diff options
| author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2025-02-18 15:58:16 -0500 |
|---|---|---|
| committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2025-03-13 16:50:16 -0300 |
| commit | 9b646f5dc933dfa019f2ed7f80b6198b43e31f62 (patch) | |
| tree | f9f36d3010ff3ae93287aae0e945bfb8d23efba5 /sysdeps | |
| parent | dded0d20f67ba1925ccbcb9cf28f0c75febe0dbe (diff) | |
| download | glibc-9b646f5dc933dfa019f2ed7f80b6198b43e31f62.zip glibc-9b646f5dc933dfa019f2ed7f80b6198b43e31f62.tar.gz glibc-9b646f5dc933dfa019f2ed7f80b6198b43e31f62.tar.bz2 | |
elf: Canonicalize $ORIGIN in an explicit ld.so invocation [BZ 25263]
When an executable is invoked directly, we calculate $ORIGIN by calling
readlink on /proc/self/exe, which the Linux kernel resolves to the
target of any symlinks. However, if an executable is run through ld.so,
we cannot use /proc/self/exe and instead use the path given as an
argument. This leads to a different calculation of $ORIGIN, which is
most notable in that it causes ldd to behave differently (e.g., by not
finding a library) from directly running the program.
To make the behavior consistent, take advantage of the fact that the
kernel also resolves /proc/self/fd/ symlinks to the target of any
symlinks in the same manner, so once we have opened the main executable
in order to load it, replace the user-provided path with the result of
calling readlink("/proc/self/fd/N").
(On non-Linux platforms this resolution does not happen and so no
behavior change is needed.)
The __fd_to_filename requires _fitoa_word and _itoa_word, which for
32-bits pulls a lot of definitions from _itoa.c (due _ITOA_NEEDED
being defined). To simplify the build move the required function
to a new file, _fitoa_word.c.
Checked on x86_64-linux-gnu and i686-linux-gnu.
Co-authored-by: Geoffrey Thomas <geofft@ldpreload.com>
Reviewed-by: Geoffrey Thomas <geofft@ldpreload.com>
Tested-by: Geoffrey Thomas <geofft@ldpreload.com>
Diffstat (limited to 'sysdeps')
| -rw-r--r-- | sysdeps/generic/_itoa.h | 31 | ||||
| -rw-r--r-- | sysdeps/generic/ldsodefs.h | 4 | ||||
| -rw-r--r-- | sysdeps/mach/hurd/Makefile | 2 | ||||
| -rw-r--r-- | sysdeps/unix/sysv/linux/dl-origin.c | 23 |
4 files changed, 29 insertions, 31 deletions
diff --git a/sysdeps/generic/_itoa.h b/sysdeps/generic/_itoa.h index d7e3007..2f170d3 100644 --- a/sysdeps/generic/_itoa.h +++ b/sysdeps/generic/_itoa.h @@ -51,40 +51,9 @@ hidden_proto (_itoa_upper_digits) hidden_proto (_itoa_lower_digits) #endif -#if IS_IN (libc) extern char *_itoa_word (_ITOA_WORD_TYPE value, char *buflim, unsigned int base, int upper_case) attribute_hidden; -#else -static inline char * __attribute__ ((unused, always_inline)) -_itoa_word (_ITOA_WORD_TYPE value, char *buflim, - unsigned int base, int upper_case) -{ - const char *digits = (upper_case - ? _itoa_upper_digits - : _itoa_lower_digits); - - switch (base) - { -# define SPECIAL(Base) \ - case Base: \ - do \ - *--buflim = digits[value % Base]; \ - while ((value /= Base) != 0); \ - break - - SPECIAL (10); - SPECIAL (16); - SPECIAL (8); - default: - do - *--buflim = digits[value % base]; - while ((value /= base) != 0); - } - return buflim; -} -# undef SPECIAL -#endif /* Similar to the _itoa functions, but output starts at buf and pointer after the last written character is returned. */ diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h index 8465cba..19494b8 100644 --- a/sysdeps/generic/ldsodefs.h +++ b/sysdeps/generic/ldsodefs.h @@ -1223,6 +1223,10 @@ extern struct link_map * _dl_get_dl_main_map (void) attribute_hidden; /* Find origin of the executable. */ extern const char *_dl_get_origin (void) attribute_hidden; +/* Return the canonalized path name from the opened file descriptor FD, + or NULL otherwise. */ +extern char * _dl_canonicalize (int fd) attribute_hidden; + /* Count DSTs. */ extern size_t _dl_dst_count (const char *name) attribute_hidden; diff --git a/sysdeps/mach/hurd/Makefile b/sysdeps/mach/hurd/Makefile index 13e5cea..4b69b40 100644 --- a/sysdeps/mach/hurd/Makefile +++ b/sysdeps/mach/hurd/Makefile @@ -300,6 +300,8 @@ ifeq ($(subdir),elf) check-execstack-xfail += ld.so libc.so libpthread.so # We always create a thread for signals test-xfail-tst-single_threaded-pthread-static = yes +# Bug 25263 +test-xfail-tst-origin = yes CFLAGS-tst-execstack.c += -DDEFAULT_RWX_STACK=1 endif diff --git a/sysdeps/unix/sysv/linux/dl-origin.c b/sysdeps/unix/sysv/linux/dl-origin.c index decdd8a..3c52ba5 100644 --- a/sysdeps/unix/sysv/linux/dl-origin.c +++ b/sysdeps/unix/sysv/linux/dl-origin.c @@ -21,6 +21,7 @@ #include <fcntl.h> #include <ldsodefs.h> #include <sysdep.h> +#include <fd_to_filename.h> /* On Linux >= 2.1 systems which have the dcache implementation we can get the path of the application from the /proc/self/exe symlink. Try this @@ -72,3 +73,25 @@ _dl_get_origin (void) return result; } + +/* On Linux, readlink on the magic symlinks in /proc/self/fd also has + the same behavior of returning the canonical path from the dcache. + If it does not work, we do not bother to canonicalize. */ + +char * +_dl_canonicalize (int fd) +{ + struct fd_to_filename fdfilename; + char canonical[PATH_MAX]; + char *path = __fd_to_filename (fd, &fdfilename); + int size = INTERNAL_SYSCALL_CALL (readlinkat, AT_FDCWD, path, + canonical, PATH_MAX - 1); + + /* Check if the path was truncated. */ + if (size >= 0 && size < PATH_MAX - 1) + { + canonical[size] = '\0'; + return __strdup (canonical); + } + return NULL; +} |