HomePhabricator

build: fix ASLR for bitcoin-cli on Windows

Description

build: fix ASLR for bitcoin-cli on Windows

Summary:

ASLR is not currently working for the bitcoin-cli.exe binary. This is
due to it not having a .reloc section, which is stripped by default by
the mingw-w64 ld we use for gitian builds. A good summary of issues with
ld and mingw-w64 is available in this thread:
https://sourceware.org/bugzilla/show_bug.cgi?id=19011.

All other Windows binaries that we distribute (bitcoind, bitcoin-qt,
bitcoin-wallet, bitcoin-tx and test_bitcoin) do not suffer this issue,
and currently having working ASLR. This is due to them exporting
(inadvertent or not) libsecp256k1 symbols, and, as a result, the .reloc
section is not stripped by ld.

This change is a temporary workaround, also the same one described here:
https://www.kb.cert.org/vuls/id/307144/, that causes main() to be
exported. Exporting a symbol will mean that the .reloc section is not
stripped, and ASLR will function correctly.

Backport of core#18702.

Note that we are not impacted by the bug (yet) because our release are built with an old enough MinGw version that has no --enable-reloc-section option (this is even the default in newer versions). However this fix will be required for building with the MinGw version from Debian Bullseye.
See also https://sourceware.org/bugzilla/show_bug.cgi?id=26588

Test Plan:
On Debian 11:

cmake -GNinja .. \
  -DCMAKE_TOOLCHAIN_FILE=../cmake/platforms/Win64.cmake \
  -DBUILD_BITCOIN_SEEDER=OFF
ninja bitcoin-cli

The build will fail with a linker segfault without this fix.

Reviewers: #bitcoin_abc, PiRK

Reviewed By: #bitcoin_abc, PiRK

Differential Revision: https://reviews.bitcoinabc.org/D11227

Details

Provenance
FabienAuthored on Mar 18 2022, 13:52
FabienPushed on Mar 19 2022, 20:54
Reviewer
Restricted Project
Differential Revision
D11227: build: fix ASLR for bitcoin-cli on Windows
Parents
rABC6b15f1d14c3f: [Cashtab] Ensure browserify is installed before extension build
Branches
Unknown
Tags
Unknown