From 8017fa6a2cf60dd1bab6f4ecca77bb2f8cc92e00 Mon Sep 17 00:00:00 2001 From: Konstantin Belousov Date: Tue, 9 Jun 2020 09:04:57 +0000 Subject: [PATCH] MFC r361725, r361728: Do not allow to load ET_DYN object with DF_1_PIE flag set. --- libexec/rtld-elf/rtld.c | 6 ++++++ libexec/rtld-elf/rtld.h | 1 + 2 files changed, 7 insertions(+) diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c index 4c7d99f5f9f..8f2891bc9b7 100644 --- a/libexec/rtld-elf/rtld.c +++ b/libexec/rtld-elf/rtld.c @@ -1321,6 +1321,8 @@ digest_dynamic1(Obj_Entry *obj, int early, const Elf_Dyn **dyn_rpath, obj->z_interpose = true; if (dynp->d_un.d_val & DF_1_NODEFLIB) obj->z_nodeflib = true; + if (dynp->d_un.d_val & DF_1_PIE) + obj->z_pie = true; break; default: @@ -2533,6 +2535,10 @@ do_load_object(int fd, const char *name, char *path, struct stat *sbp, obj->path = path; if (!digest_dynamic(obj, 0)) goto errp; + if (obj->z_pie) { + _rtld_error("Cannot load PIE binary %s as DSO", obj->path); + goto errp; + } dbg("%s valid_hash_sysv %d valid_hash_gnu %d dynsymcount %d", obj->path, obj->valid_hash_sysv, obj->valid_hash_gnu, obj->dynsymcount); if (obj->z_noopen && (flags & (RTLD_LO_DLOPEN | RTLD_LO_TRACE)) == diff --git a/libexec/rtld-elf/rtld.h b/libexec/rtld-elf/rtld.h index d96a072a8ce..195480ba5e4 100644 --- a/libexec/rtld-elf/rtld.h +++ b/libexec/rtld-elf/rtld.h @@ -258,6 +258,7 @@ typedef struct Struct_Obj_Entry { bool z_interpose : 1; /* Interpose all objects but main */ bool z_nodeflib : 1; /* Don't search default library path */ bool z_global : 1; /* Make the object global */ + bool z_pie : 1; /* Object proclaimed itself PIE executable */ bool static_tls : 1; /* Needs static TLS allocation */ bool static_tls_copied : 1; /* Needs static TLS copying */ bool ref_nodel : 1; /* Refcount increased to prevent dlclose */ -- 2.45.0