about summary refs log tree commit diff
path: root/elf
diff options
context:
space:
mode:
Diffstat (limited to 'elf')
-rw-r--r--elf/Versions2
-rw-r--r--elf/dl-reloc.c1
-rw-r--r--elf/dlfcn.h8
-rw-r--r--elf/ldsodefs.h3
-rw-r--r--elf/rtld.c23
5 files changed, 27 insertions, 10 deletions
diff --git a/elf/Versions b/elf/Versions
index d908c59fd4..1b02cd328c 100644
--- a/elf/Versions
+++ b/elf/Versions
@@ -21,7 +21,7 @@ libc {
     _dl_profile; _dl_profile_map; _dl_profile_output; _dl_start_profile;
 
     # functions used in other libraries
-    _dl_mcount; _dl_mcount_wrapper;
+    _dl_mcount; _dl_mcount_wrapper; _dl_mcount_wrapper_check;
   }
 }
 
diff --git a/elf/dl-reloc.c b/elf/dl-reloc.c
index e0eae3c2ae..1c0cbb67c4 100644
--- a/elf/dl-reloc.c
+++ b/elf/dl-reloc.c
@@ -27,7 +27,6 @@
 
 
 void
-internal_function
 _dl_relocate_object (struct link_map *l, struct link_map *scope[], int lazy,
 		     int consider_profiling)
 {
diff --git a/elf/dlfcn.h b/elf/dlfcn.h
index e0b17d392a..2f890bfe24 100644
--- a/elf/dlfcn.h
+++ b/elf/dlfcn.h
@@ -82,13 +82,9 @@ extern int dladdr __P ((const void *__address, Dl_info *__info));
         foo = DL_CALL_FCT (fctp, (arg1, arg2));
 */
 # if __GNUC__ >= 2
-/* Do not ever use this variable directly, it is internal!  */
-extern struct link_map *_dl_profile_map;
-
 #  define DL_CALL_FCT(fctp, args) \
-  (__extension__ ({ if (_dl_profile_map != NULL)			      \
-		      _dl_mcount_wrapper_check (fctp);			      \
-		    (*fctp) args; })
+  (__extension__ ({ _dl_mcount_wrapper_check (fctp);			      \
+		    (*fctp) args; }))
 # else
 /* This feature is not available without GCC.  */
 #  define DL_CALL_FCT(fctp, args) (*fctp) args
diff --git a/elf/ldsodefs.h b/elf/ldsodefs.h
index 6814f25556..847d5cec12 100644
--- a/elf/ldsodefs.h
+++ b/elf/ldsodefs.h
@@ -365,8 +365,7 @@ extern struct link_map *_dl_new_object (char *realname, const char *libname,
    If LAZY is nonzero, don't relocate its PLT.  */
 extern void _dl_relocate_object (struct link_map *map,
 				 struct link_map *scope[],
-				 int lazy, int consider_profiling)
-     internal_function;
+				 int lazy, int consider_profiling);
 
 /* Check the version dependencies of all objects available through
    MAP.  If VERBOSE print some more diagnostics.  */
diff --git a/elf/rtld.c b/elf/rtld.c
index df5db230f4..f1b612166d 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -1193,6 +1193,29 @@ process_envvars (enum mode *modep, int *lazyp)
 	}
     }
 
+  /* Extra security for SUID binaries.  Remove all dangerous environment
+     variables.  */
+  if (__libc_enable_secure)
+    {
+      static const char *unsecure_envvars[] =
+      {
+#ifdef EXTRA_UNSECURE_ENVVARS
+	EXTRA_UNSECURE_ENVVARS
+#endif
+      };
+      size_t cnt;
+
+      if (preloadlist != NULL)
+	unsetenv ("LD_PRELOAD");
+      if (library_path != NULL)
+	unsetenv ("LD_LIBRARY_PATH");
+
+      for (cnt = 0;
+	   cnt < sizeof (unsecure_envvars) / sizeof (unsecure_envvars[0]);
+	   ++cnt)
+	unsetenv (unsecure_envvars[cnt]);
+    }
+
   /* If we have to run the dynamic linker in debugging mode and the
      LD_DEBUG_OUTPUT environment variable is given, we write the debug
      messages to this file.  */