Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 17 Nov 2021 15:04:15 +0100
From: Alexander Sosedkin <>
Subject: $ORIGIN rpath expansion without /proc: code looks wrong

Hello, I've encountered a case of a binary with an rpath of
not starting up due to not finding /some/meaningful/lib/
ldd'ing said it's there though.
And the library was found alright when I patchelf'd rpath to just

I dug into musl code and came across that bit that checks /proc.
Sure enough, when I tried mounting /proc, it started working fine.
Yet the error handling from accessing /proc puzzles me:

ldso/dynlink.c, fixup_rpath():
                 l = readlink("/proc/self/exe", buf, buf_size);
                 if (l == -1) switch (errno) {
                 case ENOENT:
                 case ENOTDIR:
                 case EACCES:
                         return -1;
                 if (l >= buf_size)
                         return 0;
                 buf[l] = 0;
                 origin = buf;

hitting that break like I had means zeroing buf[-1], right?
Could somebody take a look at this and double-check that
this codepath makes sense?
My attempts at comprehending it fail irrecoverably at this line.

(CC me on replies, please.
  No nice context to provide, building my own toolchain at

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.