[PATCH] ldso: preload standard path library with setuid bit set

Wed, 30 May 2012 08:11:54 -0700 

For set-user-ID/set-group-ID ELF binaries, only libraries in the standard
search directories that are also set-user-ID must be loaded.
This patch fixes existing logic according to the above statement.
Furthermore if either library setuid bit isn't set or it cannot be found in
the standard search path, the library won't be preloaded but execution go
ahead with default one.

Signed-off-by: Filippo Arcidiacono <[email protected]>
---
 ldso/ldso/ldso.c |   17 ++++++++---------
 1 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/ldso/ldso/ldso.c b/ldso/ldso/ldso.c
index 8cfb03f..9a77a68 100644
--- a/ldso/ldso/ldso.c
+++ b/ldso/ldso/ldso.c
@@ -494,15 +494,15 @@ void *_dl_get_ready_to_run(struct elf_resolve *tpnt, 
DL_LOADADDR_TYPE load_addr,
                const char *nextp;
                _dl_secure = 1;
 
+#ifdef __LDSO_PRELOAD_ENV_SUPPORT__
+               _dl_preload = _dl_getenv("LD_PRELOAD", envp);
+#endif
                nextp = unsecure_envvars;
                do {
                        _dl_unsetenv (nextp, envp);
                        /* We could use rawmemchr but this need not be fast.  */
                        nextp = _dl_strchr(nextp, '\0') + 1;
                } while (*nextp != '\0');
-#ifdef __LDSO_PRELOAD_ENV_SUPPORT__
-               _dl_preload = NULL;
-#endif
 #ifdef __LDSO_LD_LIBRARY_PATH__
                _dl_library_path = NULL;
 #endif
@@ -862,17 +862,16 @@ of this helper program; chances are you did not intend to 
run this program.\n\
                                tpnt1 = _dl_load_shared_library(
                                        _dl_secure ? DL_RESOLVE_SECURE : 0,
                                        &rpnt, NULL, str, trace_loaded_objects);
-                               if (!tpnt1) {
+                               if (!tpnt1)
 #ifdef __LDSO_LDD_SUPPORT__
                                        if (trace_loaded_objects || 
_dl_trace_prelink)
                                                _dl_dprintf(1, "\t%s => not 
found\n", str);
                                        else
 #endif
-                                       {
-                                               _dl_dprintf(_dl_debug_file, 
"%s: can't load " "library '%s'\n", _dl_progname, str);
-                                               _dl_exit(15);
-                                       }
-                               } else {
+                                               _dl_dprintf(_dl_debug_file, 
"%s: library '%s' "
+                                                       "from LD_PRELOAD can't 
be preloaded: ignored.\n",
+                                                       _dl_progname, str);
+                               else {
                                        tpnt1->rtld_flags = unlazy | 
RTLD_GLOBAL;
 
                                        _dl_debug_early("Loading: (%x) %s\n", 
DL_LOADADDR_BASE(tpnt1->loadaddr), tpnt1->libname);
-- 
1.7.4.1

_______________________________________________
uClibc mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/uclibc

Reply via email to