ebtables: fix segmentation fault due to uninitialized extension data

The ebtables code relies on the `-nostartfiles` linker argument to execute the
extension modules' `_init()` functions automatically which is not working
reliably across all supported targets and gcc versions.

Running an ebtables executable linked this way just crashes with a segmentation
fault at runtime on program startup, e.g. on ARM architectures.

In order to fix the issue ...
 - remove the use of the -nostartfiles linker flag
 - rename the init procedures to a generic name without implicit semantics
 - explicitely annotate those init procedures as constructors

The patch has been taken from the Alpine Linux distribution at
http://git.alpinelinux.org/cgit/aports/tree/main/ebtables/fix-extension-init.patch

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/package/network/utils/ebtables/Makefile b/package/network/utils/ebtables/Makefile
index 30bf426d77a3af843d224c3c409366ff4dd96ed7..78b83b817b7721f9ab2f2cb3eb725b9ba1543868 100644 (file)
--- a/package/network/utils/ebtables/Makefile
+++ b/package/network/utils/ebtables/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ebtables
 PKG_VERSION:=2.0.10-4
-PKG_RELEASE:=4
+PKG_RELEASE:=5
 
 PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@SF/ebtables

diff --git a/package/network/utils/ebtables/patches/200-fix-extension-init.patch b/package/network/utils/ebtables/patches/200-fix-extension-init.patch
new file mode 100644 (file)
index 0000000..63d2377
--- /dev/null
+++ b/package/network/utils/ebtables/patches/200-fix-extension-init.patch
@@ -0,0 +1,249 @@
+--- a/extensions/Makefile
++++ b/extensions/Makefile
+@@ -11,13 +11,13 @@ EXT_LIBSI+=$(foreach T,$(EXT_FUNC), -leb
+ EXT_LIBSI+=$(foreach T,$(EXT_TABLES), -lebtable_$(T))
+ 
+ extensions/ebt_%.so: extensions/ebt_%.o
+-      $(CC) $(LDFLAGS) -shared -o $@ -lc $< -nostartfiles
++      $(CC) $(LDFLAGS) -shared -o $@ -lc $<
+ 
+ extensions/libebt_%.so: extensions/ebt_%.so
+       mv $< $@
+ 
+ extensions/ebtable_%.so: extensions/ebtable_%.o
+-      $(CC) $(LDFLAGS) -shared -o $@ -lc $< -nostartfiles
++      $(CC) $(LDFLAGS) -shared -o $@ -lc $<
+ 
+ extensions/libebtable_%.so: extensions/ebtable_%.so
+       mv $< $@
+--- a/extensions/ebt_802_3.c
++++ b/extensions/ebt_802_3.c
+@@ -141,7 +141,7 @@ static struct ebt_u_match _802_3_match =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&_802_3_match);
+ }
+--- a/extensions/ebt_among.c
++++ b/extensions/ebt_among.c
+@@ -490,7 +490,7 @@ static struct ebt_u_match among_match =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&among_match);
+ }
+--- a/extensions/ebt_arp.c
++++ b/extensions/ebt_arp.c
+@@ -362,7 +362,7 @@ static struct ebt_u_match arp_match =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&arp_match);
+ }
+--- a/extensions/ebt_arpreply.c
++++ b/extensions/ebt_arpreply.c
+@@ -132,7 +132,7 @@ static struct ebt_u_target arpreply_targ
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_target(&arpreply_target);
+ }
+--- a/extensions/ebt_ip.c
++++ b/extensions/ebt_ip.c
+@@ -338,7 +338,7 @@ static struct ebt_u_match ip_match =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&ip_match);
+ }
+--- a/extensions/ebt_ip6.c
++++ b/extensions/ebt_ip6.c
+@@ -556,7 +556,7 @@ static struct ebt_u_match ip6_match =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&ip6_match);
+ }
+--- a/extensions/ebt_limit.c
++++ b/extensions/ebt_limit.c
+@@ -212,7 +212,7 @@ static struct ebt_u_match limit_match =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&limit_match);
+ }
+--- a/extensions/ebt_log.c
++++ b/extensions/ebt_log.c
+@@ -217,7 +217,7 @@ static struct ebt_u_watcher log_watcher
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_watcher(&log_watcher);
+ }
+--- a/extensions/ebt_mark.c
++++ b/extensions/ebt_mark.c
+@@ -172,7 +172,7 @@ static struct ebt_u_target mark_target =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_target(&mark_target);
+ }
+--- a/extensions/ebt_mark_m.c
++++ b/extensions/ebt_mark_m.c
+@@ -121,7 +121,7 @@ static struct ebt_u_match mark_match =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&mark_match);
+ }
+--- a/extensions/ebt_nat.c
++++ b/extensions/ebt_nat.c
+@@ -230,7 +230,7 @@ static struct ebt_u_target dnat_target =
+       .extra_ops      = opts_d,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_target(&snat_target);
+       ebt_register_target(&dnat_target);
+--- a/extensions/ebt_nflog.c
++++ b/extensions/ebt_nflog.c
+@@ -166,7 +166,7 @@ static struct ebt_u_watcher nflog_watche
+       .extra_ops = nflog_opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_watcher(&nflog_watcher);
+ }
+--- a/extensions/ebt_pkttype.c
++++ b/extensions/ebt_pkttype.c
+@@ -125,7 +125,7 @@ static struct ebt_u_match pkttype_match
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&pkttype_match);
+ }
+--- a/extensions/ebt_redirect.c
++++ b/extensions/ebt_redirect.c
+@@ -108,7 +108,7 @@ static struct ebt_u_target redirect_targ
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_target(&redirect_target);
+ }
+--- a/extensions/ebt_standard.c
++++ b/extensions/ebt_standard.c
+@@ -84,7 +84,7 @@ static struct ebt_u_target standard =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_target(&standard);
+ }
+--- a/extensions/ebt_stp.c
++++ b/extensions/ebt_stp.c
+@@ -337,7 +337,7 @@ static struct ebt_u_match stp_match =
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&stp_match);
+ }
+--- a/extensions/ebt_ulog.c
++++ b/extensions/ebt_ulog.c
+@@ -180,7 +180,7 @@ static struct ebt_u_watcher ulog_watcher
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_watcher(&ulog_watcher);
+ }
+--- a/extensions/ebt_vlan.c
++++ b/extensions/ebt_vlan.c
+@@ -181,7 +181,7 @@ static struct ebt_u_match vlan_match = {
+       .extra_ops      = opts,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_match(&vlan_match);
+ }
+--- a/extensions/ebtable_broute.c
++++ b/extensions/ebtable_broute.c
+@@ -23,7 +23,7 @@ ebt_u_table table =
+       .help           = print_help,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_table(&table);
+ }
+--- a/extensions/ebtable_filter.c
++++ b/extensions/ebtable_filter.c
+@@ -29,7 +29,7 @@ static struct ebt_u_table table =
+       .help           = print_help,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_table(&table);
+ }
+--- a/extensions/ebtable_nat.c
++++ b/extensions/ebtable_nat.c
+@@ -30,7 +30,7 @@ ebt_u_table table =
+       .help           = print_help,
+ };
+ 
+-void _init(void)
++__attribute__((constructor)) static void extension_init(void)
+ {
+       ebt_register_table(&table);
+ }