From: Alexey Izbyshev <izbyshev@ispras.ru>
To: Markus Wichmann <nullplan@gmx.net>
Cc: musl@lists.openwall.com
Subject: Re: dlsym(handle) may search in unrelated libraries
Date: Thu, 7 Feb 2019 16:42:15 +0300 [thread overview]
Message-ID: <8031d662-bf4f-1321-155c-942a8c92e1d8@ispras.ru> (raw)
In-Reply-To: <20190207053327.GD5469@voyager>
On 2/7/19 8:33 AM, Markus Wichmann wrote:
> Let's consider the original code. liba depends on libb, which depends on
> libc. dlopen("liba") returns a handle with libb and libc in the deps,
> but libb->deps == 0. If we now call dlopen("libb"), that does the right
> thing, but only because libb happens to be the last lib in the chain. If
> we'd have loaded libx, liby, and libz before trying libb, it would add
> all the symbols of libs x, y, and z to the libb handle.
Your description almost captures the problem, but is imprecise in the
last part: "it would add all the symbols of libs x, y, and z to the libb
handle". load_deps() looks only at DT_NEEDED entries of libraries it
iterates over, so, for example, if libx depends on both liby and libz,
then liby and libz (but not libx) would be added to deps of libb.
Moreover, consider the following dependency hierarchy (loaded on
dlopen("liba")):
liba
libb
libd
libe
In this case, even dlopen("libb") wouldn't do the right thing because
load_deps() would find libe in DT_NEEDED of libd and add it to deps of libb.
>
> As you said, order is important. What is the correct order, depth-first
> or breadth-first? I think it should be depth-first, but lack any
> authoritative knowledge on this.
dlsym(handle) uses so-called "dependency order"[1], which is
breadth-first[2]. This is what musl current does in cases when
load_deps() is called on a real first load of a library (so that
everything that's further in the dso list are implicitly loaded
dependencies of this library).
So with the following dependency tree:
>
> liba->libb->libc
> `>libx->liby
>
> the handle for liba would list libc before libx.
>
The correct order is what load_deps() does currently: liba libb libx
libc liby
> Easiest implementation is probably still going to be recursive. Let's
hope the dependency trees don't get too wild.
I think the easiest way is simply to modify load_deps() to always
traverse DT_NEEDED in breadth-first order without relying on the dso
list in the outer loop. load_deps() already effectively maintains a
queue (deps) that can be used for BFS, so no recursion is needed.
>
> I'll look into it after work.
>
Thanks for following this up, Markus!
[1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/dlsym.html
[2] http://pubs.opengroup.org/onlinepubs/9699919799/functions/dlopen.html
Alexey
next prev parent reply other threads:[~2019-02-07 13:42 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-05 21:02 Alexey Izbyshev
2019-02-06 13:40 ` Alexey Izbyshev
2019-02-06 16:02 ` Markus Wichmann
2019-02-06 17:02 ` Alexey Izbyshev
2019-02-06 20:25 ` Markus Wichmann
2019-02-06 21:23 ` Alexey Izbyshev
2019-02-07 5:33 ` Markus Wichmann
2019-02-07 13:42 ` Alexey Izbyshev [this message]
2019-02-07 17:43 ` Markus Wichmann
2019-02-07 20:37 ` Markus Wichmann
2019-02-07 21:29 ` Rich Felker
2019-02-07 16:54 ` Rich Felker
2019-02-07 18:36 ` Markus Wichmann
2019-02-07 18:57 ` Rich Felker
2019-02-07 20:31 ` Markus Wichmann
2019-02-07 21:33 ` Rich Felker
2019-02-07 21:37 ` Rich Felker
2019-02-08 10:19 ` A. Wilcox
2019-02-08 12:00 ` Szabolcs Nagy
2019-02-08 16:09 ` Rich Felker
2019-02-09 22:53 Alexey Izbyshev
2019-02-10 1:03 ` Rich Felker
2019-02-26 15:07 ` Rich Felker
2019-03-04 2:11 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8031d662-bf4f-1321-155c-942a8c92e1d8@ispras.ru \
--to=izbyshev@ispras.ru \
--cc=musl@lists.openwall.com \
--cc=nullplan@gmx.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).