diff options
-rw-r--r-- | ChangeLog | 11 | ||||
-rw-r--r-- | elf/elf.h | 5 | ||||
-rw-r--r-- | elf/rtld.c | 41 | ||||
-rw-r--r-- | sysdeps/generic/dl-sysdep.c | 2 | ||||
-rw-r--r-- | sysdeps/generic/unsecvars.h | 29 | ||||
-rw-r--r-- | sysdeps/unix/sysv/linux/i386/dl-librecon.h | 9 |
6 files changed, 55 insertions, 42 deletions
diff --git a/ChangeLog b/ChangeLog index f28993a04c..70440026f9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,16 @@ 2001-11-05 Ulrich Drepper <drepper@redhat.com> + * elf/elf.h: Add dynamic tag definitions for prelinking. + + * elf/rtld.c (process_envvars): Avoid using array of string pointers. + Rewrite code to remove environment varables for SUID binaries. + Small optimization in LD_PROFILE handling. + * sysdeps/generic/unsecvars.h: Adjust format for process_envvars + changes. + * sysdeps/unix/sysv/linux/i386/dl-librecon.h: Likewise. + + * sysdeps/generic/dl-sysdep.c: Don't initialize _dl_cpuclock_offset. + * elf/dl-reloc.c (_dl_reloc_bad_type): Rewrite to not use writable strings. Change type of second parameter. * sysdeps/generic/ldsodefs.h: Adjust _dl_reloc_bad_type prototype diff --git a/elf/elf.h b/elf/elf.h index cb1a7af829..82c7936bad 100644 --- a/elf/elf.h +++ b/elf/elf.h @@ -663,6 +663,9 @@ typedef struct Dyn.d_un.d_val field of the Elf*_Dyn structure. This follows Sun's approach. */ #define DT_VALRNGLO 0x6ffffd00 +#define DT_GNU_PRELINKED 0x6ffffdf5 /* Prelinking timestamp */ +#define DT_GNU_CONFLICTSZ 0x6ffffdf6 /* Size of conflict section */ +#define DT_GNU_LIBLISTSZ 0x6ffffdf7 /* Size of library list */ #define DT_CHECKSUM 0x6ffffdf8 #define DT_PLTPADSZ 0x6ffffdf9 #define DT_MOVEENT 0x6ffffdfa @@ -680,6 +683,8 @@ typedef struct If any adjustment is made to the ELF object after it has been built these entries will need to be adjusted. */ #define DT_ADDRRNGLO 0x6ffffe00 +#define DT_GNU_CONFLICT 0x6ffffef8 /* Start of conflict section */ +#define DT_GNU_LIBLIST 0x6ffffef9 /* Library list */ #define DT_CONFIG 0x6ffffefa /* Configuration information. */ #define DT_DEPAUDIT 0x6ffffefb /* Dependency auditing. */ #define DT_AUDIT 0x6ffffefc /* Object auditing. */ diff --git a/elf/rtld.c b/elf/rtld.c index 47ac3e3cb6..e7d1e834b6 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -1345,7 +1345,7 @@ process_envvars (enum mode *modep) } /* Which shared object shall be profiled. */ - if (memcmp (envline, "PROFILE", 7) == 0) + if (memcmp (envline, "PROFILE", 7) == 0 && envline[8] != '\0') _dl_profile = &envline[8]; break; @@ -1430,38 +1430,27 @@ process_envvars (enum mode *modep) variables. */ if (__builtin_expect (__libc_enable_secure, 0)) { - static const char *unsecure_envvars[] = - { - UNSECURE_ENVVARS, + static const char unsecure_envvars[] = #ifdef EXTRA_UNSECURE_ENVVARS EXTRA_UNSECURE_ENVVARS #endif - }; - size_t cnt; - - if (preloadlist != NULL) - unsetenv ("LD_PRELOAD"); - if (library_path != NULL) - unsetenv ("LD_LIBRARY_PATH"); - if (_dl_origin_path != NULL) - unsetenv ("LD_ORIGIN_PATH"); - if (debug_output != NULL) - unsetenv ("LD_DEBUG_OUTPUT"); - if (_dl_profile != NULL) - unsetenv ("LD_PROFILE"); - - for (cnt = 0; - cnt < sizeof (unsecure_envvars) / sizeof (unsecure_envvars[0]); - ++cnt) - unsetenv (unsecure_envvars[cnt]); + UNSECURE_ENVVARS; + const char *nextp; + + nextp = unsecure_envvars; + do + { + unsetenv (nextp); + nextp = (char *) rawmemchr (nextp, '\0') + 1; + } + while (*nextp != '\0'); if (__access ("/etc/suid-debug", F_OK) != 0) unsetenv ("MALLOC_CHECK_"); } - /* The name of the object to profile cannot be empty. */ - if (_dl_profile != NULL && *_dl_profile == '\0') - _dl_profile = NULL; + /* The caller wants this information. */ + *modep = mode; /* If we have to run the dynamic linker in debugging mode and the LD_DEBUG_OUTPUT environment variable is given, we write the debug @@ -1487,8 +1476,6 @@ process_envvars (enum mode *modep) /* We use standard output if opening the file failed. */ _dl_debug_fd = STDOUT_FILENO; } - - *modep = mode; } diff --git a/sysdeps/generic/dl-sysdep.c b/sysdeps/generic/dl-sysdep.c index c89ab3c1fb..8d182be9e9 100644 --- a/sysdeps/generic/dl-sysdep.c +++ b/sysdeps/generic/dl-sysdep.c @@ -63,7 +63,7 @@ void *__libc_stack_end; static ElfW(auxv_t) *_dl_auxv; unsigned long int _dl_hwcap_mask = HWCAP_IMPORTANT; #if HP_TIMING_AVAIL -hp_timing_t _dl_cpuclock_offset = 0; +hp_timing_t _dl_cpuclock_offset; #endif #ifndef DL_FIND_ARG_COMPONENTS diff --git a/sysdeps/generic/unsecvars.h b/sysdeps/generic/unsecvars.h index cd08bb8a0d..efb9515951 100644 --- a/sysdeps/generic/unsecvars.h +++ b/sysdeps/generic/unsecvars.h @@ -1,12 +1,19 @@ -/* Environment variable to be removed for SUID programs. */ +/* Environment variable to be removed for SUID programs. The names are + all stuffed in a single string which means they have to be terminated + with a '\0' explicitly. */ #define UNSECURE_ENVVARS \ - "GCONV_PATH", \ - "HOSTALIASES", \ - "LOCALDOMAIN", \ - "LOCPATH", \ - "MALLOC_TRACE", \ - "NLSPATH", \ - "RESOLV_HOST_CONF", \ - "RES_OPTIONS", \ - "TMPDIR", \ - "TZDIR" + "LD_PRELOAD\0" \ + "LD_LIBRARY_PATH\0" \ + "LD_ORIGIN_PATH\0" \ + "LD_DEBUG_OUTPUT\0" \ + "LD_PROFILE\0" \ + "GCONV_PATH\0" \ + "HOSTALIASES\0" \ + "LOCALDOMAIN\0" \ + "LOCPATH\0" \ + "MALLOC_TRACE\0" \ + "NLSPATH\0" \ + "RESOLV_HOST_CONF\0" \ + "RES_OPTIONS\0" \ + "TMPDIR\0" \ + "TZDIR\0" diff --git a/sysdeps/unix/sysv/linux/i386/dl-librecon.h b/sysdeps/unix/sysv/linux/i386/dl-librecon.h index acff7fc14f..3e39a32e69 100644 --- a/sysdeps/unix/sysv/linux/i386/dl-librecon.h +++ b/sysdeps/unix/sysv/linux/i386/dl-librecon.h @@ -72,13 +72,16 @@ } \ \ case 15: \ - if (memcmp (envline, "LIBRARY_VERSION", 15) == 0) \ + if (memcmp (envline, "LIBRARY_VERSION", 15) == 0) \ { \ _dl_correct_cache_id = envline[16] == '5' ? 2 : 3; \ break; \ } -/* Extra unsecure variables. */ -#define EXTRA_UNSECURE_ENVVARS "LD_AOUT_LIBRARY_PATH", "LD_AOUT_PRELOAD" +/* Extra unsecure variables. The names are all stuffed in a single + string which means they have to be terminated with a '\0' explicitly. */ +#define EXTRA_UNSECURE_ENVVARS \ + "LD_AOUT_LIBRARY_PATH\0" \ + "LD_AOUT_PRELOAD\0" #endif /* dl-librecon.h */ |