Browse Source

add LDSO_SAFE_RUNPATH config option

Signed-off-by: Peter S. Mazinger <ps.m@gmx.net>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Peter S. Mazinger 14 years ago
parent
commit
26284b4021
3 changed files with 30 additions and 11 deletions
  1. 7 0
      extra/Configs/Config.in
  2. 5 2
      ldso/ldso/dl-elf.c
  3. 18 9
      test/Rules.mak

+ 7 - 0
extra/Configs/Config.in

@@ -395,6 +395,13 @@ config LDSO_RUNPATH
 	  Usage of RUNPATH tags is not too common, so disabling this feature
 	  Usage of RUNPATH tags is not too common, so disabling this feature
 	  should be safe for most people.
 	  should be safe for most people.
 
 
+config LDSO_SAFE_RUNPATH
+	bool "Allow only RUNPATH beginning with /"
+	depends on LDSO_RUNPATH
+	default y
+	help
+	  Allow only absolute path in RPATH/RUNPATH.
+
 config LDSO_SEARCH_INTERP_PATH
 config LDSO_SEARCH_INTERP_PATH
 	bool "Add ldso path to lib search path"
 	bool "Add ldso path to lib search path"
 	depends on HAVE_SHARED
 	depends on HAVE_SHARED

+ 5 - 2
ldso/ldso/dl-elf.c

@@ -174,8 +174,11 @@ search_for_named_library(const char *name, unsigned rflags, const char *path_lis
 				_dl_strcpy(mylibname, "."); /* Assume current dir if empty path */
 				_dl_strcpy(mylibname, "."); /* Assume current dir if empty path */
 			_dl_strcat(mylibname, "/");
 			_dl_strcat(mylibname, "/");
 			_dl_strcat(mylibname, name);
 			_dl_strcat(mylibname, name);
-			if ((tpnt = _dl_load_elf_shared_library(rflags, rpnt, mylibname)) != NULL)
+#ifdef __LDSO_SAFE_RUNPATH__
-				return tpnt;
+			if (*mylibname == '/')
+#endif
+				if ((tpnt = _dl_load_elf_shared_library(rflags, rpnt, mylibname)) != NULL)
+					return tpnt;
 			path_n = path+1;
 			path_n = path+1;
 		}
 		}
 		path++;
 		path++;

+ 18 - 9
test/Rules.mak

@@ -8,18 +8,28 @@
 .SUFFIXES:
 .SUFFIXES:
 
 
 top_builddir ?= ../
 top_builddir ?= ../
+abs_top_builddir ?= $(shell cd $(top_builddir); pwd)/
 
 
 TESTDIR=$(top_builddir)test/
 TESTDIR=$(top_builddir)test/
 
 
 include $(top_builddir)/Rules.mak
 include $(top_builddir)/Rules.mak
-ifndef TEST_INSTALLED_UCLIBC
 ifdef UCLIBC_LDSO
 ifdef UCLIBC_LDSO
 ifeq (,$(findstring /,$(UCLIBC_LDSO)))
 ifeq (,$(findstring /,$(UCLIBC_LDSO)))
-UCLIBC_LDSO := $(top_builddir)lib/$(UCLIBC_LDSO)
+UCLIBC_LDSO := $(UCLIBC_LDSO)
+else
+UCLIBC_LDSO := $(notdir $(UCLIBC_LDSO))
+endif
+else
+UCLIBC_LDSO := $(notdir $(firstword $(wildcard $(top_builddir)lib/ld*)))
 endif
 endif
+ifndef TEST_INSTALLED_UCLIBC
+ifeq ($(LDSO_SAFE_RUNPATH),y)
+UCLIBC_PATH := $(abs_top_builddir)lib
 else
 else
-UCLIBC_LDSO := $(firstword $(wildcard $(top_builddir)lib/ld*))
+UCLIBC_PATH := $(top_builddir)lib
 endif
 endif
+else
+UCLIBC_PATH := $(RUNTIME_PREFIX)$(MULTILIB_DIR)
 endif
 endif
 #--------------------------------------------------------
 #--------------------------------------------------------
 # Ensure consistent sort order, 'gcc -print-search-dirs' behavior, etc.
 # Ensure consistent sort order, 'gcc -print-search-dirs' behavior, etc.
@@ -81,15 +91,14 @@ ifneq ($(HAVE_SHARED),y)
 	LDFLAGS       += -Wl,-static -static-libgcc
 	LDFLAGS       += -Wl,-static -static-libgcc
 endif
 endif
 
 
-LDFLAGS += -B$(top_builddir)lib -Wl,-rpath,$(top_builddir)lib -Wl,-rpath-link,$(top_builddir)lib
+ifndef TEST_INSTALLED_UCLIBC
-UCLIBC_LDSO_ABSPATH=$(shell pwd)
+LDFLAGS += -B$(UCLIBC_PATH) -Wl,-rpath,$(UCLIBC_PATH):$(shell pwd) -Wl,-rpath-link,$(UCLIBC_PATH):$(shell pwd)
-ifdef TEST_INSTALLED_UCLIBC
+else
-LDFLAGS += -Wl,-rpath,./
+LDFLAGS += -Wl,-rpath,$(shell pwd)
-UCLIBC_LDSO_ABSPATH=$(RUNTIME_PREFIX)$(MULTILIB_DIR)
 endif
 endif
 
 
 ifeq ($(findstring -static,$(LDFLAGS)),)
 ifeq ($(findstring -static,$(LDFLAGS)),)
-LDFLAGS += -Wl,--dynamic-linker,$(UCLIBC_LDSO_ABSPATH)/$(UCLIBC_LDSO)
+LDFLAGS += -Wl,--dynamic-linker,$(UCLIBC_PATH)/$(UCLIBC_LDSO)
 endif
 endif
 
 
 ifeq ($(LDSO_GNU_HASH_SUPPORT),y)
 ifeq ($(LDSO_GNU_HASH_SUPPORT),y)