Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 15 Mar 2018 11:35:31 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: Program with constructor function segfaults frequently
 with musl

On Thu, Mar 15, 2018 at 11:28:56AM +0000, Bracken Dawson wrote:
> Sadly my use case is to set a given mnt namespace before go becomes
> multi-threaded, which happens before the go main() function, so I do depend
> on reading argv in the constructor, I mean I could use a file or something
> else, but would rather not.
> 
> I guess this is just something I can get away with today in glibc that musl
> will never support.
> 
> Thanks for looking though.

If you really insist on trying to access the command line from a ctor,
you can open /proc/self/cmdline and read it in. However as noted
before there are problems with assuming the process is not yet
multithreaded just because you're in a ctor and other approaches (exec
via helper) would probably be better.

Rich


> On 15 March 2018 at 11:17, Szabolcs Nagy <nsz@...t70.net> wrote:
> 
> > * Szabolcs Nagy <nsz@...t70.net> [2018-03-15 12:01:44 +0100]:
> > > * Bracken Dawson <abdawson@...il.com> [2018-03-15 10:38:31 +0000]:
> > > > I have been having trouble getting a cgo program to run with musl, it
> > has
> > > > been segfaulting frequently and with 'No stack' when run under gdb.
> > > >
> > > > I have managed to reproduce such a failure in pure c with a very small
> > > > example:
> > > >
> > > > ```
> > > > #include <stdio.h>
> > > > #include <stdlib.h>
> > > > #include <getopt.h>
> > > >
> > > > __attribute__((constructor)) void enter_namespace(int argc, char
> > *argv[]) {
> > >
> > > the arguments passed to ctors are not part of the elf abi
> > > http://www.sco.com/developers/gabi/latest/ch5.dynamic.html#init_fini
> >
> > ah this does not explain the type signature, the right link is
> > http://www.sco.com/developers/gabi/latest/ch4.sheader.html#init_array
> >
> > > (and it cannot really work for dynamically loaded libraries anyway:
> > > the application can arbitrarily clobber argv by that time)
> > >
> > > glibc passes these arguments as an extension (the semantics
> > > for dlopened libraries is unclear), which happens to work
> > > since the calling convention of functions with no arguments
> > > allows this on all supported targets.
> > >
> > > (note that there are security hardenning solutions that check
> > > the call site function signature against the callee and abort on
> > > mismatch and such extension would not work with that)
> > >
> > > is this cgo that tries to capture argv in a ctor or some other
> > > c library? (in either case you should first try to solve it
> > > portably without depending on the glibc extension)
> >

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.