From 2781bd5a8690b5f1553b655f947a35f1d3dd23d0 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Tue, 26 Jun 2018 10:24:52 +0200 Subject: [PATCH] libio: Disable vtable validation in case of interposition [BZ #23313] (cherry picked from commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0) --- ChangeLog | 5 +++++ NEWS | 1 + libio/vtables.c | 16 ++++++++++++++++ 3 files changed, 22 insertions(+) diff --git a/ChangeLog b/ChangeLog index 7ecc33e61d9..f1880ebc375 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2018-06-26 Florian Weimer + + [BZ #23313] + * libio/vtables.c (check_stdfiles_vtables): New ELF constructor. + 2017-11-15 Steve Ellcey [BZ #22442] diff --git a/NEWS b/NEWS index 48d28e166af..5bcca538c60 100644 --- a/NEWS +++ b/NEWS @@ -144,6 +144,7 @@ The following bugs are resolved with this release: [23171] Fix parameter type in C++ version of iseqsig [23196] __mempcpy_avx512_no_vzeroupper mishandles large copies [23236] Harden function pointers in _IO_str_fields + [23313] libio: Disable vtable validation in case of interposition [23349] Various glibc headers no longer compatible with Version 2.26 diff --git a/libio/vtables.c b/libio/vtables.c index 41b48db98c7..a11226ab17c 100644 --- a/libio/vtables.c +++ b/libio/vtables.c @@ -70,3 +70,19 @@ _IO_vtable_check (void) __libc_fatal ("Fatal error: glibc detected an invalid stdio handle\n"); } + +/* Some variants of libstdc++ interpose _IO_2_1_stdin_ etc. and + install their own vtables directly, without calling _IO_init or + other functions. Detect this by looking at the vtables values + during startup, and disable vtable validation in this case. */ +#ifdef SHARED +__attribute__ ((constructor)) +static void +check_stdfiles_vtables (void) +{ + if (_IO_2_1_stdin_.vtable != &_IO_file_jumps + || _IO_2_1_stdout_.vtable != &_IO_file_jumps + || _IO_2_1_stderr_.vtable != &_IO_file_jumps) + IO_set_accept_foreign_vtables (&_IO_vtable_check); +} +#endif -- 2.47.2