[PATCH] elf: Assert that objects are relocated before their constructors run

[PATCH] elf: Assert that objects are relocated before their constructors run

[Florian Weimer]

If we try to run constructors before relocation, this is always
a dynamic linker bug.  An assert is easier to notice than a call
via an invalid function pointer (which may not even produce a valid
call stack).

2019-09-11  Florian Weimer  <fweimer@redhat.com>

	* elf/dl-init.c (call_init): Assert that the object has been
	relocated.

diff --git a/elf/dl-init.c b/elf/dl-init.c
index 3721bca81e..a998992544 100644
--- a/elf/dl-init.c
+++ b/elf/dl-init.c
@@ -16,6 +16,7 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
+#include <assert.h>
 #include <stddef.h>
 #include <ldsodefs.h>
 
@@ -27,6 +28,11 @@ typedef void (*init_t) (int, char **, char **);
 static void
 call_init (struct link_map *l, int argc, char **argv, char **env)
 {
+  /* If the object has not been relocated, this is a bug.  The
+     function pointers are invalid in this case.  (Executables do not
+     need relocation, and neither do proxy objects.)  */
+  assert (l->l_real->l_relocated || l->l_real->l_type == lt_executable);
+
   if (l->l_init_called)
     /* This object is all done.  */
     return;

Re: [PATCH] elf: Assert that objects are relocated before their constructors run

[Carlos O'Donell]

On 9/11/19 5:57 AM, Florian Weimer wrote:
> If we try to run constructors before relocation, this is always
> a dynamic linker bug.  An assert is easier to notice than a call
> via an invalid function pointer (which may not even produce a valid
> call stack).
> 
> 2019-09-11  Florian Weimer  <fweimer@redhat.com>
> 
> 	* elf/dl-init.c (call_init): Assert that the object has been
> 	relocated.

OK for master.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

> diff --git a/elf/dl-init.c b/elf/dl-init.c
> index 3721bca81e..a998992544 100644
> --- a/elf/dl-init.c
> +++ b/elf/dl-init.c
> @@ -16,6 +16,7 @@
>     License along with the GNU C Library; if not, see
>     <https://www.gnu.org/licenses/>.  */
>  
> +#include <assert.h>
>  #include <stddef.h>
>  #include <ldsodefs.h>
>  
> @@ -27,6 +28,11 @@ typedef void (*init_t) (int, char **, char **);
>  static void
>  call_init (struct link_map *l, int argc, char **argv, char **env)
>  {
> +  /* If the object has not been relocated, this is a bug.  The
> +     function pointers are invalid in this case.  (Executables do not
> +     need relocation, and neither do proxy objects.)  */
> +  assert (l->l_real->l_relocated || l->l_real->l_type == lt_executable);

OK. Use l_real for namespace support to work.

> +
>    if (l->l_init_called)
>      /* This object is all done.  */
>      return;
> 


-- 
Cheers,
Carlos.

Re: [PATCH] elf: Assert that objects are relocated before their constructors run

[Florian Weimer via Libc-alpha]

* Carlos O'Donell:

> On 9/11/19 5:57 AM, Florian Weimer wrote:
>> If we try to run constructors before relocation, this is always
>> a dynamic linker bug.  An assert is easier to notice than a call
>> via an invalid function pointer (which may not even produce a valid
>> call stack).
>> 
>> 2019-09-11  Florian Weimer  <fweimer@redhat.com>
>> 
>> 	* elf/dl-init.c (call_init): Assert that the object has been
>> 	relocated.
>
> OK for master.
>
> Reviewed-by: Carlos O'Donell <carlos@redhat.com>

Thanks.  I've finally pushed this.

Thanks,
Florian