Attachment #726742 for bug #1039357

View | Details | Raw Unified | Return to bug 1039357
Collapse All | Expand All




strong_alias (__pointer_chk_guard_local, __pointer_chk_guard)
#endif

/* Check that AT_SECURE=0, or that the passed name does not contain
   directories and is not overly long.  Reject empty names
   unconditionally.  */
static bool
dso_name_valid_for_suid (const char *p)
{
  if (__glibc_unlikely (__libc_enable_secure))
    {
      /* Ignore pathnames with directories for AT_SECURE=1
	 programs, and also skip overlong names.  */
      size_t len = strlen (p);
      if (len >= NAME_MAX || memchr (p, '/', len) != NULL)
	return false;
    }
  return *p != '\0';
}

/* List of auditing DSOs.  */
static struct audit_list

/* Nonzero if information about versions has to be printed.  */
static int version_info attribute_relro;

/* The LD_PRELOAD environment variable gives list of libraries
   separated by white space or colons that are loaded before the
   executable's dependencies and prepended to the global scope list.
   (If the binary is running setuid all elements containing a '/' are
   ignored since it is insecure.)  Return the number of preloads
   performed.  */
unsigned int
handle_ld_preload (const char *preloadlist, struct link_map *main_map)
{
  unsigned int npreloads = 0;
  const char *p = preloadlist;
  char fname[PATH_MAX];

  while (*p != '\0')
    {
      /* Split preload list at space/colon.  */
      size_t len = strcspn (p, " :");
      if (len > 0 && len < PATH_MAX)
	{
	  memcpy (fname, p, len);
	  fname[len] = '\0';
	}
      else
	fname[0] = '\0';

      /* Skip over the substring and the following delimiter.  */
      p += len;
      if (*p == ' ' || *p == ':')
	++p;

      if (dso_name_valid_for_suid (fname))
	npreloads += do_preload (fname, main_map, "LD_PRELOAD");
    }
  return npreloads;
}

static void
dl_main (const ElfW(Phdr) *phdr,
	 ElfW(Word) phnum,


  if (__glibc_unlikely (preloadlist != NULL))
    {
      /* The LD_PRELOAD environment variable gives list of libraries
	 separated by white space or colons that are loaded before the
	 executable's dependencies and prepended to the global scope
	 list.  If the binary is running setuid all elements
	 containing a '/' are ignored since it is insecure.  */
      char *list = strdupa (preloadlist);
      char *p;

      HP_TIMING_NOW (start);
      npreloads += handle_ld_preload (preloadlist, main_map);
      /* Prevent optimizing strsep.  Speed is not important here.  */
      while ((p = (strsep) (&list, " :")) != NULL)
	if (p[0] != '\0'
	    && (__builtin_expect (! __libc_enable_secure, 1)
		|| strchr (p, '/') == NULL))
	  npreloads += do_preload (p, main_map, "LD_PRELOAD");

      HP_TIMING_NOW (stop);
      HP_TIMING_DIFF (diff, start, stop);
      HP_TIMING_ACCUM_NT (load_time, diff);
- 

Return to bug 1039357

Lines 99-104 uintptr_t __pointer_chk_guard_local Link Here

(-)a/elf/rtld.c (-17 / +53 lines)
99	strong_alias (__pointer_chk_guard_local, __pointer_chk_guard)	99	strong_alias (__pointer_chk_guard_local, __pointer_chk_guard)
100	#endif	100	#endif
101		101
		102	/* Check that AT_SECURE=0, or that the passed name does not contain
		103	directories and is not overly long. Reject empty names
		104	unconditionally. */
		105	static bool
		106	dso_name_valid_for_suid (const char *p)
		107	{
		108	if (__glibc_unlikely (__libc_enable_secure))
		109	{
		110	/* Ignore pathnames with directories for AT_SECURE=1
		111	programs, and also skip overlong names. */
		112	size_t len = strlen (p);
		113	if (len >= NAME_MAX \|\| memchr (p, '/', len) != NULL)
		114	return false;
		115	}
		116	return *p != '\0';
		117	}
102		118
103	/* List of auditing DSOs. */	119	/* List of auditing DSOs. */
104	static struct audit_list	120	static struct audit_list
Lines 716-721 static const char *preloadlist attribute_relro; Link Here
716	/* Nonzero if information about versions has to be printed. */	732	/* Nonzero if information about versions has to be printed. */
717	static int version_info attribute_relro;	733	static int version_info attribute_relro;
718		734
		735	/* The LD_PRELOAD environment variable gives list of libraries
		736	separated by white space or colons that are loaded before the
		737	executable's dependencies and prepended to the global scope list.
		738	(If the binary is running setuid all elements containing a '/' are
		739	ignored since it is insecure.) Return the number of preloads
		740	performed. */
		741	unsigned int
		742	handle_ld_preload (const char preloadlist, struct link_map main_map)
		743	{
		744	unsigned int npreloads = 0;
		745	const char *p = preloadlist;
		746	char fname[PATH_MAX];
		747
		748	while (*p != '\0')
		749	{
		750	/* Split preload list at space/colon. */
		751	size_t len = strcspn (p, " :");
		752	if (len > 0 && len < PATH_MAX)
		753	{
		754	memcpy (fname, p, len);
		755	fname[len] = '\0';
		756	}
		757	else
		758	fname[0] = '\0';
		759
		760	/* Skip over the substring and the following delimiter. */
		761	p += len;
		762	if (p == ' ' \|\| p == ':')
		763	++p;
		764
		765	if (dso_name_valid_for_suid (fname))
		766	npreloads += do_preload (fname, main_map, "LD_PRELOAD");
		767	}
		768	return npreloads;
		769	}
		770
719	static void	771	static void
720	dl_main (const ElfW(Phdr) *phdr,	772	dl_main (const ElfW(Phdr) *phdr,
721	ElfW(Word) phnum,	773	ElfW(Word) phnum,
Lines 1462-1484 ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", Link Here
1462		1514
1463	if (__glibc_unlikely (preloadlist != NULL))	1515	if (__glibc_unlikely (preloadlist != NULL))
1464	{	1516	{
1465	/* The LD_PRELOAD environment variable gives list of libraries
1466	separated by white space or colons that are loaded before the
1467	executable's dependencies and prepended to the global scope
1468	list. If the binary is running setuid all elements
1469	containing a '/' are ignored since it is insecure. */
1470	char *list = strdupa (preloadlist);
1471	char *p;
1472
1473	HP_TIMING_NOW (start);	1517	HP_TIMING_NOW (start);
1474		1518	npreloads += handle_ld_preload (preloadlist, main_map);
1475	/* Prevent optimizing strsep. Speed is not important here. */
1476	while ((p = (strsep) (&list, " :")) != NULL)
1477	if (p[0] != '\0'
1478	&& (__builtin_expect (! __libc_enable_secure, 1)
1479	\|\| strchr (p, '/') == NULL))
1480	npreloads += do_preload (p, main_map, "LD_PRELOAD");
1481
1482	HP_TIMING_NOW (stop);	1519	HP_TIMING_NOW (stop);
1483	HP_TIMING_DIFF (diff, start, stop);	1520	HP_TIMING_DIFF (diff, start, stop);
1484	HP_TIMING_ACCUM_NT (load_time, diff);	1521	HP_TIMING_ACCUM_NT (load_time, diff);
1485	-