Problem: An attacker could change the code in an executable Fix By: Compiling with -fPIC enabled Waive If: The code must be static Example: FAIL: textrel test because the DT_TEXTREL tag was detected
This test checks to make sure that a binary file does not contain any relocations that alter the contents of a code section. Relocations are special instructions that the program loader uses to alter pieces of a application when it starts up. Normally these relocations are restricted to altering the application’s data, but if any of them alter its code then an attacker might be able to exploit this to change the program.
This problem usually only arises when a binary - or part of it - is built to execute at a fixed address. Such binaries need text relocations to help them run at the address chosen. The safest solution therefore is to compile all parts of the binary to be position independent by using the -fPIC or -fPIE compiler command line options.
If necessary the test can be disabled via the --skip-textrel option and re-enabled via the --test-textrel option.