This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug dynamic-link/20204] _dl_open_hook and _dlfcn_hook hardening

From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Mon, 18 Dec 2017 19:20:18 +0000
Subject: [Bug dynamic-link/20204] _dl_open_hook and _dlfcn_hook hardening
Auto-submitted: auto-generated
References: <bug-20204-131@http.sourceware.org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=20204

--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  8e1472d2c1e25e6eabc2059170731365f6d5b3d1 (commit)
      from  49b036bce9f021ae994a85aee8b410d20b29c8b7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8e1472d2c1e25e6eabc2059170731365f6d5b3d1

commit 8e1472d2c1e25e6eabc2059170731365f6d5b3d1
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Dec 18 20:04:13 2017 +0100

    ld.so: Examine GLRO to detect inactive loader [BZ #20204]

    GLRO (_rtld_global_ro) is read-only after initialization and can
    therefore not be patched at run time, unlike the hook table addresses
    and their contents, so this is a desirable hardening feature.

    The hooks are only needed if ld.so has not been initialized, and this
    happens only after static dlopen (dlmopen uses a single ld.so object
    across all namespaces).

    Reviewed-by: Carlos O'Donell <carlos@redhat.com>

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                  |   22 ++++++++++++++++++++++
 dlfcn/dladdr.c             |    3 ++-
 dlfcn/dladdr1.c            |    3 ++-
 dlfcn/dlclose.c            |    2 +-
 dlfcn/dlerror.c            |    2 +-
 dlfcn/dlinfo.c             |    2 +-
 dlfcn/dlmopen.c            |    2 +-
 dlfcn/dlopen.c             |    2 +-
 dlfcn/dlopenold.c          |    2 +-
 dlfcn/dlsym.c              |    2 +-
 dlfcn/dlvsym.c             |    2 +-
 elf/dl-libc.c              |    6 +++---
 elf/rtld.c                 |    4 +++-
 libio/vtables.c            |    3 ++-
 sysdeps/generic/ldsodefs.h |   20 +++++++++++++++++++-
 15 files changed, 61 insertions(+), 16 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]