首页 发现 帮助
登录
hongwenjun
/
musl
镜像自地址 https://git.musl-libc.org/git/musl
1
0
派生 0
文件 工单管理 0 Wiki
浏览代码

disallow non-absolute rpath $ORIGIN for suid/sgid/AT_SECURE processes

in theory non-absolute origins can only arise when either the main
program is invoked by running ldso as a command (inherently non-suid)
or when dlopen was called with a relative pathname containing at least
one slash. such usage would be inherently insecure in an suid program
anyway, so the old behavior here does not seem to have been insecure.
harden against it anyway.
Rich Felker 7 年之前
父节点
f0b235c138
当前提交
376b3c54bb
共有 1 个文件被更改,包括 3 次插入0 次删除
分列视图 显示文件统计
  1. 3 0
      ldso/dynlink.c

+ 3 - 0
ldso/dynlink.c
查看文件 

@@ -817,6 +817,9 @@ static int fixup_rpath(struct dso *p, char *buf, size_t buf_size)
 
 		origin = ".";
 
 		l = 1;
 
 	}
 
+	/* Disallow non-absolute origins for suid/sgid/AT_SECURE. */
 
+	if (libc.secure && *origin != '/')
 
+		return 0;
 
 	p->rpath = malloc(strlen(p->rpath_orig) + n*l + 1);
 
 	if (!p->rpath) return -1;