This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Avoid mapping past end of shared object (BZ #18685)

On Thu, Jul 16, 2015 at 11:59:18AM -0400, Carlos O'Donell wrote:
> This is not the right fix for this problem. The right fix has not
> been attempted because it involves someone doing some real leg work
> to gather consensus. This fix adds complex checking in for
> minimal gain, and eventually you'll get a debuginfo file that is
> different again in some odd way.

This is not specifically about being able to read debug files, nor is
it about ldd.  It just happens to be ldd ( [--verify|--list])
that crashed, but the offending code is bang in the middle of generic code that can potentially be exploited when running arbitrary
binaries.  While it is true that one should not run arbitrary code
anyway, it shouldn't be an excuse for not fixing bugs.  I don't see
the point of not adding such checks as they come up; performance is an
excuse made quite regularly, but what is the actual cost of such

To be clear, I am not against having an eu-ldd, but that shouldn't be
an excuse for not patching  Things that don't crash on eu-ldd,
should not crash on

Oh, and did I mention that eu-ldd (and most of elfutils) should
ideally be written in an interpreted language (cough*python*cough) so
that we reduce the attack surface on them?


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]