[uClibc-cvs] svn commit: trunk/uClibc/ldso/ldso
jocke at uclibc.org
jocke at uclibc.org
Mon Mar 14 08:48:44 UTC 2005
Author: jocke
Date: 2005-03-14 01:48:42 -0700 (Mon, 14 Mar 2005)
New Revision: 9998
Log:
Force suid apps to do unlazy binding of the PLT relocs.
See http://bugs.gentoo.org/show_bug.cgi?id=71609 for
more details. Reported by Peter Mazinger.
Modified:
trunk/uClibc/ldso/ldso/ldso.c
Changeset:
Modified: trunk/uClibc/ldso/ldso/ldso.c
===================================================================
--- trunk/uClibc/ldso/ldso/ldso.c 2005-03-12 19:13:41 UTC (rev 9997)
+++ trunk/uClibc/ldso/ldso/ldso.c 2005-03-14 08:48:42 UTC (rev 9998)
@@ -138,6 +138,38 @@
if (_dl_getenv("LD_BIND_NOW", envp))
unlazy = RTLD_NOW;
+ /* Now we need to figure out what kind of options are selected.
+ * Note that for SUID programs we ignore the settings in
+ * LD_LIBRARY_PATH.
+ */
+ if ((auxvt[AT_UID].a_un.a_val == -1 && _dl_suid_ok()) ||
+ (auxvt[AT_UID].a_un.a_val != -1 &&
+ auxvt[AT_UID].a_un.a_val == auxvt[AT_EUID].a_un.a_val &&
+ auxvt[AT_GID].a_un.a_val == auxvt[AT_EGID].a_un.a_val)) {
+ _dl_secure = 0;
+ _dl_preload = _dl_getenv("LD_PRELOAD", envp);
+ _dl_library_path = _dl_getenv("LD_LIBRARY_PATH", envp);
+ } else {
+ static const char unsecure_envvars[] =
+#ifdef EXTRA_UNSECURE_ENVVARS
+ EXTRA_UNSECURE_ENVVARS
+#endif
+ UNSECURE_ENVVARS;
+ const char *nextp;
+ _dl_secure = 1;
+
+ nextp = unsecure_envvars;
+ do {
+ _dl_unsetenv (nextp, envp);
+ /* We could use rawmemchr but this need not be fast. */
+ nextp = (char *) _dl_strchr(nextp, '\0') + 1;
+ } while (*nextp != '\0');
+ _dl_preload = NULL;
+ _dl_library_path = NULL;
+ /* SUID binaries can be exploited if they do LAZY relocation. */
+ unlazy = RTLD_NOW;
+ }
+
/* At this point we are now free to examine the user application,
* and figure out which libraries are supposed to be called. Until
* we have this list, we will not be completely ready for dynamic
@@ -270,36 +302,6 @@
app_tpnt->relro_addr = relro_addr;
app_tpnt->relro_size = relro_size;
- /* Now we need to figure out what kind of options are selected.
- * Note that for SUID programs we ignore the settings in
- * LD_LIBRARY_PATH.
- */
- if ((auxvt[AT_UID].a_un.a_val == -1 && _dl_suid_ok()) ||
- (auxvt[AT_UID].a_un.a_val != -1 &&
- auxvt[AT_UID].a_un.a_val == auxvt[AT_EUID].a_un.a_val &&
- auxvt[AT_GID].a_un.a_val == auxvt[AT_EGID].a_un.a_val)) {
- _dl_secure = 0;
- _dl_preload = _dl_getenv("LD_PRELOAD", envp);
- _dl_library_path = _dl_getenv("LD_LIBRARY_PATH", envp);
- } else {
- static const char unsecure_envvars[] =
-#ifdef EXTRA_UNSECURE_ENVVARS
- EXTRA_UNSECURE_ENVVARS
-#endif
- UNSECURE_ENVVARS;
- const char *nextp;
- _dl_secure = 1;
-
- nextp = unsecure_envvars;
- do {
- _dl_unsetenv (nextp, envp);
- /* We could use rawmemchr but this need not be fast. */
- nextp = (char *) _dl_strchr(nextp, '\0') + 1;
- } while (*nextp != '\0');
- _dl_preload = NULL;
- _dl_library_path = NULL;
- }
-
#ifdef __SUPPORT_LD_DEBUG__
_dl_debug = _dl_getenv("LD_DEBUG", envp);
if (_dl_debug) {
More information about the uClibc-cvs
mailing list