]> git.ipfire.org Git - thirdparty/glibc.git/commit
debug: Improve '%n' fortify detection (BZ 30932)
authorAdhemerval Zanella <adhemerval.zanella@linaro.org>
Fri, 14 Mar 2025 19:09:57 +0000 (16:09 -0300)
committerAdhemerval Zanella <adhemerval.zanella@linaro.org>
Fri, 21 Mar 2025 18:46:48 +0000 (15:46 -0300)
commited6a68bac7cd056abda9008019c71b167f0362dc
tree7ceb7f6403f423e4773724c518e537e13f140a3d
parent1894e219dc530d7074085e95ffe3c1e66cebc072
debug: Improve '%n' fortify detection (BZ 30932)

The 7bb8045ec0 path made the '%n' fortify check ignore EMFILE errors
while trying to open /proc/self/maps, and this added a security
issue where EMFILE can be attacker-controlled thus making it
ineffective for some cases.

The EMFILE failure is reinstated but with a different error
message.  Also, to improve the false positive of the hardening for
the cases where no new files can be opened, the
_dl_readonly_area now uses  _dl_find_object to check if the
memory area is within a writable ELF segment.  The procfs method is
still used as fallback.

Checked on x86_64-linux-gnu and i686-linux-gnu.
Reviewed-by: Arjun Shankar <arjun@redhat.com>
15 files changed:
Makeconfig
debug/Makefile
debug/readonly-area.c
debug/tst-sprintf-fortify-rdonly-dlopen.c [new file with mode: 0644]
debug/tst-sprintf-fortify-rdonly-mod.c [new file with mode: 0644]
debug/tst-sprintf-fortify-rdonly.c
elf/Makefile
elf/dl-readonly-area.c [new file with mode: 0644]
elf/rtld.c
include/stdlib.h
stdio-common/vfprintf-internal.c
stdio-common/vfprintf-process-arg.c
sysdeps/generic/ldsodefs.h
sysdeps/mach/readonly-area-fallback.c [moved from sysdeps/mach/readonly-area.c with 90% similarity]
sysdeps/unix/sysv/linux/readonly-area-fallback.c [moved from sysdeps/unix/sysv/linux/readonly-area.c with 84% similarity]