From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 66375 invoked by alias); 6 Jun 2018 14:01:59 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Received: (qmail 64616 invoked by uid 89); 6 Jun 2018 14:01:24 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,SPF_HELO_PASS,TIME_LIMIT_EXCEEDED autolearn=unavailable version=3.3.2 spammy= X-HELO: mx1.redhat.com Subject: Re: [PATCH] Improve DST handling (Bug 23102, Bug 21942, Bug 18018, Bug, 23259, CVE-2011-0536 ). To: Carlos O'Donell , GNU C Library , Andreas Schwab , "Dmitry V. Levin" References: <9cf43cb6-511c-ec6c-9a87-e89a467238d9@redhat.com> From: Florian Weimer Message-ID: <76fe8757-680f-c33c-fb03-32a182f651b9@redhat.com> Date: Wed, 06 Jun 2018 14:01:00 -0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 In-Reply-To: <9cf43cb6-511c-ec6c-9a87-e89a467238d9@redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-SW-Source: 2018-06/txt/msg00075.txt.bz2 On 06/06/2018 07:02 AM, Carlos O'Donell wrote: > diff --git a/elf/dl-load.c b/elf/dl-load.c > index 431236920f..13263212d5 100644 > --- a/elf/dl-load.c > +++ b/elf/dl-load.c > @@ -177,63 +177,89 @@ is_trusted_path_normalize (const char *path, size_t len) > return false; > } > > +/* Given a substring starting at NAME, just after the DST '$' start > + token, determine if NAME contains dynamic string token STR, > + following the ELF gABI rules for dynamic string tokens: > > + * Longest possible sequence using the rules (greedy). > + > + * Must start with a $ (enforced by caller). > + > + * Must follow $ with one underscore or ASCII [A-Za-z] (enforced by > + caller via STR comparison) or '{' (start curly quoted name). “enforced by caller via STR comparison”: I don't see this in the remaining code. So $ORIGIN and $PRIGIN are currently treated the same? > + * Must follow first two characters with zero or more [A-Za-z0-9_] > + (enforced by caller) or '}' (end curly quoted name). > + > + If the sequence is a dynamic string token matching STR then > + the length of the DST is returned, otherwise 0. */ > static size_t > -is_dst (const char *start, const char *name, const char *str, int secure) > +is_dst (const char *name, const char *str) I'm not entirely happy about the choice of parameter names. name/reference or input/name would work better IMHO. > /* Point again at the beginning of the name. */ > --name; This assignment is now dead, and the comment is wrong. (Still need to look at the rest of the patch.) Thanks, Florian