Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 16 Aug 2022 22:45:45 -0700
From: Elvis Pranskevichus <>
Subject: [PATCH] ldso/dynlink: Protect LD_ env vars from getting clobbered by apps

There is no guarantee that the environment block will remain intact.
For example, PostgreSQL clobbers argv/environ area to implement its
"setproctitle" emulation on non-BSD [1], and there is a popular Python
library inspired by it [2].  As a result, setting `LD_LIBRARY_PATH`
or `LD_PRELOAD` has no effect on Postgres subprocesses when linking
against musl.

Protect against this by making a copies instead of storing the
original pointers directly.

(please CC me, I'm not subscribed to the list)

 ldso/dynlink.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ldso/dynlink.c b/ldso/dynlink.c
index cc677952..703342b8 100644
--- a/ldso/dynlink.c
+++ b/ldso/dynlink.c
@@ -1756,8 +1756,8 @@ void __dls3(size_t *sp, size_t *auxv)

 	/* Only trust user/env if kernel says we're not suid/sgid */
 	if (! {
-		env_path = getenv("LD_LIBRARY_PATH");
-		env_preload = getenv("LD_PRELOAD");
+		env_path = strdup(getenv("LD_LIBRARY_PATH"));
+		env_preload = strdup(getenv("LD_PRELOAD"));

 	/* Activate error handler function */

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.