[ardour-dev] Possible exploit potential in ardour.
John Rigg
ardev at sound-man.co.uk
Wed Oct 18 13:03:36 PDT 2006
On Tue, Oct 17, 2006 at 10:49:23PM -0400, Taybin Rutkin wrote:
> On Oct 17, 2006, at 10:05 AM, James Courtier-Dutton wrote:
> > Please see attached diff file with the fix.
> > With the patch, ardour then builds with rw- stack instead of rwx
> > stack.
>
> Thanks for the patch. Does a similar issue exist in sse64_functions.s?
Looks like it.
objdump -p /usr/local/bin/ardour (ardour-0.99.3 on AMD64):
/usr/local/bin/ardour: file format elf64-x86-64
STACK off 0x0000000000000000 vaddr 0x0000000000000000 paddr 0x0000000000000000 align 2**3
filesz 0x0000000000000000 memsz 0x0000000000000000 flags rwx
I'll try James' patch as soon as I get time (probably this weekend),
unless someone else does it first.
John
More information about the Ardour-Dev
mailing list