system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-23 03:06:48 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

compiler-rt: avoid segfaults when re-exec'ing with ASLR

Browse source 
After 930a7c2ac6 ("compiler-rt: re-exec with ASLR disabled when
necessary") and 96fe7c8ab0 ("compiler-rt: support ReExec() on
FreeBSD"), binaries linked against the sanitizer libraries may segfault
due to procctl(2) being intercepted. Instead, the non-intercepted
internal_procctl() should be called.

Similarly, the ReExec() function that re-executes the binary after
turning off ASLR should not call elf_aux_info(3) and realpath(3), since
these will also be intercepted. Instead, loop directly over the elf aux
info vector to find the executable path, and avoid calling realpath(3)
since it is actually unwanted for this use case.

Fixes:		930a7c2ac6, 96fe7c8ab0
MFC after:	3 days
This commit is contained in:
Dimitry Andric 2023-11-22 19:23:06 +01:00
parent ecf2106c07
commit 4c9a0adad1
2 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp
View file

@ -2323,7 +2323,7 @@ void CheckASLR() {
"and binaries compiled with PIE\n"
"ASLR will be disabled and the program re-executed.\n");
int aslr_ctl = PROC_ASLR_FORCE_DISABLE;
CHECK_NE(procctl(P_PID, 0, PROC_ASLR_CTL, &aslr_ctl), -1);
CHECK_NE(internal_procctl(P_PID, 0, PROC_ASLR_CTL, &aslr_ctl), -1);
ReExec();
}
# elif SANITIZER_PPC64V2

11
contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_linux_libcdep.cpp
View file

@ -56,6 +56,7 @@
// that, it was never implemented. So just define it to zero.
#undef MAP_NORESERVE
#define MAP_NORESERVE 0
extern const Elf_Auxinfo *__elf_aux_vector;
#endif
#if SANITIZER_NETBSD
@ -947,11 +948,11 @@ void ReExec() {
const char *pathname = "/proc/self/exe";
#if SANITIZER_FREEBSD
char exe_path[PATH_MAX];
if (elf_aux_info(AT_EXECPATH, exe_path, sizeof(exe_path)) == 0) {
char link_path[PATH_MAX];
if (realpath(exe_path, link_path))
pathname = link_path;
for (const auto *aux = __elf_aux_vector; aux->a_type != AT_NULL; aux++) {
if (aux->a_type == AT_EXECPATH) {
pathname = static_cast<const char *>(aux->a_un.a_ptr);
break;
}
}
#elif SANITIZER_NETBSD
static const int name[] = {