GNU bug report logs -
#30820
Chunked store references in compiled code break grafting (again)
Previous Next
Reported by: ludo <at> gnu.org (Ludovic Courtès)
Date: Wed, 14 Mar 2018 15:48:01 UTC
Severity: serious
Merged with 30395
Done: ludo <at> gnu.org (Ludovic Courtès)
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
ludo <at> gnu.org (Ludovic Courtès) writes:
> The recently added glibc grafts triggered issues that, in the end, show
> the return of <http://bugs.gnu.org/24703> (“Store references in 8-byte
> chunks in compiled code”).
I think that we should generalize our reference scanning and grafting
code to support store references broken into pieces, as long as each
piece containing part of the hash is at least 8 bytes long.
Here's my preliminary proposal:
(1) The reference scanner should recognize any 8-byte substring of a
hash as a valid reference to that hash.
(2) To enable reliable grafting of chunked references, we should impose
the following new restrictions: (a) the store prefix must be at
least 6 bytes, (b) grafting can change only the hash, not the
readable part of the store name, and (c) the readable part of the
store name must be at least 6 bytes.
(3) The grafter should recognize and replace any 8-byte subsequence of
the absolute store file name.
The rationale for the restrictions is to ensure that any byte that needs
to be modified by the grafter should be part of an 8-byte substring of
the absolute store file name. This requires that there be at least 7
bytes of known text before the first changed byte and after the last
changed byte. This is needed to provide a reasonable upper bound on the
probability of grafting a matching sequence of bytes that is not a store
reference.
I'd be willing to work on implementing this soon.
What do you think?
Mark
This bug report was last modified 7 years and 120 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.