Re: ld.elf_so core dump: NULL ehdr in _rtld_init

To: Thomas Klausner <wiz%NetBSD.org@localhost>
Subject: Re: ld.elf_so core dump: NULL ehdr in _rtld_init
From: RVP <rvp%SDF.ORG@localhost>
Date: Sat, 27 Jul 2024 11:39:35 +0000 (UTC)

On Sat, 27 Jul 2024, Thomas Klausner wrote:

So the ehdr object passed to _rtld_init is NULL, which is probably
just wrong.


That's what the kernel passes when there's no interpreter for the ELF
object. See sys/kern/exec_elf.c:859.

However, shouldn't this be caught and not cause a core dump?


Something like this, possibly?

```
diff -urN a/src/libexec/ld.elf_so/rtld.c b/src/libexec/ld.elf_so/rtld.c
--- a/src/libexec/ld.elf_so/rtld.c	2024-01-19 19:21:34.000000000 +0000
+++ b/src/libexec/ld.elf_so/rtld.c	2024-07-27 10:52:56.950374266 +0000
@@ -569,6 +569,10 @@
 		_rtld_error("Bad pAUX_base");
 		_rtld_die();
 	}
+	if ((caddr_t)pAUX_base->a_v == (caddr_t)NULL) {
+		_rtld_error("No interpreter");
+		_rtld_die();
+	}
 	assert(pAUX_pagesz != NULL);
 	_rtld_pagesz = (int)pAUX_pagesz->a_v;
 	_rtld_init((caddr_t)pAUX_base->a_v, (caddr_t)relocbase, execname);
```

This works if you try to run /libexec/ld.elf_so on its own, but, other
shared libs. will still crash the same way if you try to run them (not
usually a problem as shared libs. are not set executable on NetBSD from
what I can see).

I think the kernel should refuse to run dynamic ELF objects w/o an
interpreter. Just my 2c worth... :)

-RVP

Follow-Ups:
- Re: ld.elf_so core dump: NULL ehdr in _rtld_init
  - From: Jörg Sonnenberger

References:
- ld.elf_so core dump: NULL ehdr in _rtld_init
  - From: Thomas Klausner

Prev by Date: Re: ld.elf_so core dump: NULL ehdr in _rtld_init
Next by Date: Re: ld.elf_so core dump: NULL ehdr in _rtld_init
Previous by Thread: Re: ld.elf_so core dump: NULL ehdr in _rtld_init
Next by Thread: Re: ld.elf_so core dump: NULL ehdr in _rtld_init
Indexes:

Home | Main Index | Thread Index | Old Index