The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=9cabef3d146e9a844813b6bc8952d6cf2e9d45e5
commit 9cabef3d146e9a844813b6bc8952d6cf2e9d45e5 Author: Konstantin Belousov <[email protected]> AuthorDate: 2022-09-21 13:55:44 +0000 Commit: Konstantin Belousov <[email protected]> CommitDate: 2022-10-06 15:50:26 +0000 ldd: use direct exec mode unconditionally Trying to exec malformed or unusual binary, for instance, a non-FreeBSD ABI, or using a non-standard interpreter, might give unexpected outcome. Reported by: The UK's National Cyber Security Centre (NCSC) Reviewed by: emaste, markj, philip Discussed with: jhb Sponsored by: The FreeBSD Foundation admbug: 991 PR: 127276, 175339, 231926 MFC after: 1 week Differential revision: https://reviews.freebsd.org/D36650 --- usr.bin/ldd/ldd.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/usr.bin/ldd/ldd.c b/usr.bin/ldd/ldd.c index c16b6f5e8496..8897c8cbfbc2 100644 --- a/usr.bin/ldd/ldd.c +++ b/usr.bin/ldd/ldd.c @@ -233,18 +233,19 @@ main(int argc, char *argv[]) } break; case 0: + rtld = _PATH_RTLD; +#if __ELF_WORD_SIZE > 32 && defined(ELF32_SUPPORTED) + if (type == TYPE_ELF32) + rtld = _COMPAT32_PATH_RTLD; +#endif if (is_shlib == 0) { - execl(*argv, *argv, (char *)NULL); + execl(rtld, rtld, "--", + *argv, (char *)NULL); warn("%s", *argv); } else if (fmt1 == NULL && fmt2 == NULL && !aflag) { dlopen(*argv, RTLD_TRACE); warnx("%s: %s", *argv, dlerror()); } else { - rtld = _PATH_RTLD; -#if __ELF_WORD_SIZE > 32 && defined(ELF32_SUPPORTED) - if (type == TYPE_ELF32) - rtld = _COMPAT32_PATH_RTLD; -#endif execl(rtld, rtld, "-d", "--", *argv, (char *)NULL); }
