From 3bb748257405e94e13de76573a4e9da1cfd961d0 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Tue, 3 Jul 2018 15:54:49 +0200 Subject: [PATCH] libio: Disable vtable validation in case of interposition [BZ #23313] (cherry picked from commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0) --- ChangeLog | 5 +++++ NEWS | 1 + libio/vtables.c | 16 ++++++++++++++++ 3 files changed, 22 insertions(+) diff --git a/ChangeLog b/ChangeLog index 40383d9ee3a..c096ba3f259 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2018-06-26 Florian Weimer + + [BZ #23313] + * libio/vtables.c (check_stdfiles_vtables): New ELF constructor. + 2018-06-29 Daniel Alvarez Jakub Sitnicki diff --git a/NEWS b/NEWS index 501d97bc7af..7b38967e86a 100644 --- a/NEWS +++ b/NEWS @@ -81,6 +81,7 @@ The following bugs are resolved with this release: [23236] Harden function pointers in _IO_str_fields [23259] Unsubstituted ${ORIGIN} remains in DT_NEEDED for AT_SECURE [23264] libc: posix_spawnp wrongly executes ENOEXEC in non compat mode + [23313] libio: Disable vtable validation in case of interposition [23349] Various glibc headers no longer compatible with diff --git a/libio/vtables.c b/libio/vtables.c index 9fd4ccf642a..9df75668c8a 100644 --- a/libio/vtables.c +++ b/libio/vtables.c @@ -71,3 +71,19 @@ _IO_vtable_check (void) __libc_fatal ("Fatal error: glibc detected an invalid stdio handle\n"); } + +/* Some variants of libstdc++ interpose _IO_2_1_stdin_ etc. and + install their own vtables directly, without calling _IO_init or + other functions. Detect this by looking at the vtables values + during startup, and disable vtable validation in this case. */ +#ifdef SHARED +__attribute__ ((constructor)) +static void +check_stdfiles_vtables (void) +{ + if (_IO_2_1_stdin_.vtable != &_IO_file_jumps + || _IO_2_1_stdout_.vtable != &_IO_file_jumps + || _IO_2_1_stderr_.vtable != &_IO_file_jumps) + IO_set_accept_foreign_vtables (&_IO_vtable_check); +} +#endif -- 2.47.2