1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 03:17:35 +00:00

Loader.so+LibELF: Do not read environment variables if AT_SECURE is set

AT_SECURE is set in the auxiliary vector when we execute setuid/setgid
programs.
In those cases, we do not want to read environment variables that
influence the logic of the dynamic loader, as they can be controlled
by the user.
This commit is contained in:
Itamar 2021-01-09 09:51:44 +02:00 committed by Andreas Kling
parent 20974b0772
commit a4b74cba0b
3 changed files with 22 additions and 8 deletions

View file

@ -135,6 +135,7 @@ void _start(int argc, char** argv, char** envp)
int main_program_fd = -1;
String main_program_name;
bool is_secure = false;
for (; auxvp->a_type != AT_NULL; ++auxvp) {
if (auxvp->a_type == ELF::AuxiliaryValue::ExecFileDescriptor) {
main_program_fd = auxvp->a_un.a_val;
@ -142,6 +143,9 @@ void _start(int argc, char** argv, char** envp)
if (auxvp->a_type == ELF::AuxiliaryValue::ExecFilename) {
main_program_name = (const char*)auxvp->a_un.a_ptr;
}
if (auxvp->a_type == ELF::AuxiliaryValue::Secure) {
is_secure = auxvp->a_un.a_val == 1;
}
}
if (main_program_name == "/usr/lib/Loader.so") {
@ -156,7 +160,7 @@ void _start(int argc, char** argv, char** envp)
ASSERT(main_program_fd >= 0);
ASSERT(!main_program_name.is_empty());
ELF::DynamicLinker::linker_main(move(main_program_name), main_program_fd, argc, argv, envp);
ELF::DynamicLinker::linker_main(move(main_program_name), main_program_fd, is_secure, argc, argv, envp);
ASSERT_NOT_REACHED();
}
}