diff options
author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2019-01-23 11:42:54 -0200 |
---|---|---|
committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2019-01-24 09:38:43 -0200 |
commit | 8e889c5da3c5981c5a46a93fec02de40131ac5a6 (patch) | |
tree | b820f0d6553d8d655a7a9374e2d1b654fe3d3a95 /elf/rtld.c | |
parent | ee4d79026da2c21c75cccd5795cb4357643f4f5c (diff) | |
download | glibc-8e889c5da3c5981c5a46a93fec02de40131ac5a6.tar glibc-8e889c5da3c5981c5a46a93fec02de40131ac5a6.tar.gz glibc-8e889c5da3c5981c5a46a93fec02de40131ac5a6.tar.bz2 glibc-8e889c5da3c5981c5a46a93fec02de40131ac5a6.zip |
elf: Fix LD_AUDIT for modules with invalid version (BZ#24122)
The error handling patch for invalid audit modules version access
invalid memory:
elf/rtld.c:
1454 unsigned int (*laversion) (unsigned int);
1455 unsigned int lav;
1456 if (err_str == NULL
1457 && (laversion = largs.result) != NULL
1458 && (lav = laversion (LAV_CURRENT)) > 0
1459 && lav <= LAV_CURRENT)
1460 {
[...]
1526 else
1527 {
1528 /* We cannot use the DSO, it does not have the
1529 appropriate interfaces or it expects something
1530 more recent. */
1531 #ifndef NDEBUG
1532 Lmid_t ns = dlmargs.map->l_ns;
1533 #endif
1534 _dl_close (dlmargs.map);
1535
1536 /* Make sure the namespace has been cleared entirely. */
1537 assert (GL(dl_ns)[ns]._ns_loaded == NULL);
1538 assert (GL(dl_ns)[ns]._ns_nloaded == 0);
1539
1540 GL(dl_tls_max_dtv_idx) = tls_idx;
1541 goto not_loaded;
1542 }
1431 const char *err_str = NULL;
1432 bool malloced;
1433 (void) _dl_catch_error (&objname, &err_str, &malloced, dlmopen_doit,
1434 &dlmargs);
1435 if (__glibc_unlikely (err_str != NULL))
1436 {
1437 not_loaded:
1438 _dl_error_printf ("\
1439 ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n",
1440 name, err_str);
1441 if (malloced)
1442 free ((char *) err_str);
1443 }
On failure the err_str will be NULL and _dl_debug_vdprintf does not handle
it properly:
elf/dl-misc.c:
200 case 's':
201 /* Get the string argument. */
202 iov[niov].iov_base = va_arg (arg, char *);
203 iov[niov].iov_len = strlen (iov[niov].iov_base);
204 if (prec != -1)
205 iov[niov].iov_len = MIN ((size_t) prec, iov[niov].iov_len);
206 ++niov;
207 break;
This patch fixes the issues and improves the error message.
Checked on x86_64-linux-gnu and i686-linux-gnu
[BZ #24122]
* elf/Makefile (tests): Add tst-audit13.
(modules-names): Add tst-audit13mod1.
(tst-audit13.out, LDFLAGS-tst-audit13mod1.so, tst-audit13-ENV): New
rule.
* elf/rtld.c (dl_main): Handle invalid audit module version.
* elf/tst-audit13.c: New file.
* elf/tst-audit13mod1.c: Likewise.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Diffstat (limited to 'elf/rtld.c')
-rw-r--r-- | elf/rtld.c | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/elf/rtld.c b/elf/rtld.c index 5d97f41b7b..9e0f752482 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -1453,10 +1453,12 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", unsigned int (*laversion) (unsigned int); unsigned int lav; - if (err_str == NULL - && (laversion = largs.result) != NULL - && (lav = laversion (LAV_CURRENT)) > 0 - && lav <= LAV_CURRENT) + if (err_str != NULL) + goto not_loaded; + + if ((laversion = largs.result) != NULL + && (lav = laversion (LAV_CURRENT)) > 0 + && lav <= LAV_CURRENT) { /* Allocate structure for the callback function pointers. This call can never fail. */ @@ -1538,7 +1540,25 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n", assert (GL(dl_ns)[ns]._ns_nloaded == 0); GL(dl_tls_max_dtv_idx) = tls_idx; - goto not_loaded; + if (GLRO(dl_debug_mask) & DL_DEBUG_FILES) + { + _dl_debug_printf ("\ +\nfile=%s cannot be loaded as audit interface; ignored.\n", name); + if (laversion == NULL) + _dl_debug_printf ( +" la_version function not found.\n"); + else + { + if (lav == 0) + _dl_debug_printf ( +" auditor requested to be ignored (returned version of 0).\n"); + else + _dl_debug_printf ( +" auditor disabled since expected version %d is greater than " +"supported version %d.\n", + lav, LAV_CURRENT); + } + } } } } |