o
cc -shared .libs/dct_decode_mmx.o -o t.so
eu-findtextrel t.so
enc/x86_32/dct_decode_mmx.c not compiled with -fpic/-fPIC
So it seems that assembly code in enc/x86_32/dct_decode_mmx.c is
responsible. It would be ideal if this code could be fixed in time for
Lenny.
More information about the pkg-xiph-maint
mailing list