From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FROM,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 24683 invoked from network); 17 Nov 2021 20:02:21 -0000 Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with ESMTPUTF8; 17 Nov 2021 20:02:21 -0000 Received: (qmail 21591 invoked by uid 550); 17 Nov 2021 20:02:19 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 21559 invoked from network); 17 Nov 2021 20:02:19 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=Un24Hsd0QPASlJ3+mZftGStrVsVs8M5xcIYU5VdaI3A=; b=m2Yi6hMifq1T1UV2baoBG1d+h1H7klOFQPkGP5M/+hg01tMTAOL1X2j+GAka2KQs5l EmUi4w6Wx9S9B22mU9P9lwhmgaVqUD9gyUYTRwRzSlOJeKKvZNgfZDLhZ1EjNuz5QK0v g47f7o29aEltfBZQhsN9lvAvDS9E9/J5NDFWe/JMOL3lNv0BiYlZZp3C1IFat6uq4SHJ N7f2vPrfb6NL33GjTrjtkfVyETmD8AVE9Vogf6d0G3pNKuWklbqpNLwtlqawQElOQ5tk kvMWD3D/3yYeWb5JXjmjvdntf5vtgCGftPUROrwWrncuduuMTkEj1Gve9Dd69zadAthe snJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc:content-transfer-encoding; bh=Un24Hsd0QPASlJ3+mZftGStrVsVs8M5xcIYU5VdaI3A=; b=Qbq0oFSBcdAFELmSX+mDL67SwD11OTxTudIN+TLW+ejpJcdnMedQVuJk31BHXLq0Af opvRXqTJheK+p5lSn8o+uj6nc8Zktaw4yGfApgR1dFmj2/G35byGIEIT9jLX6uEtY/1b BwhGo6yGMszLe5LiuSunXGCEzOTTaYxHrvqIYO26AB2KfP6ow8wJntpg8lTo+6Nk67G4 G2ZNjW56xZLs9Ae/5RoPQC+cScgl44UaAMtX4CrfoX3JbFA744mEJ3zJkT7bW4kYvL5M XY42t5+ScUcLJqxyVbbxYDIs/8ZjLpGCYvLjLjHcBb2sJ+zs40/uQMN92pBMcz24cJjp 638A== X-Gm-Message-State: AOAM531C262yLDDxDWR695CZGvQrFKc1kfoDlv14J4U8u5Xh6f9AJ84M w8+ud8foqo7S4jqn6eb/oohykAGR6aJhD4Ic+blpIccJC4s= X-Google-Smtp-Source: ABdhPJwC5D9DgytucilakbNkabC8Fakb+eq4k/vqDZqPeDheyx81WnHvRrFOTHDgZwv4Y6PlEMFr/BWX2fP0u8OZxfg= X-Received: by 2002:a17:90b:180b:: with SMTP id lw11mr3040830pjb.108.1637179326052; Wed, 17 Nov 2021 12:02:06 -0800 (PST) MIME-Version: 1.0 References: <27df10f8-c044-e960-350a-d0a40b774bed@unboiled.info> In-Reply-To: From: Jeffrey Walton Date: Wed, 17 Nov 2021 15:01:54 -0500 Message-ID: To: musl@lists.openwall.com Cc: monk@unboiled.info Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [musl] $ORIGIN rpath expansion without /proc: code looks wrong On Wed, Nov 17, 2021 at 12:09 PM =C3=89rico Nogueira = wrote: > > On Wed Nov 17, 2021 at 11:04 AM -03, Alexander Sosedkin wrote: > > ... > > Could somebody take a look at this and double-check that > > this codepath makes sense? > > It does, but it might not be as robust as you wish. fixup_rpath() treats > the RPATH entry as a single string, and does all $ORIGIN substitutions > in one go (what splits the string by ":" is open_path()). This means > that the entire RPATH entry containing $ORIGIN will be ignored if > /proc/self/exe can't be accessed, despite one or more of them not > depending on $ORIGIN. This has come up before on the list. It is different behavior from libc, and it may be CVE worthy if a down-level library is used when an updated library is available but lost because the RPATH/RUNPATH is discarded. Jeff