From nobody Mon Dec 06 18:48:21 2021 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 589C718B56D6; Mon, 6 Dec 2021 18:48:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4J7C9x3rTHz4SGt; Mon, 6 Dec 2021 18:48:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 196511133E; Mon, 6 Dec 2021 18:48:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1B6ImLwk065136; Mon, 6 Dec 2021 18:48:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1B6ImLCw065135; Mon, 6 Dec 2021 18:48:21 GMT (envelope-from git) Date: Mon, 6 Dec 2021 18:48:21 GMT Message-Id: <202112061848.1B6ImLCw065135@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 63fc4e820c86 - main - rtld: extract header validation into new helper check_elf_headers() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 63fc4e820c86f5dedb80cc31b7918deb284b455e Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1638816501; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6h2tUq6dMoRse0V/He3IcUEbGE4ouO8YOS/m1cc1PXM=; b=LPHCiu0ohga055pvqYTzhtm/6tKvRekv7n+jys2wvab3FaEsaWLt+LVmbDI/o/YStB0jYv g/26EDWGPAUVF7bUFuOnpLfZfLjpgrsz6QQLe8rVCLaNjxnoUuAcmgVt3C64+e1+hT/YTq 5YXpm/+D0zKDTc+4iXhBKSnW3LijjZ5MUZasZ4NQmd4aGeb/xY4ty216mqDSAat071M5ra jXaZ3mXUUFefQUMKW9RPFVPE18zsosqipq8OpJVjuMLpbuel5ywHpKxX8Vyc6hMMr6KMA2 ixcAiLqptIQt3qMDtiJ4+xIxdPWeqC/T2eVtcauhoq7jCsKOasqZ4dh2k9bE8w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1638816501; a=rsa-sha256; cv=none; b=WMvtgc4xLV/h6FPIzNPrHsxCJDQary80WCqMHCvFa3LNQRvSdBWknNx1h/fKYsiL/nOHNJ lxscFWqPqayQ9p2FOheJqVKt6HalhkcU74lMdSt4jUTAwRRpeJ272whsrzolHy5KhBjLGP ivDTFKcLSEeW2APGOi7NWOQMEiORnGYIJ8tqOlxWiS0AiK0xmdYnPwIQ2ywDOEaNjUeMQt +AXRqK2IU1NzrQ0dN0t+Apm04qTQeproQpUxPpluWEVBJzH3x5A6yh58xGFApUHj36g+52 g6zi63fJKwy5PnVYtiAr6Yra0AeiezHl6viJ18vtIwLMQqjFjH6Zyo+Jyh7Emg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=63fc4e820c86f5dedb80cc31b7918deb284b455e commit 63fc4e820c86f5dedb80cc31b7918deb284b455e Author: Konstantin Belousov AuthorDate: 2021-11-11 17:51:26 +0000 Commit: Konstantin Belousov CommitDate: 2021-12-06 18:46:49 +0000 rtld: extract header validation into new helper check_elf_headers() Reviewed by: emaste Discussed with: jrtc27 Tested by: pho Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D32960 --- libexec/rtld-elf/map_object.c | 60 ++++++++++++++++++++++++------------------- libexec/rtld-elf/rtld.h | 1 + 2 files changed, 35 insertions(+), 26 deletions(-) diff --git a/libexec/rtld-elf/map_object.c b/libexec/rtld-elf/map_object.c index b725fe93b8f6..2da323c115cc 100644 --- a/libexec/rtld-elf/map_object.c +++ b/libexec/rtld-elf/map_object.c @@ -345,6 +345,39 @@ error: return (NULL); } +bool +check_elf_headers(const Elf_Ehdr *hdr, const char *path) +{ + if (!IS_ELF(*hdr)) { + _rtld_error("%s: invalid file format", path); + return (false); + } + if (hdr->e_ident[EI_CLASS] != ELF_TARG_CLASS || + hdr->e_ident[EI_DATA] != ELF_TARG_DATA) { + _rtld_error("%s: unsupported file layout", path); + return (false); + } + if (hdr->e_ident[EI_VERSION] != EV_CURRENT || + hdr->e_version != EV_CURRENT) { + _rtld_error("%s: unsupported file version", path); + return (false); + } + if (hdr->e_type != ET_EXEC && hdr->e_type != ET_DYN) { + _rtld_error("%s: unsupported file type", path); + return (false); + } + if (hdr->e_machine != ELF_TARG_MACH) { + _rtld_error("%s: unsupported machine", path); + return (false); + } + if (hdr->e_phentsize != sizeof(Elf_Phdr)) { + _rtld_error( + "%s: invalid shared object: e_phentsize != sizeof(Elf_Phdr)", path); + return (false); + } + return (true); +} + static Elf_Ehdr * get_elf_header(int fd, const char *path, const struct stat *sbp, Elf_Phdr **phdr_p) @@ -366,39 +399,14 @@ get_elf_header(int fd, const char *path, const struct stat *sbp, } /* Make sure the file is valid */ - if (!IS_ELF(*hdr)) { - _rtld_error("%s: invalid file format", path); + if (!check_elf_headers(hdr, path)) goto error; - } - if (hdr->e_ident[EI_CLASS] != ELF_TARG_CLASS || - hdr->e_ident[EI_DATA] != ELF_TARG_DATA) { - _rtld_error("%s: unsupported file layout", path); - goto error; - } - if (hdr->e_ident[EI_VERSION] != EV_CURRENT || - hdr->e_version != EV_CURRENT) { - _rtld_error("%s: unsupported file version", path); - goto error; - } - if (hdr->e_type != ET_EXEC && hdr->e_type != ET_DYN) { - _rtld_error("%s: unsupported file type", path); - goto error; - } - if (hdr->e_machine != ELF_TARG_MACH) { - _rtld_error("%s: unsupported machine", path); - goto error; - } /* * We rely on the program header being in the first page. This is * not strictly required by the ABI specification, but it seems to * always true in practice. And, it simplifies things considerably. */ - if (hdr->e_phentsize != sizeof(Elf_Phdr)) { - _rtld_error( - "%s: invalid shared object: e_phentsize != sizeof(Elf_Phdr)", path); - goto error; - } if (phdr_in_zero_page(hdr)) { phdr = (Elf_Phdr *)((char *)hdr + hdr->e_phoff); } else { diff --git a/libexec/rtld-elf/rtld.h b/libexec/rtld-elf/rtld.h index b216e80115bc..48b3ad526828 100644 --- a/libexec/rtld-elf/rtld.h +++ b/libexec/rtld-elf/rtld.h @@ -405,6 +405,7 @@ void free_tls_offset(Obj_Entry *obj); const Ver_Entry *fetch_ventry(const Obj_Entry *obj, unsigned long); int convert_prot(int elfflags); void *_get_tp(void); /* libc implementation */ +bool check_elf_headers(const Elf_Ehdr *hdr, const char *path); /* * MD function declarations.