>From e823910d69ff56ffccecaa9b29fd4b67b901798a Mon Sep 17 00:00:00 2001 From: Markus Wichmann Date: Wed, 6 Feb 2019 16:51:53 +0100 Subject: [PATCH 6/6] Make libc and vdso explicitly have no deps. Alexey Izbyshev reported that without this, dlopen("libc.so") returns a handle that is capable of finding every symbol in libraries loaded as dependencies, since dso->deps == 0 usually means dependencies haven't been loaded. --- ldso/dynlink.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ldso/dynlink.c b/ldso/dynlink.c index ec921dfd..6ffeca85 100644 --- a/ldso/dynlink.c +++ b/ldso/dynlink.c @@ -1244,6 +1244,7 @@ static void reloc_all(struct dso *p) static void kernel_mapped_dso(struct dso *p) { size_t min_addr = -1, max_addr = 0, cnt; + static const struct dso *sentinel = 0; Phdr *ph = p->phdr; for (cnt = p->phnum; cnt--; ph = (void *)((char *)ph + p->phentsize)) { if (ph->p_type == PT_DYNAMIC) { @@ -1428,6 +1429,7 @@ hidden void __dls2(unsigned char *base, size_t *sp) ldso.phdr = laddr(&ldso, ehdr->e_phoff); ldso.phentsize = ehdr->e_phentsize; kernel_mapped_dso(&ldso); + ldso.deps = (struct dso**)&nodeps_dummy; decode_dyn(&ldso); if (DL_FDPIC) makefuncdescs(&ldso); @@ -1675,6 +1677,7 @@ _Noreturn void __dls3(size_t *sp) vdso.prev = tail; tail->next = &vdso; tail = &vdso; + vdso.deps = (struct dso**)&nodeps_dummy; } for (i=0; app.dynv[i]; i+=2) { -- 2.20.1