From b937534868c8d7aec3b6d645bf5fd657bbfccd42 Mon Sep 17 00:00:00 2001 From: Siddhesh Poyarekar Date: Wed, 29 May 2013 21:30:20 +0530 Subject: Avoid crashing in LD_DEBUG when program name is unavailable Resolves: #15465 The program name may be unavailable if the user application tampers with argc and argv[]. Some parts of the dynamic linker caters for this while others don't, so this patch consolidates the check and fallback into a single macro and updates all users. --- elf/Makefile | 6 ++++-- elf/dl-conflict.c | 3 +-- elf/dl-deps.c | 6 ++---- elf/dl-error.c | 2 +- elf/dl-fini.c | 2 +- elf/dl-init.c | 5 ++--- elf/dl-load.c | 5 ++--- elf/dl-lookup.c | 22 +++++++--------------- elf/dl-open.c | 4 ++-- elf/dl-reloc.c | 5 ++--- elf/dl-version.c | 9 ++++----- elf/rtld.c | 13 +++++-------- elf/tst-null-argv-lib.c | 24 ++++++++++++++++++++++++ elf/tst-null-argv.c | 35 +++++++++++++++++++++++++++++++++++ 14 files changed, 92 insertions(+), 49 deletions(-) create mode 100644 elf/tst-null-argv-lib.c create mode 100644 elf/tst-null-argv.c (limited to 'elf') diff --git a/elf/Makefile b/elf/Makefile index c01ca9e..6f40414 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -145,7 +145,7 @@ tests += loadtest restest1 preloadtest loadfail multiload origtest resolvfail \ tst-audit1 tst-audit2 tst-audit8 \ tst-stackguard1 tst-addr1 tst-thrlock \ tst-unique1 tst-unique2 tst-unique3 tst-unique4 \ - tst-initorder tst-initorder2 tst-relsort1 + tst-initorder tst-initorder2 tst-relsort1 tst-null-argv # reldep9 test-srcs = tst-pathopt selinux-enabled := $(shell cat /selinux/enforce 2> /dev/null) @@ -208,7 +208,7 @@ modules-names = testobj1 testobj2 testobj3 testobj4 testobj5 testobj6 \ tst-initorder2a tst-initorder2b tst-initorder2c \ tst-initorder2d \ tst-relsort1mod1 tst-relsort1mod2 tst-array2dep \ - tst-array5dep + tst-array5dep tst-null-argv-lib ifeq (yesyes,$(have-fpie)$(build-shared)) modules-names += tst-piemod1 tests += tst-pie1 @@ -494,7 +494,9 @@ $(objpfx)tst-initorderb2.so: $(objpfx)tst-initorderb1.so $(objpfx)tst-initordera $(objpfx)tst-initordera3.so: $(objpfx)tst-initorderb2.so $(objpfx)tst-initorderb1.so $(objpfx)tst-initordera4.so: $(objpfx)tst-initordera3.so $(objpfx)tst-initorder: $(objpfx)tst-initordera4.so $(objpfx)tst-initordera1.so $(objpfx)tst-initorderb2.so +$(objpfx)tst-null-argv: $(objpfx)tst-null-argv-lib.so +tst-null-argv-ENV = LD_DEBUG=all LD_DEBUG_OUTPUT=$(objpfx)tst-null-argv.debug.out LDFLAGS-nodel2mod3.so = $(no-as-needed) LDFLAGS-reldepmod5.so = $(no-as-needed) LDFLAGS-reldep6mod1.so = $(no-as-needed) diff --git a/elf/dl-conflict.c b/elf/dl-conflict.c index d63086d..11e3cd8 100644 --- a/elf/dl-conflict.c +++ b/elf/dl-conflict.c @@ -33,8 +33,7 @@ _dl_resolve_conflicts (struct link_map *l, ElfW(Rela) *conflict, { #if ! ELF_MACHINE_NO_RELA if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_RELOC, 0)) - _dl_debug_printf ("\nconflict processing: %s\n", - l->l_name[0] ? l->l_name : rtld_progname); + _dl_debug_printf ("\nconflict processing: %s\n", DSO_FILENAME (l->l_name)); { /* Do the conflict relocation of the object and library GOT and other diff --git a/elf/dl-deps.c b/elf/dl-deps.c index cd1c236..1c36f50 100644 --- a/elf/dl-deps.c +++ b/elf/dl-deps.c @@ -310,8 +310,7 @@ _dl_map_object_deps (struct link_map *map, _dl_debug_printf ("load auxiliary object=%s" " requested by file=%s\n", name, - l->l_name[0] - ? l->l_name : rtld_progname); + DSO_FILENAME (l->l_name)); /* We must be prepared that the addressed shared object is not available. */ @@ -337,8 +336,7 @@ _dl_map_object_deps (struct link_map *map, _dl_debug_printf ("load filtered object=%s" " requested by file=%s\n", name, - l->l_name[0] - ? l->l_name : rtld_progname); + DSO_FILENAME (l->l_name)); /* For filter objects the dependency must be available. */ bool malloced; diff --git a/elf/dl-error.c b/elf/dl-error.c index 7987845..8257c17 100644 --- a/elf/dl-error.c +++ b/elf/dl-error.c @@ -119,7 +119,7 @@ _dl_signal_error (int errcode, const char *objname, const char *occation, /* Lossage while resolving the program's own symbols is always fatal. */ char buffer[1024]; _dl_fatal_printf ("%s: %s: %s%s%s%s%s\n", - rtld_progname ?: "", + RTLD_PROGNAME, occation ?: N_("error while loading shared libraries"), objname, *objname ? ": " : "", errstring, errcode ? ": " : "", diff --git a/elf/dl-fini.c b/elf/dl-fini.c index c5d1674..6b245f0 100644 --- a/elf/dl-fini.c +++ b/elf/dl-fini.c @@ -237,7 +237,7 @@ _dl_fini (void) if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_IMPCALLS, 0)) _dl_debug_printf ("\ncalling fini: %s [%lu]\n\n", - l->l_name[0] ? l->l_name : rtld_progname, + DSO_FILENAME (l->l_name), ns); /* First see whether an array is given. */ diff --git a/elf/dl-init.c b/elf/dl-init.c index fe4d2a0..a657eb6 100644 --- a/elf/dl-init.c +++ b/elf/dl-init.c @@ -54,7 +54,7 @@ call_init (struct link_map *l, int argc, char **argv, char **env) /* Print a debug message if wanted. */ if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_IMPCALLS, 0)) _dl_debug_printf ("\ncalling init: %s\n\n", - l->l_name[0] ? l->l_name : rtld_progname); + DSO_FILENAME (l->l_name)); /* Now run the local constructors. There are two forms of them: - the one named by DT_INIT @@ -110,8 +110,7 @@ _dl_init (struct link_map *main_map, int argc, char **argv, char **env) if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_IMPCALLS, 0)) _dl_debug_printf ("\ncalling preinit: %s\n\n", - main_map->l_name[0] - ? main_map->l_name : rtld_progname); + DSO_FILENAME (main_map->l_name)); addrs = (ElfW(Addr) *) (preinit_array->d_un.d_ptr + main_map->l_addr); for (cnt = 0; cnt < i; ++cnt) diff --git a/elf/dl-load.c b/elf/dl-load.c index dd182c9..757b6ec 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -1651,7 +1651,7 @@ print_search_path (struct r_search_path_elem **list, if (name != NULL) _dl_debug_printf_c ("\t\t(%s from file %s)\n", what, - name[0] ? name : rtld_progname); + DSO_FILENAME (name)); else _dl_debug_printf_c ("\t\t(%s)\n", what); } @@ -2124,8 +2124,7 @@ _dl_map_object (struct link_map *loader, const char *name, _dl_debug_printf ((mode & __RTLD_CALLMAP) == 0 ? "\nfile=%s [%lu]; needed by %s [%lu]\n" : "\nfile=%s [%lu]; dynamically loaded by %s [%lu]\n", - name, nsid, loader->l_name[0] - ? loader->l_name : rtld_progname, loader->l_ns); + name, nsid, DSO_FILENAME (loader->l_name), loader->l_ns); #ifdef SHARED /* Give the auditing libraries a chance to change the name before we diff --git a/elf/dl-lookup.c b/elf/dl-lookup.c index 68f8dac..39f463e 100644 --- a/elf/dl-lookup.c +++ b/elf/dl-lookup.c @@ -112,8 +112,7 @@ do_lookup_x (const char *undef_name, uint_fast32_t new_hash, /* Print some debugging info if wanted. */ if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_SYMBOLS, 0)) _dl_debug_printf ("symbol=%s; lookup in file=%s [%lu]\n", - undef_name, - map->l_name[0] ? map->l_name : rtld_progname, + undef_name, DSO_FILENAME (map->l_name), map->l_ns); /* If the hash table is empty there is nothing to do here. */ @@ -667,10 +666,9 @@ add_dependency (struct link_map *undef_map, struct link_map *map, int flags) if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_FILES, 0)) _dl_debug_printf ("\ \nfile=%s [%lu]; needed by %s [%lu] (relocation dependency)\n\n", - map->l_name[0] ? map->l_name : rtld_progname, + DSO_FILENAME (map->l_name), map->l_ns, - undef_map->l_name[0] - ? undef_map->l_name : rtld_progname, + DSO_FILENAME (undef_map->l_name), undef_map->l_ns); } else @@ -751,9 +749,7 @@ _dl_lookup_symbol_x (const char *undef_name, struct link_map *undef_map, const char *reference_name = undef_map ? undef_map->l_name : NULL; /* XXX We cannot translate the message. */ - _dl_signal_cerror (0, (reference_name[0] - ? reference_name - : (rtld_progname ?: "
")), + _dl_signal_cerror (0, DSO_FILENAME (reference_name), N_("relocation error"), make_string ("symbol ", undef_name, ", version ", version->name, @@ -780,9 +776,7 @@ _dl_lookup_symbol_x (const char *undef_name, struct link_map *undef_map, ? version->name : ""); /* XXX We cannot translate the message. */ - _dl_signal_cerror (0, (reference_name[0] - ? reference_name - : (rtld_progname ?: "
")), + _dl_signal_cerror (0, DSO_FILENAME (reference_name), N_("symbol lookup error"), make_string (undefined_msg, undef_name, versionstr, versionname)); @@ -912,11 +906,9 @@ _dl_debug_bindings (const char *undef_name, struct link_map *undef_map, if (GLRO(dl_debug_mask) & DL_DEBUG_BINDINGS) { _dl_debug_printf ("binding file %s [%lu] to %s [%lu]: %s symbol `%s'", - (reference_name[0] - ? reference_name - : (rtld_progname ?: "
")), + DSO_FILENAME (reference_name), undef_map->l_ns, - value->m->l_name[0] ? value->m->l_name : rtld_progname, + DSO_FILENAME (value->m->l_name), value->m->l_ns, protected ? "protected" : "normal", undef_name); if (version) diff --git a/elf/dl-open.c b/elf/dl-open.c index 92fae7f..0f054bf 100644 --- a/elf/dl-open.c +++ b/elf/dl-open.c @@ -733,7 +733,7 @@ void _dl_show_scope (struct link_map *l, int from) { _dl_debug_printf ("object=%s [%lu]\n", - *l->l_name ? l->l_name : rtld_progname, l->l_ns); + DSO_FILENAME (l->l_name), l->l_ns); if (l->l_scope != NULL) for (int scope_cnt = from; l->l_scope[scope_cnt] != NULL; ++scope_cnt) { @@ -744,7 +744,7 @@ _dl_show_scope (struct link_map *l, int from) _dl_debug_printf_c (" %s", l->l_scope[scope_cnt]->r_list[cnt]->l_name); else - _dl_debug_printf_c (" %s", rtld_progname); + _dl_debug_printf_c (" %s", RTLD_PROGNAME); _dl_debug_printf_c ("\n"); } diff --git a/elf/dl-reloc.c b/elf/dl-reloc.c index 73d98f8..5c54310 100644 --- a/elf/dl-reloc.c +++ b/elf/dl-reloc.c @@ -185,8 +185,7 @@ _dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[], if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_RELOC, 0)) _dl_debug_printf ("\nrelocation processing: %s%s\n", - l->l_name[0] ? l->l_name : rtld_progname, - lazy ? " (lazy)" : ""); + DSO_FILENAME (l->l_name), lazy ? " (lazy)" : ""); /* DT_TEXTREL is now in level 2 and might phase out at some time. But we rewrite the DT_FLAGS entry to a DT_TEXTREL entry to make @@ -276,7 +275,7 @@ _dl_relocate_object (struct link_map *l, struct r_scope_elem *scope[], errstring = N_("%s: no PLTREL found in object %s\n"); fatal: _dl_fatal_printf (errstring, - rtld_progname ?: "", + RTLD_PROGNAME, l->l_name); } diff --git a/elf/dl-version.c b/elf/dl-version.c index c02baa0..62be4ae 100644 --- a/elf/dl-version.c +++ b/elf/dl-version.c @@ -85,7 +85,7 @@ match_symbol (const char *name, Lmid_t ns, ElfW(Word) hash, const char *string, if (__builtin_expect (GLRO(dl_debug_mask) & DL_DEBUG_VERSIONS, 0)) _dl_debug_printf ("\ checking for version `%s' in file %s [%lu] required by file %s [%lu]\n", - string, map->l_name[0] ? map->l_name : rtld_progname, + string, DSO_FILENAME (map->l_name), map->l_ns, name, ns); if (__builtin_expect (map->l_info[VERSYMIDX (DT_VERDEF)] == NULL, 0)) @@ -162,7 +162,7 @@ no version information available (required by ", name, ")"); name, ")"); result = 1; call_cerror: - _dl_signal_cerror (0, map->l_name[0] ? map->l_name : rtld_progname, + _dl_signal_cerror (0, DSO_FILENAME (map->l_name), N_("version lookup error"), errstring); return result; } @@ -210,7 +210,7 @@ _dl_check_map_versions (struct link_map *map, int verbose, int trace_mode) &buf[sizeof (buf) - 1], 10, 0), " of Verneed record\n"); call_error: - _dl_signal_error (errval, *map->l_name ? map->l_name : rtld_progname, + _dl_signal_error (errval, DSO_FILENAME (map->l_name), NULL, errstring); } @@ -234,8 +234,7 @@ _dl_check_map_versions (struct link_map *map, int verbose, int trace_mode) while (1) { /* Match the symbol. */ - result |= match_symbol ((*map->l_name - ? map->l_name : rtld_progname), + result |= match_symbol (DSO_FILENAME (map->l_name), map->l_ns, aux->vna_hash, strtab + aux->vna_name, needed->l_real, verbose, diff --git a/elf/rtld.c b/elf/rtld.c index 23238ad..91da88c 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -1840,10 +1840,8 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", if (_dl_name_match_p (GLRO(dl_trace_prelink), l)) GLRO(dl_trace_prelink_map) = l; _dl_printf ("\t%s => %s (0x%0*Zx, 0x%0*Zx)", - l->l_libname->name[0] ? l->l_libname->name - : rtld_progname ?: "
", - l->l_name[0] ? l->l_name - : rtld_progname ?: "
", + DSO_FILENAME (l->l_libname->name), + DSO_FILENAME (l->l_name), (int) sizeof l->l_map_start * 2, (size_t) l->l_map_start, (int) sizeof l->l_addr * 2, @@ -2000,8 +1998,7 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", first = 0; } - _dl_printf ("\t%s:\n", - map->l_name[0] ? map->l_name : rtld_progname); + _dl_printf ("\t%s:\n", DSO_FILENAME (map->l_name)); while (1) { @@ -2324,7 +2321,7 @@ print_unresolved (int errcode __attribute__ ((unused)), const char *objname, const char *errstring) { if (objname[0] == '\0') - objname = rtld_progname ?: "
"; + objname = RTLD_PROGNAME; _dl_error_printf ("%s (%s)\n", errstring, objname); } @@ -2334,7 +2331,7 @@ static void print_missing_version (int errcode __attribute__ ((unused)), const char *objname, const char *errstring) { - _dl_error_printf ("%s: %s: %s\n", rtld_progname ?: "", + _dl_error_printf ("%s: %s: %s\n", RTLD_PROGNAME, objname, errstring); } diff --git a/elf/tst-null-argv-lib.c b/elf/tst-null-argv-lib.c new file mode 100644 index 0000000..e754299 --- /dev/null +++ b/elf/tst-null-argv-lib.c @@ -0,0 +1,24 @@ +/* Verify that program does not crash when LD_DEBUG is set and the program name + is not available. This is the library. + Copyright (C) 2013 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +void +foo (void) +{ + return; +} diff --git a/elf/tst-null-argv.c b/elf/tst-null-argv.c new file mode 100644 index 0000000..dc242e4 --- /dev/null +++ b/elf/tst-null-argv.c @@ -0,0 +1,35 @@ +/* Verify that program does not crash when LD_DEBUG is set and the program name + is not available. + Copyright (C) 2013 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +extern void foo (void); + +int +do_test (int argc, char **argv) +{ + argv[0] = argv[1]; + argc--; + + /* This should result in a symbol lookup, causing a volley of debug output + when LD_DEBUG=symbols. */ + foo (); + + return 0; +} + +#include -- cgit v1.1