{ "id": "88975", "key": "TIMOB-8336", "fields": { "issuetype": { "id": "2", "description": "A new feature of the product, which has yet to be developed.", "name": "New Feature", "subtask": false }, "project": { "id": "10153", "key": "TIMOB", "name": "Titanium SDK/CLI", "projectCategory": { "id": "10100", "description": "Titanium and related SDKs used in application development", "name": "Client" } }, "fixVersions": [], "resolution": { "id": "7", "description": "", "name": "Invalid" }, "resolutiondate": "2012-07-11T09:22:05.000+0000", "created": "2012-03-27T14:41:03.000+0000", "priority": { "name": "Medium", "id": "3" }, "labels": [ "SupportTeam", "core" ], "versions": [ { "id": "12593", "name": "Release 2.0.0", "archived": false, "released": true, "releaseDate": "2012-03-30" } ], "issuelinks": [ { "id": "18310", "type": { "id": "10020", "name": "Depends", "inward": "is dependent of", "outward": "depends on" }, "outwardIssue": { "id": "63631", "key": "TIMOB-2999", "fields": { "summary": "iOS: XCode Project Settings and Base SDK", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "Low", "id": "4" }, "issuetype": { "id": "2", "description": "A new feature of the product, which has yet to be developed.", "name": "New Feature", "subtask": false } } } }, { "id": "18571", "type": { "id": "10003", "name": "Relates", "inward": "relates to", "outward": "relates to" }, "outwardIssue": { "id": "63631", "key": "TIMOB-2999", "fields": { "summary": "iOS: XCode Project Settings and Base SDK", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "Low", "id": "4" }, "issuetype": { "id": "2", "description": "A new feature of the product, which has yet to be developed.", "name": "New Feature", "subtask": false } } } } ], "assignee": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "updated": "2017-03-23T21:40:06.000+0000", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "components": [ { "id": "10206", "name": "iOS", "description": "iOS Platform" } ], "description": "A new feature has been requested to be added to the iOS app binary, that improves the code security. It utilizes the ASLR (address space layout randomization) that Apple has introduced as an important security feature in the latest version of the iPhone's software (4.3+). \r\n\r\nThe PIE can be enabled when compiling by command line with option -fPIE. Essentially, we need to be able to compile with the command line option -fPIE.\r\n\r\nThis article explains more about the address space randomization and how iPhone utilizes it: http://money.cnn.com/2011/08/04/technology/iphone_hack/index.htm\r\n\r\n\r\n \r\n", "attachment": [], "flagged": false, "summary": "iOS: Feature request to enable fPIE command line option in iOS app build", "creator": { "name": "vjoshi", "key": "vjoshi", "displayName": "Varun Joshi", "active": true, "timeZone": "America/New_York" }, "subtasks": [ { "id": "94468", "key": "TIMOB-9885", "fields": { "summary": "Compile JSCore with PIC option on ", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "Low", "id": "4" }, "issuetype": { "id": "5", "description": "The sub-task of the issue", "name": "Sub-task", "subtask": true } } }, { "id": "94469", "key": "TIMOB-9886", "fields": { "summary": "iOS: Compile libti_ios_debugger.a with PIC option on ", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "Medium", "id": "3" }, "issuetype": { "id": "5", "description": "The sub-task of the issue", "name": "Sub-task", "subtask": true } } }, { "id": "94471", "key": "TIMOB-9888", "fields": { "summary": "iOS: Compile libtiverify.a with PIC option on ", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "Medium", "id": "3" }, "issuetype": { "id": "5", "description": "The sub-task of the issue", "name": "Sub-task", "subtask": true } } }, { "id": "94479", "key": "TIMOB-9891", "fields": { "summary": "Ensure all titanium modules are compiled with PIC option on", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "Low", "id": "4" }, "issuetype": { "id": "5", "description": "The sub-task of the issue", "name": "Sub-task", "subtask": true } } } ], "reporter": { "name": "vjoshi", "key": "vjoshi", "displayName": "Varun Joshi", "active": true, "timeZone": "America/New_York" }, "environment": "Platform OS: iOS ver 4.3+", "comment": { "comments": [ { "id": "201600", "author": { "name": "mstepanov", "key": "mstepanov", "displayName": "Max Stepanov", "active": true, "timeZone": "America/Los_Angeles" }, "body": "All applications compiled for iOS 4.3+ have -fPIE option on by default.\r\nThe reason that the resulting binary is not PIE (and thus partially utilizes ASLR) is that all object files should be compiled with PIC (Position Independent Code) option. This includes any external static libraries, JSCore runtime, modules etc. If any of the object files is not PIC, the whole application binary will not be PIE.", "updateAuthor": { "name": "mstepanov", "key": "mstepanov", "displayName": "Max Stepanov", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2012-07-05T11:25:18.000+0000", "updated": "2012-07-05T11:25:18.000+0000" }, { "id": "201680", "author": { "name": "mstepanov", "key": "mstepanov", "displayName": "Max Stepanov", "active": true, "timeZone": "America/Los_Angeles" }, "body": "How to detect if an application binary compiled as PIE:\r\n{code}\r\notool -hv |grep PIE\r\n{code}", "updateAuthor": { "name": "mstepanov", "key": "mstepanov", "displayName": "Max Stepanov", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2012-07-05T14:34:43.000+0000", "updated": "2012-07-05T14:34:43.000+0000" }, { "id": "202476", "author": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "body": "This ticket can be resolved by taking advantage of the new {{}} setting in {{tiapp.xml}} by bumping it to 4.3 or higher. Only these versions of iOS support PIC/PIE.\r\n\r\nIf running with various internal modules continues to keep executables produced by Titanium at PIE for versions 4.3+, will resolve as INVALID.", "updateAuthor": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2012-07-10T17:09:05.000+0000", "updated": "2012-07-10T17:09:05.000+0000" }, { "id": "202477", "author": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "body": "It is also worth noting that armv6 does not appear to support PIE. Only armv7 devices will support it.", "updateAuthor": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2012-07-10T17:13:40.000+0000", "updated": "2012-07-10T17:13:40.000+0000" }, { "id": "202488", "author": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Not necessary. All libraries and Titanium apps compile as PIC but the minimum iOS version must be set to at least 4.3. Use the feature described in TIMOB-2999 which is available in 2.2.0 CI as of now.", "updateAuthor": { "name": "stephentramer", "key": "stephentramer", "displayName": "Stephen Tramer", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2012-07-10T17:41:53.000+0000", "updated": "2012-07-10T17:41:53.000+0000" }, { "id": "415422", "author": { "name": "lmorris", "key": "lmorris", "displayName": "Lee Morris", "active": false, "timeZone": "America/Los_Angeles" }, "body": "Closing ticket as invalid with reference to the previous comments.", "updateAuthor": { "name": "lmorris", "key": "lmorris", "displayName": "Lee Morris", "active": false, "timeZone": "America/Los_Angeles" }, "created": "2017-03-23T21:40:06.000+0000", "updated": "2017-03-23T21:40:06.000+0000" } ], "maxResults": 10, "total": 10, "startAt": 0 } } }