RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 04:57:44 +00:00
Code Issues Activity Actions

LibC: Move stack canary initialization before the global constructors

Browse source 
Once again, QEMU creates threads while running its constructors, which
is a recipe for disaster if we switch out the stack guard while that is
already running in the background.

To solve that, move initialization to our LibC initialization stage,
which is before any actual external initialization code runs.
This commit is contained in:
Tim Schumacher 2022-06-30 11:31:56 +02:00 committed by Brian Gianforcaro
parent cf0ad3715e
commit b9f7966e00
2 changed files with 6 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Userland/Libraries/LibELF/DynamicLinker.cpp
View file

@ -259,6 +259,12 @@ static void initialize_libc(DynamicObject& libc)
VERIFY(res.has_value());
*((char***)res.value().address.as_ptr()) = s_envp;
// __stack_chk_guard should be initialized before anything significant (read: global constructors) is running.
// This is not done in __libc_init, as we definitely have to return from that, and it might affect Loader as well.
res = libc.lookup_symbol("__stack_chk_guard"sv);
VERIFY(res.has_value());
arc4random_buf(res.value().address.as_ptr(), sizeof(size_t));
res = libc.lookup_symbol("__environ_is_malloced"sv);
VERIFY(res.has_value());
*((bool*)res.value().address.as_ptr()) = false;