From cf8506ad94caa91fc1cd44b9134494dd6ecd6caf Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Tue, 16 Aug 2011 08:50:03 -0400 Subject: [PATCH] ldso: move the suid/secure check code closer to env/auxv processing this does not change behavior, but the idea is to avoid letting other code build up between these two points, whereby the environment variables might get used before security it checked. --- src/ldso/dynlink.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/ldso/dynlink.c b/src/ldso/dynlink.c index 390f50ba..57a5ba46 100644 --- a/src/ldso/dynlink.c +++ b/src/ldso/dynlink.c @@ -482,13 +482,6 @@ void *__dynlink(int argc, char **argv, size_t *got) decode_vec(auxv, aux, AUX_CNT); - for (i=0; auxv[i]; i+=2) { - if (auxv[i]==AT_SYSINFO_EHDR) { - vdso_base = auxv[i+1]; - break; - } - } - /* Only trust user/env if kernel says we're not suid/sgid */ if ((aux[0]&0x7800)!=0x7800 || aux[AT_UID]!=aux[AT_EUID] || aux[AT_GID]!=aux[AT_EGID] || aux[AT_SECURE]) { @@ -496,6 +489,13 @@ void *__dynlink(int argc, char **argv, size_t *got) env_preload = 0; } + for (i=0; auxv[i]; i+=2) { + if (auxv[i]==AT_SYSINFO_EHDR) { + vdso_base = auxv[i+1]; + break; + } + } + /* Relocate ldso's DYNAMIC pointer and load vector */ decode_vec((void *)(got[0] += aux[AT_BASE]), lib_dyn, DYN_CNT); -- 2.25.1