git: 9cabef3d146e - main - ldd: use direct exec mode unconditionally

From: Konstantin Belousov <kib_at_FreeBSD.org>
Date: Thu, 06 Oct 2022 15:50:31 UTC
The branch main has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=9cabef3d146e9a844813b6bc8952d6cf2e9d45e5

commit 9cabef3d146e9a844813b6bc8952d6cf2e9d45e5
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2022-09-21 13:55:44 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2022-10-06 15:50:26 +0000

    ldd: use direct exec mode unconditionally
    
    Trying to exec malformed or unusual binary, for instance, a non-FreeBSD
    ABI, or using a non-standard interpreter, might give unexpected outcome.
    
    Reported by:    The UK's National Cyber Security Centre (NCSC)
    Reviewed by:    emaste, markj, philip
    Discussed with: jhb
    Sponsored by:   The FreeBSD Foundation
    admbug: 991
    PR:     127276, 175339, 231926
    MFC after:      1 week
    Differential revision:  https://reviews.freebsd.org/D36650
---
 usr.bin/ldd/ldd.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/usr.bin/ldd/ldd.c b/usr.bin/ldd/ldd.c
index c16b6f5e8496..8897c8cbfbc2 100644
--- a/usr.bin/ldd/ldd.c
+++ b/usr.bin/ldd/ldd.c
@@ -233,18 +233,19 @@ main(int argc, char *argv[])
 			}
 			break;
 		case 0:
+			rtld = _PATH_RTLD;
+#if __ELF_WORD_SIZE > 32 && defined(ELF32_SUPPORTED)
+			if (type == TYPE_ELF32)
+				rtld = _COMPAT32_PATH_RTLD;
+#endif
 			if (is_shlib == 0) {
-				execl(*argv, *argv, (char *)NULL);
+				execl(rtld, rtld, "--",
+				    *argv, (char *)NULL);
 				warn("%s", *argv);
 			} else if (fmt1 == NULL && fmt2 == NULL && !aflag) {
 				dlopen(*argv, RTLD_TRACE);
 				warnx("%s: %s", *argv, dlerror());
 			} else {
-				rtld = _PATH_RTLD;
-#if __ELF_WORD_SIZE > 32 && defined(ELF32_SUPPORTED)
-				if (type == TYPE_ELF32)
-					rtld = _COMPAT32_PATH_RTLD;
-#endif
 				execl(rtld, rtld, "-d", "--",
 				    *argv, (char *)NULL);
 			}