[v3,16/19] elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static
Checks
Context |
Check |
Description |
redhat-pt-bot/TryBot-apply_patch |
success
|
Patch applied to master at the time it was sent
|
linaro-tcwg-bot/tcwg_glibc_build--master-arm |
fail
|
Patch failed to apply
|
linaro-tcwg-bot/tcwg_glibc_check--master-arm |
fail
|
Patch failed to apply
|
Commit Message
It mimics the ld.so behavior.
Checked on x86_64-linux-gnu.
---
elf/dl-support.c | 32 ++++++++++++++++----------------
1 file changed, 16 insertions(+), 16 deletions(-)
Comments
On 2023-11-06 15:25, Adhemerval Zanella wrote:
> It mimics the ld.so behavior.
>
> Checked on x86_64-linux-gnu.
> ---
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> elf/dl-support.c | 32 ++++++++++++++++----------------
> 1 file changed, 16 insertions(+), 16 deletions(-)
>
> diff --git a/elf/dl-support.c b/elf/dl-support.c
> index 31a608df87..837fa1c836 100644
> --- a/elf/dl-support.c
> +++ b/elf/dl-support.c
> @@ -272,8 +272,6 @@ _dl_non_dynamic_init (void)
> _dl_main_map.l_phdr = GL(dl_phdr);
> _dl_main_map.l_phnum = GL(dl_phnum);
>
> - _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
> -
> /* Set up the data structures for the system-supplied DSO early,
> so they can influence _dl_init_paths. */
> setup_vdso (NULL, NULL);
> @@ -281,6 +279,22 @@ _dl_non_dynamic_init (void)
> /* With vDSO setup we can initialize the function pointers. */
> setup_vdso_pointers ();
>
> + if (__libc_enable_secure)
> + {
> + static const char unsecure_envvars[] =
> + UNSECURE_ENVVARS
> + ;
> + const char *cp = unsecure_envvars;
> +
> + while (cp < unsecure_envvars + sizeof (unsecure_envvars))
> + {
> + __unsetenv (cp);
> + cp = strchr (cp, '\0') + 1;
> + }
> + }
> +
> + _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
> +
> /* Initialize the data structures for the search paths for shared
> objects. */
> _dl_init_paths (getenv ("LD_LIBRARY_PATH"), "LD_LIBRARY_PATH",
> @@ -297,20 +311,6 @@ _dl_non_dynamic_init (void)
>
> _dl_dynamic_weak = *(getenv ("LD_DYNAMIC_WEAK") ?: "") == '\0';
>
> - if (__libc_enable_secure)
> - {
> - static const char unsecure_envvars[] =
> - UNSECURE_ENVVARS
> - ;
> - const char *cp = unsecure_envvars;
> -
> - while (cp < unsecure_envvars + sizeof (unsecure_envvars))
> - {
> - __unsetenv (cp);
> - cp = strchr (cp, '\0') + 1;
> - }
> - }
> -
> #ifdef DL_PLATFORM_INIT
> DL_PLATFORM_INIT;
> #endif
@@ -272,8 +272,6 @@ _dl_non_dynamic_init (void)
_dl_main_map.l_phdr = GL(dl_phdr);
_dl_main_map.l_phnum = GL(dl_phnum);
- _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
-
/* Set up the data structures for the system-supplied DSO early,
so they can influence _dl_init_paths. */
setup_vdso (NULL, NULL);
@@ -281,6 +279,22 @@ _dl_non_dynamic_init (void)
/* With vDSO setup we can initialize the function pointers. */
setup_vdso_pointers ();
+ if (__libc_enable_secure)
+ {
+ static const char unsecure_envvars[] =
+ UNSECURE_ENVVARS
+ ;
+ const char *cp = unsecure_envvars;
+
+ while (cp < unsecure_envvars + sizeof (unsecure_envvars))
+ {
+ __unsetenv (cp);
+ cp = strchr (cp, '\0') + 1;
+ }
+ }
+
+ _dl_verbose = *(getenv ("LD_WARN") ?: "") == '\0' ? 0 : 1;
+
/* Initialize the data structures for the search paths for shared
objects. */
_dl_init_paths (getenv ("LD_LIBRARY_PATH"), "LD_LIBRARY_PATH",
@@ -297,20 +311,6 @@ _dl_non_dynamic_init (void)
_dl_dynamic_weak = *(getenv ("LD_DYNAMIC_WEAK") ?: "") == '\0';
- if (__libc_enable_secure)
- {
- static const char unsecure_envvars[] =
- UNSECURE_ENVVARS
- ;
- const char *cp = unsecure_envvars;
-
- while (cp < unsecure_envvars + sizeof (unsecure_envvars))
- {
- __unsetenv (cp);
- cp = strchr (cp, '\0') + 1;
- }
- }
-
#ifdef DL_PLATFORM_INIT
DL_PLATFORM_INIT;
#endif