[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#647470: libqt4-script: please make it possible to run without execmem



Package: libqt4-script
Version: 4:4.7.3-8
Severity: normal

When kwin is run without execmem access it will SEGV.  This makes things
difficult for people who want to restrict such access to make it more difficult
for their programs to be exploited.

#0  0x00007ffff65615f4 in QTJSC::ExecutablePool::systemAlloc (n=16384) at ../3rdparty/javascriptcore/JavaScriptCore/jit/ExecutableAllocatorPosix.cpp:49
#1  0x00007ffff65e9393 in ExecutablePool (this=<optimized out>, n=<optimized out>) at ../3rdparty/javascriptcore/JavaScriptCore/jit/ExecutableAllocator.h:258
#2  create (n=<optimized out>) at ../3rdparty/javascriptcore/JavaScriptCore/jit/ExecutableAllocator.h:97
#3  ExecutableAllocator (this=0x7fffdddf29c8) at ../3rdparty/javascriptcore/JavaScriptCore/jit/ExecutableAllocator.h:150
#4  QTJSC::JSGlobalData::JSGlobalData (this=0x7fffdddf1800, isShared=<optimized out>) at ../3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.cpp:146
#5  0x00007ffff65e9b1c in QTJSC::JSGlobalData::create () at ../3rdparty/javascriptcore/JavaScriptCore/runtime/JSGlobalData.cpp:205
#6  0x00007ffff6686821 in QScriptEnginePrivate::QScriptEnginePrivate (this=0x9309d0) at api/qscriptengine.cpp:973
#7  0x00007ffff6687786 in QScriptEngine::QScriptEngine (this=0x7fffffffe5c0) at api/qscriptengine.cpp:1958
#8  0x00007ffff7b9566d in ?? () from /usr/lib/kde4/libkdeinit/libkdeinit4_kwin.so
#9  0x00007ffff7b054e5 in kdemain () from /usr/lib/kde4/libkdeinit/libkdeinit4_kwin.so
#10 0x00007ffff7743ead in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6
#11 0x00000000004006b1 in _start ()

Above is a backtrace of a kwin SEGV which shows where the problem is.

Is JavaScript really required for KDE operation?  If not can it be an option to
disable it?  If it is required can kwin be made to fallback to interpreting the
code if it can't precompile it?



Reply to: