aboutsummaryrefslogtreecommitdiff
path: root/elf
diff options
context:
space:
mode:
Diffstat (limited to 'elf')
-rw-r--r--elf/dl-load.c68
-rw-r--r--elf/dl-open.c1
2 files changed, 33 insertions, 36 deletions
diff --git a/elf/dl-load.c b/elf/dl-load.c
index b9ef523b49..d72ba64a3f 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -396,6 +396,35 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
if (len > 0 && cp[len - 1] != '/')
cp[len++] = '/';
+ /* Make sure we don't use untrusted directories if we run SUID. */
+ if (__builtin_expect (check_trusted, 0))
+ {
+ const char *trun = system_dirs;
+ size_t idx;
+ int unsecure = 1;
+
+ /* All trusted directories must be complete names. */
+ if (cp[0] == '/')
+ {
+ for (idx = 0; idx < nsystem_dirs_len; ++idx)
+ {
+ if (len == system_dirs_len[idx]
+ && memcmp (trun, cp, len) == 0)
+ {
+ /* Found it. */
+ unsecure = 0;
+ break;
+ }
+
+ trun += system_dirs_len[idx] + 1;
+ }
+ }
+
+ if (unsecure)
+ /* Simply drop this directory. */
+ continue;
+ }
+
/* See if this directory is already known. */
for (dirp = _dl_all_dirs; dirp != NULL; dirp = dirp->next)
if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
@@ -434,41 +463,10 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
if (len > max_dirnamelen)
max_dirnamelen = len;
- /* Make sure we don't use untrusted directories if we run SUID. */
- if (__builtin_expect (check_trusted, 0))
- {
- const char *trun = system_dirs;
- size_t idx;
-
- /* By default we don't trust anything. */
- init_val = nonexisting;
-
- /* All trusted directories must be complete names. */
- if (cp[0] == '/')
- {
- for (idx = 0; idx < nsystem_dirs_len; ++idx)
- {
- if (len == system_dirs_len[idx]
- && memcmp (trun, cp, len) == 0)
- /* Found it. */
- break;
-
- trun += system_dirs_len[idx] + 1;
- }
-
- if (idx < nsystem_dirs_len)
- /* It's a trusted directory so allow checking for it. */
- init_val = unknown;
- }
- }
- else
- /* We don't have to check for trusted directories and can
- accept everything. We have to make sure all the
- relative directories are never ignored. The current
- directory might change and all our saved information
- would be void. */
- init_val = cp[0] != '/' ? existing : unknown;
-
+ /* We have to make sure all the relative directories are
+ never ignored. The current directory might change and
+ all our saved information would be void. */
+ init_val = cp[0] != '/' ? existing : unknown;
for (cnt = 0; cnt < ncapstr; ++cnt)
dirp->status[cnt] = init_val;
diff --git a/elf/dl-open.c b/elf/dl-open.c
index ea35647e08..2f4c97b3c0 100644
--- a/elf/dl-open.c
+++ b/elf/dl-open.c
@@ -156,7 +156,6 @@ add_to_global (struct link_map *new)
}
}
- /* XXX Do we have to add something to r_dupsearchlist??? --drepper */
return 0;
}