procyberian/nasm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

omit input filename from COFF output when --reproducible

Browse source 
Before this patch, COFF output always contained the first 18 bytes of the
input filename. This breaks reproducibility and may also leak sensitive
data to objects (esp. with input filenames with absolute paths.)

This patch makes this output respect the --reproducible option, and omits
the input filename from the COFF output, when set.
This commit is contained in:
Viktor Szakats 2022-07-12 06:07:48 +00:00
parent 3aebb20f12
commit e1423b0573
No known key found for this signature in database
GPG key ID: B5ABD165E2AEF201
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
output/outcoff.c
View file

@ -1275,7 +1275,10 @@ static void coff_write_symbols(void)
* The `.file' record, and the file name auxiliary record.
*/
coff_symbol(".file", 0L, 0L, -2, 0, 0x67, 1);
strncpy(filename, inname, 18);
if (reproducible)
memset(filename, 0, 18);
else
strncpy(filename, inname, 18);
nasm_write(filename, 18, ofile);
/*