diff options
| author | Andreas Schwab <schwab@redhat.com> | 2010-12-09 14:36:55 +0100 |
|---|---|---|
| committer | Andreas Schwab <schwab@redhat.com> | 2010-12-09 14:36:55 +0100 |
| commit | cfe71f9619829d0f71d29580dced96e2bfab6883 (patch) | |
| tree | f4085767897fb14aac7bea3cb69a040c149bee16 | |
| parent | 7393ab587b51d462a3c046d10cd6af7de0f9be96 (diff) | |
| download | glibc-cfe71f9619829d0f71d29580dced96e2bfab6883.tar.gz glibc-cfe71f9619829d0f71d29580dced96e2bfab6883.tar.xz glibc-cfe71f9619829d0f71d29580dced96e2bfab6883.zip | |
Revert "Never expand $ORIGIN in privileged programs"
This reverts commit 2232b90f0bd3a41b4d63cac98a5b60abbfaccd46.
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | elf/dl-load.c | 30 |
2 files changed, 17 insertions, 19 deletions
diff --git a/ChangeLog b/ChangeLog index 514254a1b2..24ef9e1a95 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,12 +13,6 @@ (do_preload): Use __RTLD_SECURE instead of is_preloaded. (dlmopen_doit): Add __RTLD_SECURE to mode bits. -2010-10-18 Andreas Schwab <schwab@redhat.com> - - * elf/dl-load.c (is_dst): Remove last parameter. - (_dl_dst_count): Ignore $ORIGIN in privileged programs. - (_dl_dst_substitute): Likewise. - 2010-10-06 Ulrich Drepper <drepper@gmail.com> * string/bug-strstr1.c: New file. diff --git a/elf/dl-load.c b/elf/dl-load.c index efdf59bb56..a92816a296 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -169,7 +169,8 @@ local_strdup (const char *s) static size_t -is_dst (const char *start, const char *name, const char *str, int is_path) +is_dst (const char *start, const char *name, const char *str, + int is_path, int secure) { size_t len; bool is_curly = false; @@ -198,6 +199,11 @@ is_dst (const char *start, const char *name, const char *str, int is_path) && (!is_path || name[len] != ':')) return 0; + if (__builtin_expect (secure, 0) + && ((name[len] != '\0' && (!is_path || name[len] != ':')) + || (name != start + 1 && (!is_path || name[-2] != ':')))) + return 0; + return len; } @@ -212,12 +218,13 @@ _dl_dst_count (const char *name, int is_path) { size_t len; - /* $ORIGIN is not expanded for SUID/GUID programs. */ + /* $ORIGIN is not expanded for SUID/GUID programs (except if it + is $ORIGIN alone) and it must always appear first in path. */ ++name; - if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0 - && !INTUSE(__libc_enable_secure)) - || (len = is_dst (start, name, "PLATFORM", is_path)) != 0 - || (len = is_dst (start, name, "LIB", is_path)) != 0) + if ((len = is_dst (start, name, "ORIGIN", is_path, + INTUSE(__libc_enable_secure))) != 0 + || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0 + || (len = is_dst (start, name, "LIB", is_path, 0)) != 0) ++cnt; name = strchr (name + len, '$'); @@ -249,12 +256,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result, size_t len; ++name; - if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0) + if ((len = is_dst (start, name, "ORIGIN", is_path, + INTUSE(__libc_enable_secure))) != 0) { - /* Ignore this path element in SUID/SGID programs. */ - if (INTUSE(__libc_enable_secure)) - repl = (const char *) -1; - else #ifndef SHARED if (l == NULL) repl = _dl_get_origin (); @@ -262,9 +266,9 @@ _dl_dst_substitute (struct link_map *l, const char *name, char *result, #endif repl = l->l_origin; } - else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0) + else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0) repl = GLRO(dl_platform); - else if ((len = is_dst (start, name, "LIB", is_path)) != 0) + else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0) repl = DL_DST_LIB; if (repl != NULL && repl != (const char *) -1) |