From da117419bdb39a4cb5035ebba46379f7c48738b3 Mon Sep 17 00:00:00 2001 From: Filippo Arcidiacono Date: Wed, 30 May 2012 17:11:12 +0200 Subject: ldso: preload standard path library with setuid bit set For set-user-ID/set-group-ID ELF binaries, only libraries in the standard search directories that are also set-user-ID must be loaded. This patch fixes existing logic according to the above statement. Furthermore if either library setuid bit isn't set or it cannot be found in the standard search path, the library won't be preloaded but execution go ahead with default one. Signed-off-by: Filippo Arcidiacono Signed-off-by: Bernhard Reutner-Fischer --- ldso/ldso/ldso.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'ldso') diff --git a/ldso/ldso/ldso.c b/ldso/ldso/ldso.c index f2ba628b3..d3891e269 100644 --- a/ldso/ldso/ldso.c +++ b/ldso/ldso/ldso.c @@ -503,15 +503,15 @@ void *_dl_get_ready_to_run(struct elf_resolve *tpnt, DL_LOADADDR_TYPE load_addr, const char *nextp; _dl_secure = 1; +#ifdef __LDSO_PRELOAD_ENV_SUPPORT__ + _dl_preload = _dl_getenv("LD_PRELOAD", envp); +#endif nextp = unsecure_envvars; do { _dl_unsetenv (nextp, envp); /* We could use rawmemchr but this need not be fast. */ nextp = _dl_strchr(nextp, '\0') + 1; } while (*nextp != '\0'); -#ifdef __LDSO_PRELOAD_ENV_SUPPORT__ - _dl_preload = NULL; -#endif #ifdef __LDSO_LD_LIBRARY_PATH__ _dl_library_path = NULL; #endif @@ -883,8 +883,9 @@ of this helper program; chances are you did not intend to run this program.\n\ else #endif { - _dl_dprintf(_dl_debug_file, "%s: can't load " "library '%s'\n", _dl_progname, str); - _dl_exit(15); + _dl_dprintf(_dl_debug_file, "%s: library '%s' " + "from LD_PRELOAD can't be preloaded: ignored.\n", + _dl_progname, str); } } else { tpnt1->rtld_flags = unlazy | RTLD_GLOBAL; -- cgit v1.2.3