sqlite-jdbc icon indicating copy to clipboard operation
sqlite-jdbc copied to clipboard

Published 20 hours ago verified publisher icon xerial

Recommended compiler and linker flags for GCC when building native library

Open myfirenze opened this issue 4 years ago • 2 comments

libsqlitejdbc.so is embedded in the sqlite-jdbc java library. Some security compiler and linker flags are not enabled for the Linux platform when building libsqlitejdbc.so, which may cause security risks

FilePath Object BIND_NOW NX PIC PIE RELRO SP NO Rpath/RunPath FS Ftrapv Strip
sqlite-jdbc-3.30.1.jar_/org/sqlite/native/Linux/x86/libsqlitejdbc.so libsqlitejdbc.so NO YES YES UNUSED NO NO NO NO UNUSED YES
sqlite-jdbc-3.30.1.jar_/org/sqlite/native/Linux/x86_64/libsqlitejdbc.so libsqlitejdbc.so NO YES YES UNUSED NO NO NO NO UNUSED YES
sqlite-jdbc-3.30.1.jar_/org/sqlite/native/Linux/arm/libsqlitejdbc.so libsqlitejdbc.so NO YES YES UNUSED YES NO NO NO UNUSED YES
sqlite-jdbc-3.30.1.jar_/org/sqlite/native/Linux/aarch64/libsqlitejdbc.so libsqlitejdbc.so NO YES YES UNUSED YES NO NO NO UNUSED YES
sqlite-jdbc-3.30.1.jar_/org/sqlite/native/Linux/ppc64/libsqlitejdbc.so libsqlitejdbc.so NO YES YES UNUSED NO NO NO NO UNUSED YES
sqlite-jdbc-3.30.1.jar_/org/sqlite/native/Linux/armv7/libsqlitejdbc.so libsqlitejdbc.so NO YES YES UNUSED YES NO NO NO UNUSED YES
sqlite-jdbc-3.30.1.jar_/org/sqlite/native/FreeBSD/x86_64/libsqlitejdbc.so libsqlitejdbc.so NO YES YES UNUSED NO NO NO NO UNUSED YES
sqlite-jdbc-3.30.1.jar_/org/sqlite/native/Linux/armv6/libsqlitejdbc.so libsqlitejdbc.so NO YES YES UNUSED NO NO NO NO UNUSED YES
sqlite-jdbc-3.30.1.jar_/org/sqlite/native/Linux/android-arm/libsqlitejdbc.so libsqlitejdbc.so YES YES YES UNUSED YES NO NO NO UNUSED YES

See https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/

myfirenze avatar Jun 22 '20 07:06 myfirenze

Could you suggest what GCC flags need to be enabled and the risk of doing or not-doing so?

xerial avatar Jun 22 '20 21:06 xerial

on Lubuntu 18.04 I had to add the option -pthread in Makefile.common:

Linux-x86_64_CCFLAGS := -Ilib/inc_linux -I$(JAVA_HOME)/include -Os -fPIC -m64 -fvisibility=hidden -pthread Linux-x86_64_LINKFLAGS := -shared -static-libgcc -pthread

From man gcc: -pthread Adds support for multithreading with the pthreads library. This option sets flags for both the preprocessor and linker.

otherwise I get the following error at runtime:

symbol lookup error: /tmp/sqlite-3.32.3-afe34c11-93ab-4c31-9d2d-9aa26ae2b08f-libsqlitejdbc.so: undefined symbol: pthread_mutexattr_init

maassg avatar Jun 24 '20 16:06 maassg

Closing this as no feedback was received.

gotson avatar Jan 13 '23 02:01 gotson