about summary refs log tree commit diff
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2011-08-16 08:50:03 -0400
committerRich Felker <dalias@aerifal.cx>2011-08-16 08:50:03 -0400
commitcf8506ad94caa91fc1cd44b9134494dd6ecd6caf (patch)
treed61e42a02d7f00dec78e22c13ea6864769f9eef8
parenta045883365ccb404a63b7c56a42daf0851e579fa (diff)
downloadmusl-cf8506ad94caa91fc1cd44b9134494dd6ecd6caf.tar.gz
musl-cf8506ad94caa91fc1cd44b9134494dd6ecd6caf.tar.xz
musl-cf8506ad94caa91fc1cd44b9134494dd6ecd6caf.zip
ldso: move the suid/secure check code closer to env/auxv processing
this does not change behavior, but the idea is to avoid letting other
code build up between these two points, whereby the environment
variables might get used before security it checked.
-rw-r--r--src/ldso/dynlink.c14
1 files changed, 7 insertions, 7 deletions
diff --git a/src/ldso/dynlink.c b/src/ldso/dynlink.c
index 390f50ba..57a5ba46 100644
--- a/src/ldso/dynlink.c
+++ b/src/ldso/dynlink.c
@@ -482,13 +482,6 @@ void *__dynlink(int argc, char **argv, size_t *got)
 
 	decode_vec(auxv, aux, AUX_CNT);
 
-	for (i=0; auxv[i]; i+=2) {
-		if (auxv[i]==AT_SYSINFO_EHDR) {
-			vdso_base = auxv[i+1];
-			break;
-		}
-	}
-
 	/* Only trust user/env if kernel says we're not suid/sgid */
 	if ((aux[0]&0x7800)!=0x7800 || aux[AT_UID]!=aux[AT_EUID]
 	  || aux[AT_GID]!=aux[AT_EGID] || aux[AT_SECURE]) {
@@ -496,6 +489,13 @@ void *__dynlink(int argc, char **argv, size_t *got)
 		env_preload = 0;
 	}
 
+	for (i=0; auxv[i]; i+=2) {
+		if (auxv[i]==AT_SYSINFO_EHDR) {
+			vdso_base = auxv[i+1];
+			break;
+		}
+	}
+
 	/* Relocate ldso's DYNAMIC pointer and load vector */
 	decode_vec((void *)(got[0] += aux[AT_BASE]), lib_dyn, DYN_CNT);