git: 9cabef3d146e - main - ldd: use direct exec mode unconditionally
Date: Thu, 06 Oct 2022 15:50:31 UTC
The branch main has been updated by kib:
URL: https://cgit.FreeBSD.org/src/commit/?id=9cabef3d146e9a844813b6bc8952d6cf2e9d45e5
commit 9cabef3d146e9a844813b6bc8952d6cf2e9d45e5
Author: Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2022-09-21 13:55:44 +0000
Commit: Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2022-10-06 15:50:26 +0000
ldd: use direct exec mode unconditionally
Trying to exec malformed or unusual binary, for instance, a non-FreeBSD
ABI, or using a non-standard interpreter, might give unexpected outcome.
Reported by: The UK's National Cyber Security Centre (NCSC)
Reviewed by: emaste, markj, philip
Discussed with: jhb
Sponsored by: The FreeBSD Foundation
admbug: 991
PR: 127276, 175339, 231926
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D36650
---
usr.bin/ldd/ldd.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/usr.bin/ldd/ldd.c b/usr.bin/ldd/ldd.c
index c16b6f5e8496..8897c8cbfbc2 100644
--- a/usr.bin/ldd/ldd.c
+++ b/usr.bin/ldd/ldd.c
@@ -233,18 +233,19 @@ main(int argc, char *argv[])
}
break;
case 0:
+ rtld = _PATH_RTLD;
+#if __ELF_WORD_SIZE > 32 && defined(ELF32_SUPPORTED)
+ if (type == TYPE_ELF32)
+ rtld = _COMPAT32_PATH_RTLD;
+#endif
if (is_shlib == 0) {
- execl(*argv, *argv, (char *)NULL);
+ execl(rtld, rtld, "--",
+ *argv, (char *)NULL);
warn("%s", *argv);
} else if (fmt1 == NULL && fmt2 == NULL && !aflag) {
dlopen(*argv, RTLD_TRACE);
warnx("%s: %s", *argv, dlerror());
} else {
- rtld = _PATH_RTLD;
-#if __ELF_WORD_SIZE > 32 && defined(ELF32_SUPPORTED)
- if (type == TYPE_ELF32)
- rtld = _COMPAT32_PATH_RTLD;
-#endif
execl(rtld, rtld, "-d", "--",
*argv, (char *)NULL);
}