Skip to content

Commit

Permalink
* elf/ldd.bash.in: When set -o pipefail is available, use that for
Browse files Browse the repository at this point in the history
	piping to cat; when not, don't use the pipe at all.
	Pipe to cat in all cases of running the executable.
	When direct running exits with code 5, retry running via ${RTLD}.
	* elf/rtld.c (process_envvars): If __libc_enable_secure and
	mode != normal, exit with exitcode 5.
  • Loading branch information
Roland McGrath committed Dec 8, 2004
1 parent 77474cc commit f57a3c9
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 7 deletions.
9 changes: 9 additions & 0 deletions ChangeLog
Original file line number Diff line number Diff line change
@@ -1,3 +1,12 @@
2004-12-08 Jakub Jelinek <jakub@redhat.com>

* elf/ldd.bash.in: When set -o pipefail is available, use that for
piping to cat; when not, don't use the pipe at all.
Pipe to cat in all cases of running the executable.
When direct running exits with code 5, retry running via ${RTLD}.
* elf/rtld.c (process_envvars): If __libc_enable_secure and
mode != normal, exit with exitcode 5.

2004-12-07 Jakub Jelinek <jakub@redhat.com>

* sysdeps/posix/sysconf.c (__sysconf_check_spec): Only define
Expand Down
31 changes: 26 additions & 5 deletions elf/ldd.bash.in
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,21 @@ add_env="$add_env LD_VERBOSE=$verbose"
if test "$unused" = yes; then
add_env="$add_env LD_DEBUG=\"$LD_DEBUG${LD_DEBUG:+,}unused\""
fi

# The following use of cat is needed to make ldd work in SELinux
# environments where the executed program might not have permissions
# to write to the console/tty. But only bash 3.x supports the pipefail
# option, and we don't bother to handle the case for older bash versions.
if set -o pipefail 2> /dev/null; then
try_trace() {
eval $add_env '"$@"' | cat
}
else
try_trace() {
eval $add_env '"$@"'
}
fi

case $# in
0)
echo >&2 'ldd:' $"missing file arguments"
Expand Down Expand Up @@ -153,7 +168,16 @@ warning: you do not have execution permission for" "\`$file'" >&2
fi
case $ret in
0)
eval $add_env '"$file"' || result=1
# If the program exits with exit code 5, it means the process has been
# invoked with __libc_enable_secure. Fall back to running it through
# the dynamic linker.
try_trace "$file"
rc=$?
if [ $rc = 5 ]; then
try_trace "$RTLD" "$file"
rc=$?
fi
[ $rc = 0 ] || result=1
;;
1)
# This can be a non-ELF binary or no binary at all.
Expand All @@ -163,10 +187,7 @@ warning: you do not have execution permission for" "\`$file'" >&2
}
;;
2)
# The following use of cat is needed to make ldd work in SELinux
# environments where the executed program might not have permissions
# to write to the console/tty.
eval $add_env \${RTLD} '"$file"' | cat || result=1
try_trace "$RTLD" "$file" || result=1
;;
*)
echo 'ldd:' ${RTLD} $"exited with unknown exit code" "($ret)" >&2
Expand Down
6 changes: 4 additions & 2 deletions elf/rtld.c
Original file line number Diff line number Diff line change
Expand Up @@ -2269,9 +2269,11 @@ process_envvars (enum mode *modep)
if (__access ("/etc/suid-debug", F_OK) != 0)
{
unsetenv ("MALLOC_CHECK_");
if (mode == normal)
GLRO(dl_debug_mask) = 0;
GLRO(dl_debug_mask) = 0;
}

if (mode != normal)
_exit (5);
}
/* If we have to run the dynamic linker in debugging mode and the
LD_DEBUG_OUTPUT environment variable is given, we write the debug
Expand Down

0 comments on commit f57a3c9

Please sign in to comment.