RepoMirrors/musl
1
0
Fork 0
mirror of git://git.musl-libc.org/musl synced 2025-02-02 20:11:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

ldso: move the suid/secure check code closer to env/auxv processing

Browse Source 
this does not change behavior, but the idea is to avoid letting other
code build up between these two points, whereby the environment
variables might get used before security it checked.
This commit is contained in:
Rich Felker 2011-08-16 08:50:03 -04:00
parent a045883365
commit cf8506ad94
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/ldso/dynlink.c
View File

@ -482,13 +482,6 @@ void *__dynlink(int argc, char **argv, size_t *got)
decode_vec(auxv, aux, AUX_CNT);
for (i=0; auxv[i]; i+=2) {
if (auxv[i]==AT_SYSINFO_EHDR) {
vdso_base = auxv[i+1];
break;
}
}
/* Only trust user/env if kernel says we're not suid/sgid */
if ((aux[0]&0x7800)!=0x7800 || aux[AT_UID]!=aux[AT_EUID]
|| aux[AT_GID]!=aux[AT_EGID] || aux[AT_SECURE]) {
@ -496,6 +489,13 @@ void *__dynlink(int argc, char **argv, size_t *got)
env_preload = 0;
}
for (i=0; auxv[i]; i+=2) {
if (auxv[i]==AT_SYSINFO_EHDR) {
vdso_base = auxv[i+1];
break;
}
}
/* Relocate ldso's DYNAMIC pointer and load vector */
decode_vec((void *)(got[0] += aux[AT_BASE]), lib_dyn, DYN_CNT);