about summary refs log tree commit diff
path: root/src
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2013-06-26 10:17:29 -0400
committerRich Felker <dalias@aerifal.cx>2013-06-26 10:17:29 -0400
commit11bc173765a22d460e090f46278ab4b96551a43b (patch)
tree6760a64f5b69e4d4b172202c382726f3425d5075 /src
parenta3e2f3c2b15053a2f9faccc62947b82f2219599f (diff)
downloadmusl-11bc173765a22d460e090f46278ab4b96551a43b.tar.gz
musl-11bc173765a22d460e090f46278ab4b96551a43b.tar.xz
musl-11bc173765a22d460e090f46278ab4b96551a43b.zip
fix dynamic linker handling of empty path file or error reading path file
previously, the path string was being used despite being invalid. with
this change, empty path file or error reading the path file is treated
as an empty path. this is preferable to falling back to a default
path, so that attacks to prevent reading of the path file could not
result in loading incorrect and possibly dangerous (outdated or
mismatching ABI) libraries from.

the code to strip the final newline has also been removed; now that
newline is accepted as a delimiter, it's harmless to leave it in
place.
Diffstat (limited to 'src')
-rw-r--r--src/ldso/dynlink.c7
1 files changed, 3 insertions, 4 deletions
diff --git a/src/ldso/dynlink.c b/src/ldso/dynlink.c
index 8472343a..eac07d9c 100644
--- a/src/ldso/dynlink.c
+++ b/src/ldso/dynlink.c
@@ -478,10 +478,9 @@ static struct dso *load_library(const char *name)
 			if (!sys_path) {
 				FILE *f = fopen(ETC_LDSO_PATH, "rbe");
 				if (f) {
-					if (getdelim(&sys_path, (size_t[1]){0}, 0, f) > 0) {
-						size_t l = strlen(sys_path);
-						if (l && sys_path[l-1]=='\n')
-							sys_path[l-1] = 0;
+					if (getdelim(&sys_path, (size_t[1]){0}, 0, f) <= 0) {
+						if (sys_path) free(sys_path);
+						sys_path = "";
 					}
 					fclose(f);
 				}