Date: Fri, 30 Mar 2012 09:36:12 +0000 (UTC) From: Konstantin Belousov <kib@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r233695 - stable/9/libexec/rtld-elf Message-ID: <201203300936.q2U9aCDH034312@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kib Date: Fri Mar 30 09:36:12 2012 New Revision: 233695 URL: http://svn.freebsd.org/changeset/base/233695 Log: MFC r232861: Provide rtld-private implementations of __stack_chk_guard, __stack_chk_fail() and __chk_fail() symbols, to be used by functions linked from libc_pic.a. Modified: stable/9/libexec/rtld-elf/rtld.c Directory Properties: stable/9/libexec/rtld-elf/ (props changed) Modified: stable/9/libexec/rtld-elf/rtld.c ============================================================================== --- stable/9/libexec/rtld-elf/rtld.c Fri Mar 30 09:34:19 2012 (r233694) +++ stable/9/libexec/rtld-elf/rtld.c Fri Mar 30 09:36:12 2012 (r233695) @@ -196,6 +196,8 @@ extern Elf_Dyn _DYNAMIC; int osreldate, pagesize; +long __stack_chk_guard[8] = {0, 0, 0, 0, 0, 0, 0, 0}; + static int stack_prot = PROT_READ | PROT_WRITE | RTLD_DEFAULT_STACK_EXEC; static int max_stack_flags; @@ -311,6 +313,8 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_ Obj_Entry **preload_tail; Objlist initlist; RtldLockState lockstate; + int mib[2]; + size_t len; /* * On entry, the dynamic linker itself has not been relocated yet. @@ -346,6 +350,26 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_ main_argc = argc; main_argv = argv; + if (aux_info[AT_CANARY]->a_un.a_ptr != NULL) { + i = aux_info[AT_CANARYLEN]->a_un.a_val; + if (i > sizeof(__stack_chk_guard)) + i = sizeof(__stack_chk_guard); + memcpy(__stack_chk_guard, aux_info[AT_CANARY]->a_un.a_ptr, i); + } else { + mib[0] = CTL_KERN; + mib[1] = KERN_ARND; + + len = sizeof(__stack_chk_guard); + if (sysctl(mib, 2, __stack_chk_guard, &len, NULL, 0) == -1 || + len != sizeof(__stack_chk_guard)) { + /* If sysctl was unsuccessful, use the "terminator canary". */ + ((unsigned char *)(void *)__stack_chk_guard)[0] = 0; + ((unsigned char *)(void *)__stack_chk_guard)[1] = 0; + ((unsigned char *)(void *)__stack_chk_guard)[2] = '\n'; + ((unsigned char *)(void *)__stack_chk_guard)[3] = 255; + } + } + trust = !issetugid(); ld_bind_now = getenv(LD_ "BIND_NOW"); @@ -4316,3 +4340,19 @@ void __pthread_cxa_finalize(struct dl_phdr_info *a) { } + +void +__stack_chk_fail(void) +{ + + _rtld_error("stack overflow detected; terminated"); + die(); +} + +void +__chk_fail(void) +{ + + _rtld_error("buffer overflow detected; terminated"); + die(); +}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201203300936.q2U9aCDH034312>