This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Never try to execute the file in ldd


On Mon, Mar 24, 2014 at 04:30:29PM +0100, Andreas Schwab wrote:
> Executing a random file is never a good idea.  Treat all arguments as if
> they are invoked with __libc_enable_secure, and run them through the known
> good dynamic linker.
> 
> 	* elf/ldd.bash.in: Always run through the dynamic linker, even if
> 	the file has its own interpreter.  Remove unneeded executable
> 	check.

I've been rebasing this fix since 2002.  Please commit.

> ---
>  elf/ldd.bash.in | 16 +---------------
>  1 file changed, 1 insertion(+), 15 deletions(-)
> 
> diff --git a/elf/ldd.bash.in b/elf/ldd.bash.in
> index 4ff140d..3986bcf 100644
> --- a/elf/ldd.bash.in
> +++ b/elf/ldd.bash.in
> @@ -150,8 +150,6 @@ for file do
>      echo "ldd: ${file}:" $"not regular file" >&2
>      result=1
>    elif test -r "$file"; then
> -    test -x "$file" || echo 'ldd:' $"\
> -warning: you do not have execution permission for" "\`$file'" >&2
>      RTLD=
>      ret=1
>      for rtld in ${RTLDLIST}; do
> @@ -164,18 +162,6 @@ warning: you do not have execution permission for" "\`$file'" >&2
>        fi
>      done
>      case $ret in
> -    0)
> -      # If the program exits with exit code 5, it means the process has been
> -      # invoked with __libc_enable_secure.  Fall back to running it through
> -      # the dynamic linker.
> -      try_trace "$file"
> -      rc=$?
> -      if [ $rc = 5 ]; then
> -	try_trace "$RTLD" "$file"
> -	rc=$?
> -      fi
> -      [ $rc = 0 ] || result=1
> -      ;;
>      1)
>        # This can be a non-ELF binary or no binary at all.
>        nonelf "$file" || {
> @@ -183,7 +169,7 @@ warning: you do not have execution permission for" "\`$file'" >&2
>  	result=1
>        }
>        ;;
> -    2)
> +    [02])
>        try_trace "$RTLD" "$file" || result=1
>        ;;
>      *)

-- 
ldv

Attachment: pgpbDVzxaZoA2.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]