RepoMirrors/musl
1
0
Fork 0
mirror of git://git.musl-libc.org/musl synced 2024-12-30 10:52:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

do not use default when dynamic linker fails to open existing path file

Browse Source 
if fopen fails for a reason other than ENOENT, we must assume the
intent is that the path file be used. failure may be due to
misconfiguration or intentional resource-exhaustion attack (against
suid programs), in which case falling back to loading libraries from
an unintended path could be dangerous.
This commit is contained in:
Rich Felker 2013-09-09 13:39:08 -04:00
parent 067aea7c9b
commit ff4be700d0
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/ldso/dynlink.c
View File

@ -614,6 +614,8 @@ static struct dso *load_library(const char *name, struct dso *needed_by)
sys_path = ""; sys_path = "";
} }
fclose(f); fclose(f);
} else if (errno != ENOENT) {
sys_path = "";
} }
} }
if (!sys_path) sys_path = "/lib:/usr/local/lib:/usr/lib"; if (!sys_path) sys_path = "/lib:/usr/local/lib:/usr/lib";