summary refs log tree commit diff
diff options
context:
space:
mode:
authorLeah Neukirchen <leah@vuxu.org>2017-07-31 16:16:02 +0200
committerLeah Neukirchen <leah@vuxu.org>2017-07-31 16:18:16 +0200
commit6efb555132586352958e2d91bc6ec06444ac7c3d (patch)
tree614b01691af1b174f0c60106bb96357198fb22b5
parent22d7580b77beef5ca4311c6da9d7562a6ce73ee0 (diff)
downloadfail-0.1.tar.gz
fail-0.1.tar.xz
fail-0.1.zip
crash on dlopen v0.1
-rw-r--r--README5
-rw-r--r--fail.17
-rw-r--r--fail.c14
3 files changed, 25 insertions, 1 deletions
diff --git a/README b/README
index c0ab3f2..025f93e 100644
--- a/README
+++ b/README
@@ -10,6 +10,9 @@ DESCRIPTION
      fail crashes in various possible ways to help you debug how other
      software reacts to this.
 
+     In addition to the crashes below, fail will also cause a segmentation
+     fault when its binary is loaded using dlopen(3) or LD_PRELOAD.
+
      The options are as follows:
 
      -1      Return with exit status -1.
@@ -54,6 +57,6 @@ LICENSE
      To the extent possible under law, the creator of this work has waived all
      copyright and related or neighboring rights to this work.
 
-     http://creativecommons.org/publicdomain/zero/1.0/
+           http://creativecommons.org/publicdomain/zero/1.0/
 
 Void Linux                       July 14, 2017                      Void Linux
diff --git a/fail.1 b/fail.1
index c47fbd5..c5af510 100644
--- a/fail.1
+++ b/fail.1
@@ -12,6 +12,13 @@
 crashes in various possible ways to
 help you debug how other software reacts to this.
 .Pp
+In addition to the crashes below,
+.Nm
+will also cause a segmentation fault when its binary is loaded using
+.Xr dlopen 3
+or
+.Ev LD_PRELOAD .
+.Pp
 The options are as follows:
 .Bl -tag -width Ds
 .It Fl 1
diff --git a/fail.c b/fail.c
index a08253a..90f6cb7 100644
--- a/fail.c
+++ b/fail.c
@@ -2,6 +2,7 @@
 
 #include <linux/seccomp.h>
 
+#include <sys/auxv.h>
 #include <sys/prctl.h>
 #include <sys/ptrace.h>
 #include <sys/stat.h>
@@ -20,6 +21,19 @@ segfault()
 	*nullp = 42;
 }
 
+void _start();
+
+__attribute__((__constructor__))
+void
+dlcrash()
+{
+	volatile int *nullp = 0;
+
+	// don't trigger if we are executed as a program
+	if (getauxval(AT_ENTRY) != (unsigned long)_start)
+		*nullp = 1337;
+}
+
 // can lockup your machine
 void
 oom()