public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "stsp at users dot sourceforge.net" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug dynamic-link/30007] rfe: dlopen to specified address
Date: Mon, 03 Apr 2023 09:28:16 +0000 [thread overview]
Message-ID: <bug-30007-131-QhcdgIwZ6v@http.sourceware.org/bugzilla/> (raw)
In-Reply-To: <bug-30007-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=30007
--- Comment #33 from Stas Sergeev <stsp at users dot sourceforge.net> ---
Created attachment 14799
--> https://sourceware.org/bugzilla/attachment.cgi?id=14799&action=edit
API description
I am glad to finally present v10
which incorporated work on all the
comments I got to v9, and that was
a bit number. Thanks to all who
contributed!
I received a few mails that I ignore
the comments and therefore my patches
should not be looked into. I think this
is a contradiction, because the only
way to find out if I ignore any comments
or not, is to look into the patches.
But, to make that task easier, here's
the changelog:
Changes in v10:
- addressed review comments of Adhemerval Zanella
- moved refactor patches to the beginning of the serie to simplify review
- fixed a few bugs in an elf relocation machinery after various hot discussions
- added a new test tst-dlmem-extfns that demo-implements dlopen_with_offset4()
and fdlopen()
- studied and documented all limitations, most importantly those leading to UB
- better documented premap callback as suggested by Szabolcs Nagy
- added DLMEM_GENBUF_SRC flag for unaligned generic memory buffers
As can be seen, ALL comments were addressed.
And at the end of the day it doesn't even
matter if that "elf parsing attack" was
malicious or not. The main thing is that
the problem is not there in v10, so who cares
it is existed ever before. :) It motivated
me to study every corner case when my loader
actually failed to lay out elf segments properly.
and as the result, there is a much better
API description (attached here), "Limitations"
section and a new flag DLMEM_GENBUF_SRC. These
all are the measures against any possible failure
to lay out an elf segments. So it can be firmly
said that v10 have no such problem, and so,
the comment was properly addressed and resolved.
Thanks!
--
You are receiving this mail because:
You are on the CC list for the bug.
next prev parent reply other threads:[~2023-04-03 9:28 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-16 14:13 [Bug dynamic-link/30007] New: rfe: dlopen to user buffer or " stsp at users dot sourceforge.net
2023-01-17 14:17 ` [Bug dynamic-link/30007] " adhemerval.zanella at linaro dot org
2023-01-17 14:35 ` stsp at users dot sourceforge.net
2023-01-19 13:23 ` adhemerval.zanella at linaro dot org
2023-01-19 13:46 ` stsp at users dot sourceforge.net
2023-01-20 6:55 ` [Bug dynamic-link/30007] rfe: dlopen " stsp at users dot sourceforge.net
2023-02-15 16:58 ` stsp at users dot sourceforge.net
2023-03-14 3:20 ` stsp at users dot sourceforge.net
2023-03-14 13:21 ` adhemerval.zanella at linaro dot org
2023-03-15 5:34 ` janderson at rice dot edu
2023-03-15 6:33 ` stsp at users dot sourceforge.net
2023-03-15 10:03 ` stsp at users dot sourceforge.net
2023-03-15 11:05 ` stsp at users dot sourceforge.net
2023-03-15 11:41 ` stsp at users dot sourceforge.net
2023-03-15 12:07 ` stsp at users dot sourceforge.net
2023-03-17 6:44 ` stsp at users dot sourceforge.net
2023-03-18 23:28 ` janderson at rice dot edu
2023-03-19 2:12 ` stsp at users dot sourceforge.net
2023-03-19 2:37 ` stsp at users dot sourceforge.net
2023-03-19 9:47 ` stsp at users dot sourceforge.net
2023-03-19 10:14 ` stsp at users dot sourceforge.net
2023-03-19 13:56 ` stsp at users dot sourceforge.net
2023-03-23 10:34 ` stsp at users dot sourceforge.net
2023-03-27 7:12 ` stsp at users dot sourceforge.net
2023-03-27 17:16 ` janderson at rice dot edu
2023-03-28 1:29 ` stsp at users dot sourceforge.net
2023-03-28 5:02 ` stsp at users dot sourceforge.net
2023-03-28 5:37 ` stsp at users dot sourceforge.net
2023-03-28 6:17 ` janderson at rice dot edu
2023-03-28 9:14 ` stsp at users dot sourceforge.net
2023-03-29 15:26 ` stsp at users dot sourceforge.net
2023-03-31 15:43 ` stsp at users dot sourceforge.net
2023-03-31 15:53 ` stsp at users dot sourceforge.net
2023-03-31 16:08 ` stsp at users dot sourceforge.net
2023-04-03 9:28 ` stsp at users dot sourceforge.net [this message]
2023-04-03 9:28 ` stsp at users dot sourceforge.net
2023-04-14 19:09 ` stsp at users dot sourceforge.net
2023-04-14 19:11 ` adhemerval.zanella at linaro dot org
2023-04-14 19:12 ` stsp at users dot sourceforge.net
2023-05-08 14:51 ` stsp at users dot sourceforge.net
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-30007-131-QhcdgIwZ6v@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=glibc-bugs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).