From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Kzdw2-0004rw-RD for garchives@archives.gentoo.org; Mon, 10 Nov 2008 21:04:36 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CBBB2E03AA; Mon, 10 Nov 2008 21:04:35 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id A3A8EE0424 for ; Mon, 10 Nov 2008 21:04:35 +0000 (UTC) Received: from stork.gentoo.org (stork.gentoo.org [64.127.104.133]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id B0163650BD for ; Mon, 10 Nov 2008 21:04:33 +0000 (UTC) Received: from vapier by stork.gentoo.org with local (Exim 4.69) (envelope-from ) id 1Kzdw0-0000RD-U2 for gentoo-commits@lists.gentoo.org; Mon, 10 Nov 2008 21:04:32 +0000 To: gentoo-commits@lists.gentoo.org From: "Mike Frysinger (vapier)" Subject: [gentoo-commits] path-sandbox r395 - trunk/libsandbox/wrapper-funcs X-VCS-Repository: path-sandbox X-VCS-Revision: 395 X-VCS-Files: trunk/libsandbox/wrapper-funcs/execve.c X-VCS-Directories: trunk/libsandbox/wrapper-funcs X-VCS-Committer: vapier X-VCS-Committer-Name: Mike Frysinger Content-Type: text/plain; charset=UTF-8 Message-Id: Sender: Mike Frysinger Date: Mon, 10 Nov 2008 21:04:32 +0000 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 6df626e7-a964-4ba4-a48e-d8b72eae3ca9 X-Archives-Hash: ee7b2a8d24a1c086dea1d90d962aca4a Author: vapier Date: 2008-11-10 21:04:32 +0000 (Mon, 10 Nov 2008) New Revision: 395 Modified: trunk/libsandbox/wrapper-funcs/execve.c Log: detect static ELFs and warn when we try to execute them Modified: trunk/libsandbox/wrapper-funcs/execve.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/libsandbox/wrapper-funcs/execve.c 2008-11-10 19:55:50 UTC (rev = 394) +++ trunk/libsandbox/wrapper-funcs/execve.c 2008-11-10 21:04:32 UTC (rev = 395) @@ -12,6 +12,53 @@ extern int EXTERN_NAME(WRAPPER_ARGS); static int (*WRAPPER_TRUE_NAME)(WRAPPER_ARGS) =3D NULL; =20 +/* See to see if this an ELF and if so, is it static which we can't wrap= */ +void check_exec(const char *filename) +{ + int color =3D ((is_env_on(ENV_NOCOLOR)) ? 0 : 1); + int fd; + unsigned char *elf; + struct stat st; + + fd =3D open(filename, O_RDONLY); + if (fd =3D=3D -1) + return; + if (stat(filename, &st)) + goto out_fd; + elf =3D mmap(0, st.st_size, PROT_READ, MAP_SHARED, fd, 0); + if (elf =3D=3D MAP_FAILED) + goto out_fd; + + if (elf[EI_MAG0] !=3D ELFMAG0 && + elf[EI_MAG1] !=3D ELFMAG1 && + elf[EI_MAG2] !=3D ELFMAG2 && + elf[EI_MAG3] !=3D ELFMAG3 && + !(elf[EI_CLASS] !=3D ELFCLASS32 || + elf[EI_CLASS] !=3D ELFCLASS64)) + goto out_mmap; + +#define PARSE_ELF(n) \ +({ \ + Elf##n##_Ehdr *ehdr =3D (void *)elf; \ + Elf##n##_Phdr *phdr =3D (void *)(elf + ehdr->e_phoff); \ + uint16_t p; \ + for (p =3D 0; p < ehdr->e_phnum; ++p) \ + if (phdr[p].p_type =3D=3D PT_INTERP) \ + goto done; \ +}) + if (elf[EI_CLASS] =3D=3D ELFCLASS32) + PARSE_ELF(32); + else + PARSE_ELF(64); + SB_EWARN(color, "QA: Static ELF", " %s\n", filename); + done: + + out_mmap: + munmap(elf, st.st_size); + out_fd: + close(fd); +} + int WRAPPER_NAME(WRAPPER_ARGS) { char **my_env =3D NULL; @@ -25,6 +72,8 @@ if (!FUNCTION_SANDBOX_SAFE(STRING_NAME, filename)) return result; =20 + check_exec(filename); + str_list_for_each_item(envp, entry, count) { if (strstr(entry, LD_PRELOAD_EQ) !=3D entry) continue;