On 12/14/2012 11:40 AM, Filippo ARCIDIACONO wrote:
It's not safe to use the aux vect inside __uClibc_main if we are running
with shared libraries, because it could have been already modified.
For example, if some constructor plays with environment variables by
using unsetenv, the modifications done into the stack to unset an
environment variable, have impacts on the aux vect due to the extra NULL
entries added.
Due to this, __uClibc_main is not able to detect where the aux vect
starts, so all the entries that are used by __uClibc_main (AT_UID,
AT_EUID, AT_GID, AT_EGID, AT_PAGESZ and possibly other arch specific)
are impacted.
Same side effect on the aux vect is caused by the ld.so when running a
SUID program with some of the unsecure environment variables set, that
will be unset by the ld.so itself.
In order to fix this issue, it needs to handle aux vect entries into
__uClibc_main only if SHARED is not defined.
In SHARED case, libc refers to __dl_secure and _dl_pagesize as initialised
by the ld.so where the aux vext is still untouched.
Signed-off-by: Filippo Arcidiacono <filippo.arcidiac...@st.com>
Reviewed-by: Carmelo Amoroso <carmelo.amor...@st.com>
---
ldso/ldso/ldso.c | 2 +-
libc/misc/elf/dl-support.c | 4 ++++
libc/misc/internals/__uClibc_main.c | 22 ++++++++++++++++------
3 files changed, 21 insertions(+), 7 deletions(-)
[SNIP]
Please consider this version.
It fixes last minute build problem and avoid some compiler warning.
regards,
Filippo.
_______________________________________________
uClibc mailing list
uClibc@uclibc.org
http://lists.busybox.net/mailman/listinfo/uclibc
