diff options
Diffstat (limited to 'elf')
| -rw-r--r-- | elf/Versions | 2 | ||||
| -rw-r--r-- | elf/dl-reloc.c | 1 | ||||
| -rw-r--r-- | elf/dlfcn.h | 8 | ||||
| -rw-r--r-- | elf/ldsodefs.h | 3 | ||||
| -rw-r--r-- | elf/rtld.c | 23 |
5 files changed, 27 insertions, 10 deletions
diff --git a/elf/Versions b/elf/Versions index d908c59fd4..1b02cd328c 100644 --- a/elf/Versions +++ b/elf/Versions @@ -21,7 +21,7 @@ libc { _dl_profile; _dl_profile_map; _dl_profile_output; _dl_start_profile; # functions used in other libraries - _dl_mcount; _dl_mcount_wrapper; + _dl_mcount; _dl_mcount_wrapper; _dl_mcount_wrapper_check; } } diff --git a/elf/dl-reloc.c b/elf/dl-reloc.c index e0eae3c2ae..1c0cbb67c4 100644 --- a/elf/dl-reloc.c +++ b/elf/dl-reloc.c @@ -27,7 +27,6 @@ void -internal_function _dl_relocate_object (struct link_map *l, struct link_map *scope[], int lazy, int consider_profiling) { diff --git a/elf/dlfcn.h b/elf/dlfcn.h index e0b17d392a..2f890bfe24 100644 --- a/elf/dlfcn.h +++ b/elf/dlfcn.h @@ -82,13 +82,9 @@ extern int dladdr __P ((const void *__address, Dl_info *__info)); foo = DL_CALL_FCT (fctp, (arg1, arg2)); */ # if __GNUC__ >= 2 -/* Do not ever use this variable directly, it is internal! */ -extern struct link_map *_dl_profile_map; - # define DL_CALL_FCT(fctp, args) \ - (__extension__ ({ if (_dl_profile_map != NULL) \ - _dl_mcount_wrapper_check (fctp); \ - (*fctp) args; }) + (__extension__ ({ _dl_mcount_wrapper_check (fctp); \ + (*fctp) args; })) # else /* This feature is not available without GCC. */ # define DL_CALL_FCT(fctp, args) (*fctp) args diff --git a/elf/ldsodefs.h b/elf/ldsodefs.h index 6814f25556..847d5cec12 100644 --- a/elf/ldsodefs.h +++ b/elf/ldsodefs.h @@ -365,8 +365,7 @@ extern struct link_map *_dl_new_object (char *realname, const char *libname, If LAZY is nonzero, don't relocate its PLT. */ extern void _dl_relocate_object (struct link_map *map, struct link_map *scope[], - int lazy, int consider_profiling) - internal_function; + int lazy, int consider_profiling); /* Check the version dependencies of all objects available through MAP. If VERBOSE print some more diagnostics. */ diff --git a/elf/rtld.c b/elf/rtld.c index df5db230f4..f1b612166d 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -1193,6 +1193,29 @@ process_envvars (enum mode *modep, int *lazyp) } } + /* Extra security for SUID binaries. Remove all dangerous environment + variables. */ + if (__libc_enable_secure) + { + static const char *unsecure_envvars[] = + { +#ifdef EXTRA_UNSECURE_ENVVARS + EXTRA_UNSECURE_ENVVARS +#endif + }; + size_t cnt; + + if (preloadlist != NULL) + unsetenv ("LD_PRELOAD"); + if (library_path != NULL) + unsetenv ("LD_LIBRARY_PATH"); + + for (cnt = 0; + cnt < sizeof (unsecure_envvars) / sizeof (unsecure_envvars[0]); + ++cnt) + unsetenv (unsecure_envvars[cnt]); + } + /* If we have to run the dynamic linker in debugging mode and the LD_DEBUG_OUTPUT environment variable is given, we write the debug messages to this file. */ |