From: "Stefan Fröberg" <stefan.froberg@petroprogram.com>
To: Szabolcs Nagy <nsz@port70.net>
Cc: musl@lists.openwall.com
Subject: Re: BUG: $ORIGIN does not seem to work
Date: Sun, 28 Jan 2018 00:07:33 +0200 [thread overview]
Message-ID: <f8f24145-cfde-4358-bc6b-7b79a1e8f142@petroprogram.com> (raw)
In-Reply-To: <20180127192621.GJ4418@port70.net>
Hi
Here is the strace
strace ./x
execve("./x", ["./x"], 0x7ffc8a938740 /* 20 vars */) = 0
arch_prctl(ARCH_SET_FS, 0x7fb0d02cfba8) = 0
set_tid_address(0x7fb0d02cfbe0) = 2954
readlink("/proc/self/exe", "/root/batman/x", 512) = 14
open("/root/batman/lib/libcrypto.so.1.1", O_RDONLY|O_CLOEXEC) = 3
fcntl(3, F_SETFD, FD_CLOEXEC) = 0
fstat(3, {st_mode=S_IFREG|0755, st_size=2800952, ...}) = 0
read(3,
"\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\220\6\0\0\0\0\0"...,
960) = 960
mmap(NULL, 4911104, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x7fb0cfb92000
mmap(0x7fb0d0016000, 176128, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED, 3, 0x284000) = 0x7fb0d0016000
mmap(0x7fb0d003e000, 12288, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fb0d003e000
close(3) = 0
mprotect(0x7fb0d0016000, 122880, PROT_READ) = 0
mprotect(0x7fb0d02cc000, 4096, PROT_READ) = 0
mprotect(0x5574fa625000, 4096, PROT_READ) = 0
ioctl(1, TIOCGWINSZ, {ws_row=34, ws_col=107, ws_xpixel=1284,
ws_ypixel=748}) = 0
writev(1, [{iov_base="Initializing crypto ... OK", iov_len=26},
{iov_base="\n", iov_len=1}], 2Initializing crypto ... OK
) = 27
exit_group(0) = ?
+++ exited with 0 +++
./x
Initializing crypto ... OK
So it find and uses the correct, local version $ORIGIN/lib
(/root/batman/lib/libcrypto.so.1.1) of libcrypto.so.1.1
and "readelf -d x" confirms it.
But for some reason ldd does not show it.
ldd x
/lib/ld-musl-x86_64.so.1 (0x7f22efa03000)
libcrypto.so.1.1 => /usr/lib/libcrypto.so.1.1 (0x7f22ef352000)
libc.so => /lib/ld-musl-x86_64.so.1 (0x7f22efa03000)
********************************************************************
#include <stdio.h>
#include <openssl/ssl.h>
int main(void)
{
printf("Initializing crypto ... ");
int r =
OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS|OPENSSL_INIT_NO_ADD_ALL_DIGESTS,NULL);
printf("%s\n",(r == 1 ? "OK" : "FAILED"));
return(0);
}
*********************************************************************
readelf -d x
Dynamic section at offset 0xe10 contains 24 entries:
Tag Type Name/Value
0x0000000000000001 (NEEDED) Shared library: [libcrypto.so.1.1]
0x0000000000000001 (NEEDED) Shared library: [libc.so]
0x000000000000000f (RPATH) Library rpath: [$ORIGIN/lib]
0x000000000000000c (INIT) 0x608
0x000000000000000d (FINI) 0x8e2
0x000000006ffffef5 (GNU_HASH) 0x220
0x0000000000000005 (STRTAB) 0x3c0
0x0000000000000006 (SYMTAB) 0x258
0x000000000000000a (STRSZ) 253 (bytes)
0x000000000000000b (SYMENT) 24 (bytes)
0x0000000000000015 (DEBUG) 0x0
0x0000000000000003 (PLTGOT) 0x201000
0x0000000000000002 (PLTRELSZ) 96 (bytes)
0x0000000000000014 (PLTREL) RELA
0x0000000000000017 (JMPREL) 0x5a8
0x0000000000000007 (RELA) 0x500
0x0000000000000008 (RELASZ) 168 (bytes)
0x0000000000000009 (RELAENT) 24 (bytes)
0x000000006ffffffb (FLAGS_1) Flags: PIE
0x000000006ffffffe (VERNEED) 0x4e0
0x000000006fffffff (VERNEEDNUM) 1
0x000000006ffffff0 (VERSYM) 0x4be
0x000000006ffffff9 (RELACOUNT) 2
0x0000000000000000 (NULL) 0x0
Szabolcs Nagy kirjoitti 27.01.2018 klo 21:26:
> * Stefan Fröberg <stefan.froberg@petroprogram.com> [2018-01-27 18:20:27 +0200]:
>> Szabolcs Nagy kirjoitti 27.01.2018 klo 13:07:
>>> * Stefan Fröberg <stefan.froberg@petroprogram.com> [2018-01-27 01:50:21 +0200]:
>>>> My ldd is just symbolic link inside musl chroot environment, to
>>>> /lib/ld-musl-x86_64.so.1
>>>> and it's symbolic link to /lib/libc.so
>>>>
>>>> Here is readelf output of that test program
>>>> readelf -d x
>>>>
>>>> Dynamic section at offset 0xe10 contains 24 entries:
>>>> Tag Type Name/Value
>>>> 0x0000000000000001 (NEEDED) Shared library: [libcrypto.so.1.1]
>>> ^^^^^^^^^^^^^^^^
>>> this looks like the wrong library version
>>>
>>> if you had straced the ldd output you would have seen
>>> that musl tries to open lib/libcrypto.so.1.1, but you
>>> probably only have lib/libcrypto.so.1.0.0 based on the
>>> glibc ldd output below.
>> No, that ldd was run inside, pure, chrooted musl environment. No glibc
>> inside.
> this does not matter
>
>> These are the only libcrypto* files inside that chroot environment:
>>
>> ls -lah /usr/lib/libcrypto.*
>> -rw-r--r-- 1 0 0 5.0M Dec 17 00:24 /usr/lib/libcrypto.a
>> lrwxrwxrwx 1 0 0 16 Dec 17 00:24
>> /usr/lib/libcrypto.so -> libcrypto.so.1.1
>> -rwxr-xr-x 1 0 0 3.0M Jan 26 12:58
>> /usr/lib/libcrypto.so.1.1
>>
> like i said, you linked the wrong library, try to link
> the right one. again, if you run the ldso under strace
> the problem will be obvious and we dont have to waste time.
>
> you should also strace ld to see what gets linked,
> if it's /usr/lib/libcrypto... then that's wrong.
> (instead of strace you can use -Wl,--trace)
next prev parent reply other threads:[~2018-01-27 22:07 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-26 13:39 Stefan Fröberg
2018-01-26 14:21 ` Szabolcs Nagy
2018-01-26 23:50 ` Stefan Fröberg
2018-01-27 11:07 ` Szabolcs Nagy
2018-01-27 16:20 ` Stefan Fröberg
2018-01-27 16:42 ` Rich Felker
2018-01-27 17:14 ` Stefan Fröberg
2018-01-27 19:26 ` Szabolcs Nagy
2018-01-27 22:07 ` Stefan Fröberg [this message]
2018-01-28 0:54 ` Szabolcs Nagy
2018-02-07 17:35 ` Rich Felker
2018-02-07 20:28 ` Szabolcs Nagy
2018-01-26 16:34 ` Rich Felker
2018-01-26 21:28 ` Stefan Fröberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f8f24145-cfde-4358-bc6b-7b79a1e8f142@petroprogram.com \
--to=stefan.froberg@petroprogram.com \
--cc=musl@lists.openwall.com \
--cc=nsz@port70.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).