2

在 gcc 6.2.0 之前,使用不可重定位的汇编代码链接从来都不是问题。我不知道盯着这个的确切版本,但是使用 gcc 5.4.0(及更低版本)这个工作:

$ gcc -o httpget ../obj/httpget.o ../../../lib/libribs2_ssl.a -lssl -lcrypto

但是,使用 gcc 6.2.0:

$ gcc -o httpget ../obj/httpget.o ../../../lib/libribs2_ssl.a -lssl -lcrypto
/usr/bin/ld: ../../../lib/libribs2_ssl.a(context_asm.o): relocation R_X86_64_32S against symbol `current_ctx' can not be used when making a shared object; recompile with -fPIC
/usr/bin/ld: final link failed: Nonrepresentable section on output
collect2: error: ld returned 1 exit status

试图强制静态链接会产生另一个问题:

$ gcc -static -o httpget ../obj/httpget.o ../../../lib/libribs2_ssl.a -lssl -lcrypto -ldl
/usr/lib/gcc/x86_64-linux-gnu/6/../../../x86_64-linux-gnu/libcrypto.a(dso_dlfcn.o): In function `dlfcn_globallookup':
(.text+0x11): warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
../obj/httpget.o: In function `main':
/home/nir/ribs2/examples/httpget/src/httpget.c:194: warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking

使用 gethostbyname() 时程序会出现段错误(但其他情况下也可以)

尝试混合静态和动态也行不通。

$ gcc -o httpget -Wl,-Bstatic ../obj/httpget.o ../../../lib/libribs2_ssl.a -Wl,-Bdynamic -lssl -lcrypto
/usr/bin/ld: ../../../lib/libribs2_ssl.a(context_asm.o): relocation R_X86_64_32S against symbol `current_ctx' can not be used when making a shared object; recompile with -fPIC
/usr/bin/ld: final link failed: Nonrepresentable section on output
collect2: error: ld returned 1 exit status

有任何想法吗?项目链接:https ://github.com/niryeffet/ribs2

4

1 回答 1

3

感谢@Jester 的提示:向 LDFLAGS 添加 -no-pie (不是 -fno-PIE)解决了这个问题。

gcc -no-pie -o httpget ../obj/httpget.o ../../../lib/libribs2_ssl.a -lssl -lcrypto

该更改也适用于 gcc 5.4。似乎默认值已更改。

更新:

这解释了它。来自https://wiki.ubuntu.com/SecurityTeam/PIE

在 Ubuntu 16.10 中,作为额外的编译器强化措施,我们在 amd64 和 ppc64le 上默认启用了 PIE 和立即绑定。这大大提高了 ASLR 在这些平台上的有效性。

于 2016-10-25T18:34:20.920 回答