This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug dynamic-link/22851] ld library ELF load error
- From: "blackzert at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Sun, 02 Sep 2018 09:50:47 +0000
- Subject: [Bug dynamic-link/22851] ld library ELF load error
- Auto-submitted: auto-generated
- References: <bug-22851-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=22851
--- Comment #5 from Ilya Smith <blackzert at gmail dot com> ---
(In reply to Paul Pluzhnikov from comment #4)
> > If attacker can ask ld library to load special crafted ELF file it can get code execution
>
> It seems to me that creating a specially crafted ELF is a complicated way to
> achieve what can be *trivially* achieved by creating a DSO with an
> initializer (DT_INIT).
>
> If you can ask for "random" DSO to be loaded, then that DSO's initializer
> can do *anything*, and you've already lost.
>
> I think this bug should be closed as invalid.
This case just an example, you never know how exactly it will be used. DSO's
initialisers could be checked since everyone knows about it.
This bug is not invalid, since it is exists in the code and works as described.
You can not reject reality.
You may say "Risks of the bug exploitation are very low" and I agree. But you
can't say "there is no bug".
--
You are receiving this mail because:
You are on the CC list for the bug.