Date: Fri, 21 Mar 2003 16:22:51 -0600 (CST) From: hawkeyd@visi.com (D J Hawkey Jr) To: kwc@TheWorld.com, freebsd-stable@freebsd.org Subject: Re: Recent rpc/libc xdr security advisory & patch Message-ID: <200303212222.h2LMMpl69466@sheol.localdomain> In-Reply-To: <200303211954.OAA6062841_shell.TheWorld.com@ns.sol.net> References: <200303211954.OAA6062841_shell.TheWorld.com@ns.sol.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <200303211954.OAA6062841_shell.TheWorld.com@ns.sol.net>, kwc@TheWorld.com writes: > Hello -stable: > > With regard to the recent rpc/libc xdr security advisory and > patch that went into RELENG_4 (& others), what would be > {a,some} good way(s) to find any programs that statically > link the relevant library(ies)? Is this even possible? Try this: find $DIR -type f \ |xargs readelf -a 2>/dev/null \ |awk '/^File:/ { name = $2; printed = 0; } \ /XDR|xdr/ { if (!printed) { print name; printed = 1; } }' \ |xargs ldd 2>/dev/null If it reports any pathnames without listing shared libraries, then those are statically linked. I did the same thing for SA-03:02.openssl, but used "/SSL|TLS/" where "/XDR|xdr" is. Both (either?) values are from public header files. > Thanks, > -kc HTH, Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200303212222.h2LMMpl69466>