Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 23 May 2020 12:05:51 -0400
From: Rich Felker <>
To: Florian Weimer <>
Cc: Alexander Scherbatiy <>,, Markus Wichmann <>
Subject: Re: Shared library loading

On Sat, May 23, 2020 at 04:12:22PM +0200, Florian Weimer wrote:
> * Rich Felker:
> >> >|/* Add a shortname only if name arg was not an explicit pathname. */
> >> >|if (pathname != name) p->shortname = strrchr(p->name, '/')+1;
> >> 
> >>   It would be interesting to know which task this check is supposed
> >> to solve.
> >
> > The concept here is that non-pathname library names should be loaded
> > from the library path and not replaced by something (typically a
> > "module" or "plug-in") in a different, explicitly-loaded location that
> > happens to have a colliding base filename.
> >
> > For example suppose your application loads modules from $libdir/myapp/
> > and has a module named "". Unbeknownst to you, there's also a
> > "" in the system paths, and some library you potentially load
> > indirectly (maybe the GPU driver for some video hardware you've never
> > heard of) depends on "".
> >
> > If dlopen("$libdir/myapp/") had put "" in the
> > namespace such that it would satisfy future load requests for the name
> > "", the subsequent load would break due to getting the wrong
> > (unrelated) library.
> On the other hand, that breaks FFI implementatiosn which try to guess
> the library name from some substring of it, and pass the absolute path
> (as obtained from the file system) to dlopen.
> (The root of the problem is that FFI users have not been taught to
> load libraries by their soname (e.g.,, but expect to
> use strings such as "", "libsqlite3", or just "sqlite3".

I'm not sure what breakage you're thinking about. As long as the the
name resolves to the same file (dev/ino pair) as one already loaded,
the already-loaded one will be used. So it doesn't matter if you load
"" or "" as long as they're both links to the same
underlying file. The above-described distinction only happens when
there are actually different files, one in an absolute or relative
path provided by the caller (any string containing a '/'), and another
requested by dlopen or DT_NEEDED for search (no '/').

But yes Python is doing some really broken stuff in this area and
should be fixed.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.