[git commit future] add LDSO_SAFE_RUNPATH config option

Peter S. Mazinger ps.m at gmx.net
Wed Apr 13 17:38:40 UTC 2011 

commit: http://git.uclibc.org/uClibc/commit/?id=97318fee8957fad2dec853fe57c054b6111daa48
branch: http://git.uclibc.org/uClibc/commit/?id=refs/heads/future

Signed-off-by: Peter S. Mazinger <ps.m at gmx.net>
---
 extra/Configs/Config.in |    7 +++++++
 ldso/ldso/dl-elf.c      |    7 +++++--
 test/Rules.mak          |   27 ++++++++++++++++++---------
 3 files changed, 30 insertions(+), 11 deletions(-)

diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in
index ac9fd13..bb1ec8b 100644
--- a/extra/Configs/Config.in
+++ b/extra/Configs/Config.in
@@ -375,6 +375,13 @@ config LDSO_RUNPATH
 	  Usage of RUNPATH tags is not too common, so disabling this feature
 	  should be safe for most people.
 
+config LDSO_SAFE_RUNPATH
+	bool "Allow only RUNPATH beginning with /"
+	depends on LDSO_RUNPATH
+	default y
+	help
+	  Allow only absolute path in RPATH/RUNPATH.
+
 config LDSO_SEARCH_INTERP_PATH
 	bool "Add ldso path to lib search path"
 	depends on HAVE_SHARED
diff --git a/ldso/ldso/dl-elf.c b/ldso/ldso/dl-elf.c
index 7b715ee..ec4f1a5 100644
--- a/ldso/ldso/dl-elf.c
+++ b/ldso/ldso/dl-elf.c
@@ -174,8 +174,11 @@ search_for_named_library(const char *name, int secure, const char *path_list,
 				_dl_strcpy(mylibname, "."); /* Assume current dir if empty path */
 			_dl_strcat(mylibname, "/");
 			_dl_strcat(mylibname, name);
-			if ((tpnt = _dl_load_elf_shared_library(secure, rpnt, mylibname)) != NULL)
-				return tpnt;
+#ifdef __LDSO_SAFE_RUNPATH__
+			if (*mylibname == '/')
+#endif
+				if ((tpnt = _dl_load_elf_shared_library(secure, rpnt, mylibname)) != NULL)
+					return tpnt;
 			path_n = path+1;
 		}
 		path++;
diff --git a/test/Rules.mak b/test/Rules.mak
index 2131a7b..6536a92 100644
--- a/test/Rules.mak
+++ b/test/Rules.mak
@@ -8,18 +8,28 @@
 .SUFFIXES:
 
 top_builddir ?= ../
+abs_top_builddir ?= $(shell cd $(top_builddir); pwd)/
 
 TESTDIR=$(top_builddir)test/
 
 include $(top_builddir)/Rules.mak
-ifndef TEST_INSTALLED_UCLIBC
 ifdef UCLIBC_LDSO
 ifeq (,$(findstring /,$(UCLIBC_LDSO)))
-UCLIBC_LDSO := $(top_builddir)lib/$(UCLIBC_LDSO)
+UCLIBC_LDSO := $(UCLIBC_LDSO)
+else
+UCLIBC_LDSO := $(notdir $(UCLIBC_LDSO))
+endif
+else
+UCLIBC_LDSO := $(notdir $(firstword $(wildcard $(top_builddir)lib/ld*)))
 endif
+ifndef TEST_INSTALLED_UCLIBC
+ifeq ($(LDSO_SAFE_RUNPATH),y)
+UCLIBC_PATH := $(abs_top_builddir)lib
 else
-UCLIBC_LDSO := $(firstword $(wildcard $(top_builddir)lib/ld*))
+UCLIBC_PATH := $(top_builddir)lib
 endif
+else
+UCLIBC_PATH := $(RUNTIME_PREFIX)$(MULTILIB_DIR)
 endif
 #--------------------------------------------------------
 # Ensure consistent sort order, 'gcc -print-search-dirs' behavior, etc.
@@ -81,15 +91,14 @@ ifneq ($(HAVE_SHARED),y)
 	LDFLAGS       += -Wl,-static -static-libgcc
 endif
 
-LDFLAGS += -B$(top_builddir)lib -Wl,-rpath,$(top_builddir)lib -Wl,-rpath-link,$(top_builddir)lib
-UCLIBC_LDSO_ABSPATH=$(shell pwd)
-ifdef TEST_INSTALLED_UCLIBC
-LDFLAGS += -Wl,-rpath,./
-UCLIBC_LDSO_ABSPATH=$(RUNTIME_PREFIX)$(MULTILIB_DIR)
+ifndef TEST_INSTALLED_UCLIBC
+LDFLAGS += -B$(UCLIBC_PATH) -Wl,-rpath,$(UCLIBC_PATH):$(shell pwd) -Wl,-rpath-link,$(UCLIBC_PATH):$(shell pwd)
+else
+LDFLAGS += -Wl,-rpath,$(shell pwd)
 endif
 
 ifeq ($(findstring -static,$(LDFLAGS)),)
-LDFLAGS += -Wl,--dynamic-linker,$(UCLIBC_LDSO_ABSPATH)/$(UCLIBC_LDSO)
+LDFLAGS += -Wl,--dynamic-linker,$(UCLIBC_PATH)/$(UCLIBC_LDSO)
 endif
 
 ifeq ($(LDSO_GNU_HASH_SUPPORT),y)
-- 
1.7.3.4

More information about the uClibc-cvs mailing list