| Summary: | Check internal symbols of libc.so accessed via PLT or GOT | ||
|---|---|---|---|
| Product: | glibc | Reporter: | H.J. Lu <hjl.tools> |
| Component: | libc | Assignee: | Not yet assigned to anyone <unassigned> |
| Status: | NEW --- | ||
| Severity: | normal | CC: | drepper.fsp, fweimer |
| Priority: | P2 | Flags: | fweimer:
security-
|
| Version: | 2.27 | ||
| Target Milestone: | --- | ||
| Host: | Target: | ||
| Build: | Last reconfirmed: | ||
| Project(s) to access: | ssh public key: | ||
| Bug Depends on: | 18822 | ||
| Bug Blocks: | |||
If supported by target, internal symbols of libc.so should be accessed without PLT nor GOT. X86 PLT relocation is checked on libc_pic.a: [hjl@gnu-efi-2 build-x86_64-linux]$ readelf -rW libc_pic.a | grep " __" | grep PLT32 | awk '{ print $5 }' | sort | uniq It assumes that only symbols with "__" prefix are internal symbols. A machine-independent script should not be checking names of relocations. Instead it needs to look at properties of (global/weak) symbols in objects that go into shared libraries. Symbols (defined or undefined) that are not hidden, but are not exported from those shared libraries, are suspect, but I'm not sure how reliably GCC will mark undefined symbols hidden even given appropriate declarations (and there may also be issues with undefined symbols properly called from .S sources but not marked hidden there). So likely lists of exceptions to any such tests would be needed (including architecture-specific exceptions for e.g. libgcc symbols).