Inicio Explorar Ayuda
Iniciar sesión
hongwenjun
/
musl
espejo de https://git.musl-libc.org/git/musl
1
0
Fork 0
Archivos Incidencias 0 Wiki
Explorar el Código

ensure canary is setup if stack-prot libs are dlopen'd into non-ssp app

previously, this usage could lead to a crash if the thread pointer was
still uninitialized, and otherwise would just cause the canary to be
zero (less secure).
Rich Felker hace 12 años
padre
2bd05a4fc2
commit
731e8ffdcf
Se han modificado 2 ficheros con 6 adiciones y 2 borrados
Dividir vista Mostrar estadísticas de diff
  1. 2 1
      src/env/__stack_chk_fail.c
  2. 4 1
      src/ldso/dynlink.c

+ 2 - 1
src/env/__stack_chk_fail.c
Ver fichero 

@@ -14,7 +14,8 @@ void __init_ssp(size_t *auxv)
 
 	for (i=0; auxv[i] && auxv[i]!=AT_RANDOM; i+=2);
 
 	if (auxv[i]) memcpy(&canary, (void *)auxv[i+1], sizeof canary);
 
 	else canary = (uintptr_t)&canary * 1103515245;
 
-	__stack_chk_guard = self->canary = canary;
 
+	a_cas_l(&__stack_chk_guard, 0, canary);
 
+	self->canary = __stack_chk_guard;
 
 }
 
 
 void __stack_chk_fail(void)

+ 4 - 1
src/ldso/dynlink.c
Ver fichero 

@@ -81,6 +81,7 @@ static int ldso_fail;
 
 static jmp_buf rtld_fail;
 
 static pthread_rwlock_t lock;
 
 static struct debug debug;
 
+static size_t *auxv;
 
 
 struct debug *_dl_debug_addr = &debug;
 
 
@@ -603,7 +604,7 @@ void _dl_debug_state(void)
 
 
 void *__dynlink(int argc, char **argv)
 
 {
 
-	size_t *auxv, aux[AUX_CNT] = {0};
 
+	size_t aux[AUX_CNT] = {0};
 
 	size_t i;
 
 	Phdr *phdr;
 
 	Ehdr *ehdr;
 
@@ -838,6 +839,8 @@ void *dlopen(const char *file, int mode)
 
 		p->global = 1;
 
 	}
 
 
+	if (ssp_used) __init_ssp(auxv);
 
+
 
 	_dl_debug_state();
 
 
 	do_init_fini(tail);