svn commit: r254018 - head/usr.bin/ldd

Mark Johnston markj at FreeBSD.org
Wed Aug 7 00:28:18 UTC 2013 

Author: markj
Date: Wed Aug  7 00:28:17 2013
New Revision: 254018
URL: http://svnweb.freebsd.org/changeset/base/254018

Log:
  Pass variables prefixed with both LD_ and LD_32_ to the run-time linker.
  This prevents unintentional execution of programs when running ldd(1) on
  32-bit Linux binaries.
  
  PR:		175339, 127276
  Suggested by:	kib, rstone
  Reviewed by:	kib
  MFC after:	2 weeks

Modified:
  head/usr.bin/ldd/ldd.c

Modified: head/usr.bin/ldd/ldd.c
==============================================================================
--- head/usr.bin/ldd/ldd.c	Wed Aug  7 00:20:30 2013	(r254017)
+++ head/usr.bin/ldd/ldd.c	Wed Aug  7 00:28:17 2013	(r254018)
@@ -49,12 +49,6 @@ __FBSDID("$FreeBSD$");
 
 #include "extern.h"
 
-#ifdef COMPAT_32BIT
-#define	LD_	"LD_32_"
-#else
-#define	LD_	"LD_"
-#endif
-
 /*
  * 32-bit ELF data structures can only be used if the system header[s] declare
  * them.  There is no official macro for determining whether they are declared,
@@ -64,6 +58,16 @@ __FBSDID("$FreeBSD$");
 #define	ELF32_SUPPORTED
 #endif
 
+#define	LDD_SETENV(name, value, overwrite) do {		\
+	setenv("LD_" name, value, overwrite);		\
+	setenv("LD_32_" name, value, overwrite);	\
+} while (0)
+
+#define	LDD_UNSETENV(name) do {		\
+	unsetenv("LD_" name);		\
+	unsetenv("LD_32_" name);	\
+} while (0)
+
 static int	is_executable(const char *fname, int fd, int *is_shlib,
 		    int *type);
 static void	usage(void);
@@ -82,7 +86,7 @@ execldd32(char *file, char *fmt1, char *
 	char *argv[8];
 	int i, rval, status;
 
-	unsetenv(LD_ "TRACE_LOADED_OBJECTS");
+	LDD_UNSETENV("TRACE_LOADED_OBJECTS");
 	rval = 0;
 	i = 0;
 	argv[i++] = strdup(_PATH_LDD32);
@@ -121,7 +125,7 @@ execldd32(char *file, char *fmt1, char *
 	}
 	while (i--)
 		free(argv[i]);
-	setenv(LD_ "TRACE_LOADED_OBJECTS", "yes", 1);
+	LDD_SETENV("TRACE_LOADED_OBJECTS", "yes", 1);
 	return (rval);
 }
 #endif
@@ -210,15 +214,15 @@ main(int argc, char *argv[])
 		}
 
 		/* ld.so magic */
-		setenv(LD_ "TRACE_LOADED_OBJECTS", "yes", 1);
+		LDD_SETENV("TRACE_LOADED_OBJECTS", "yes", 1);
 		if (fmt1 != NULL)
-			setenv(LD_ "TRACE_LOADED_OBJECTS_FMT1", fmt1, 1);
+			LDD_SETENV("TRACE_LOADED_OBJECTS_FMT1", fmt1, 1);
 		if (fmt2 != NULL)
-			setenv(LD_ "TRACE_LOADED_OBJECTS_FMT2", fmt2, 1);
+			LDD_SETENV("TRACE_LOADED_OBJECTS_FMT2", fmt2, 1);
 
-		setenv(LD_ "TRACE_LOADED_OBJECTS_PROGNAME", *argv, 1);
+		LDD_SETENV("TRACE_LOADED_OBJECTS_PROGNAME", *argv, 1);
 		if (aflag)
-			setenv(LD_ "TRACE_LOADED_OBJECTS_ALL", "1", 1);
+			LDD_SETENV("TRACE_LOADED_OBJECTS_ALL", "1", 1);
 		else if (fmt1 == NULL && fmt2 == NULL)
 			/* Default formats */
 			printf("%s:\n", *argv);

More information about the svn-src-head mailing list