This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] elf: Add elf/tst-dlopenfail-2 [BZ #25396]
- From: Siddhesh Poyarekar <siddhesh at gotplt dot org>
- To: Florian Weimer <fweimer at redhat dot com>, libc-alpha at sourceware dot org
- Date: Thu, 16 Jan 2020 21:03:59 +0530
- Subject: Re: [PATCH] elf: Add elf/tst-dlopenfail-2 [BZ #25396]
- References: <87y2u7x0jv.fsf@oldenburg2.str.redhat.com>
On 16/01/20 2:03 pm, Florian Weimer wrote:
> This is my non-CET test case for bug 25396. H.J.'s patch on the bug
> report is the correct fix, I think.
>
> Most of elf/tst-dlopenfail-2.c is copied from elf/tst-dlopenfail.c,
> so I'm including year 2019, too.
>
> Thanks,
> Florian
>
> 8<------------------------------------------------------------------8<
> Without CET, a jump into a newly loaded object through an overwritten
> link map often does not crash, it just executes some random code.
> CET detects this in some cases because the function pointer does not
> point to the start of a function in the replacement shared object,
> so there is no ENDBR instruction.
>
> The new test uses a small shared object and the existing dangling
> link map to trigger the bug.
>
> -----
> elf/Makefile | 9 ++++++--
> elf/tst-dlopenfail-2.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++
> elf/tst-dlopenfailmod3.c | 17 ++++++++++++++
> 3 files changed, 83 insertions(+), 2 deletions(-)
>
Looks good to me.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>