lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-07-30 22:43:12 +03:00
Code Activity

Bug 20292 - Simplify and test _dl_addr_inside_object

Browse Source 
The function _dl_addr_inside_object is simplified by removing
the conditional 'reladdr - l->l_phdr[n].p_vaddr >= 0' which is
always true. The function is refactored into it's own object file
and a unit test added to verify the correct behaviour of the
function.
This commit is contained in:
Carlos O'Donell
2016-09-29 21:54:31 -04:00
parent 29cb929332
commit d61ef7352b
6 changed files with 325 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
ChangeLog
View File

@ -1,3 +1,19 @@
2016-09-30 Carlos O'Donell <carlos@redhat.com>
[BZ #20292]
* elf/Makefile (routines): Add dl-addr-obj.
[ifeq (yesyes,$(have-fpie)$(build-shared))] (tests): Add
tst-_dl_addr_inside_object.
[ifeq (yesyes,$(have-fpie)$(build-shared))] (tests-pie): Likewise.
[ifeq (yesyes,$(have-fpie)$(build-shared))]
($(objpfx)tst-_dl_addr_inside_object): Add $(objpfx)dl-addr-obj.os.
[ifeq (yesyes,$(have-fpie)$(build-shared))]
(CFLAGS-tst-_dl_addr_inside_object.c): Add $(PIE-ccflag).
* elf/dl-addr.c: Remove _dl_addr_inside_object function.
* elf/dl-open.c: Likewise.
* elf/dl-addr-obj.c: New file.
* elf/tst-_dl_addr_inside_object.c: New file.
2016-09-30 Joseph Myers <joseph@codesourcery.com> 2016-09-30 Joseph Myers <joseph@codesourcery.com>
* math/math.h [__GLIBC_USE (IEC_60559_BFP_EXT)]: Include * math/math.h [__GLIBC_USE (IEC_60559_BFP_EXT)]: Include

12
elf/Makefile
View File

@ -23,7 +23,7 @@ include ../Makeconfig
headers = elf.h bits/elfclass.h link.h bits/link.h headers = elf.h bits/elfclass.h link.h bits/link.h
routines = $(all-dl-routines) dl-support dl-iteratephdr \ routines = $(all-dl-routines) dl-support dl-iteratephdr \
dl-addr enbl-secure dl-profstub \ dl-addr dl-addr-obj enbl-secure dl-profstub \
dl-origin dl-libc dl-sym dl-tsd dl-sysdep dl-origin dl-libc dl-sym dl-tsd dl-sysdep
# The core dynamic linking functions are in libc for the static and # The core dynamic linking functions are in libc for the static and
@ -319,6 +319,16 @@ tests-special += $(objpfx)tst-prelink-cmp.out
endif endif
endif endif
# The test requires shared _and_ PIE because the executable
# unit test driver must be able to link with the shared object
# that is going to eventually go into an installed DSO.
ifeq (yesyes,$(have-fpie)$(build-shared))
tests += tst-_dl_addr_inside_object
tests-pie += tst-_dl_addr_inside_object
$(objpfx)tst-_dl_addr_inside_object: $(objpfx)dl-addr-obj.os
CFLAGS-tst-_dl_addr_inside_object.c += $(PIE-ccflag)
endif
include ../Rules include ../Rules
ifeq (yes,$(build-shared)) ifeq (yes,$(build-shared))

75
elf/dl-addr-obj.c Normal file
View File

@ -0,0 +1,75 @@
/* Determine if address is inside object load segments.
Copyright (C) 1996-2016 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#include <link.h>
#include <elf.h>
/* Return non-zero if ADDR lies within one of L's loadable segments.
We have three cases we care about.
Case 1: addr is above a segment.
+==================+<- l_map_end
| |<- addr
|------------------|<- l_addr + p_vaddr + p_memsz
| |
| |
|------------------|<- l_addr + p_vaddr
|------------------|<- l_addr
| |
+==================+<- l_map_start
Case 2: addr is within a segments.
+==================+<- l_map_end
| |
|------------------|<- l_addr + p_vaddr + p_memsz
| |<- addr
| |
|------------------|<- l_addr + p_vaddr
|------------------|<- l_addr
| |
+==================+<- l_map_start
Case 3: addr is below a segments.
+==================+<- l_map_end
| |
|------------------|<- l_addr + p_vaddr + p_memsz
| |
| |
|------------------|<- l_addr + p_vaddr
|------------------|<- l_addr
| |<- addr
+==================+<- l_map_start
All the arithmetic is unsigned and we shift all the values down by
l_addr + p_vaddr and then compare the normalized addr to the range
of interest i.e. 0 <= addr < p_memsz.
*/
int
internal_function
_dl_addr_inside_object (struct link_map *l, const ElfW(Addr) addr)
{
int n = l->l_phnum;
const ElfW(Addr) reladdr = addr - l->l_addr;
while (--n >= 0)
if (l->l_phdr[n].p_type == PT_LOAD
&& reladdr - l->l_phdr[n].p_vaddr < l->l_phdr[n].p_memsz)
return 1;
return 0;
}

16
elf/dl-addr.c
View File

@ -144,19 +144,3 @@ _dl_addr (const void *address, Dl_info *info,
return result; return result;
} }
libc_hidden_def (_dl_addr) libc_hidden_def (_dl_addr)
/* Return non-zero if ADDR lies within one of L's segments. */
int
internal_function
_dl_addr_inside_object (struct link_map *l, const ElfW(Addr) addr)
{
int n = l->l_phnum;
const ElfW(Addr) reladdr = addr - l->l_addr;
while (--n >= 0)
if (l->l_phdr[n].p_type == PT_LOAD
&& reladdr - l->l_phdr[n].p_vaddr >= 0
&& reladdr - l->l_phdr[n].p_vaddr < l->l_phdr[n].p_memsz)
return 1;
return 0;
}

18
elf/dl-open.c
View File

@ -735,21 +735,3 @@ _dl_show_scope (struct link_map *l, int from)
_dl_debug_printf (" no scope\n"); _dl_debug_printf (" no scope\n");
_dl_debug_printf ("\n"); _dl_debug_printf ("\n");
} }
#if IS_IN (rtld)
/* Return non-zero if ADDR lies within one of L's segments. */
int
internal_function
_dl_addr_inside_object (struct link_map *l, const ElfW(Addr) addr)
{
int n = l->l_phnum;
const ElfW(Addr) reladdr = addr - l->l_addr;
while (--n >= 0)
if (l->l_phdr[n].p_type == PT_LOAD
&& reladdr - l->l_phdr[n].p_vaddr >= 0
&& reladdr - l->l_phdr[n].p_vaddr < l->l_phdr[n].p_memsz)
return 1;
return 0;
}
#endif

223
elf/tst-_dl_addr_inside_object.c Normal file
View File

@ -0,0 +1,223 @@
/* Unit test for _dl_addr_inside_object.
Copyright (C) 2016 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
#include <stdio.h>
#include <stdlib.h>
#include <link.h>
#include <elf.h>
#include <libc-symbols.h>
extern int internal_function _dl_addr_inside_object (struct link_map *l,
const ElfW(Addr) addr);
static int
do_test (void)
{
int ret, err = 0;
ElfW(Addr) addr;
struct link_map map;
ElfW(Phdr) header;
map.l_phdr = &header;
map.l_phnum = 1;
map.l_addr = 0x0;
/* Segment spans 0x2000 -> 0x4000. */
header.p_vaddr = 0x2000;
header.p_memsz = 0x2000;
header.p_type = PT_LOAD;
/* Address is above the segment e.g. > 0x4000. */
addr = 0x5000;
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("PASS: Above: Address is detected as outside the segment.\n");
break;
case 1:
printf ("FAIL: Above: Address is detected as inside the segment.\n");
err++;
break;
default:
printf ("FAIL: Above: Invalid return value.\n");
exit (1);
}
/* Address is inside the segment e.g. 0x2000 < addr < 0x4000. */
addr = 0x3000;
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("FAIL: Inside: Address is detected as outside the segment.\n");
err++;
break;
case 1:
printf ("PASS: Inside: Address is detected as inside the segment.\n");
break;
default:
printf ("FAIL: Inside: Invalid return value.\n");
exit (1);
}
/* Address is below the segment e.g. < 0x2000. */
addr = 0x1000;
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("PASS: Below: Address is detected as outside the segment.\n");
break;
case 1:
printf ("FAIL: Below: Address is detected as inside the segment.\n");
err++;
break;
default:
printf ("FAIL: Below: Invalid return value.\n");
exit (1);
}
/* Address is in the segment and addr == p_vaddr. */
addr = 0x2000;
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("FAIL: At p_vaddr: Address is detected as outside the segment.\n");
err++;
break;
case 1:
printf ("PASS: At p_vaddr: Address is detected as inside the segment.\n");
break;
default:
printf ("FAIL: At p_vaddr: Invalid return value.\n");
exit (1);
}
/* Address is in the segment and addr == p_vaddr + p_memsz - 1. */
addr = 0x2000 + 0x2000 - 0x1;
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("FAIL: At p_memsz-1: Address is detected as outside the segment.\n");
err++;
break;
case 1:
printf ("PASS: At p_memsz-1: Address is detected as inside the segment.\n");
break;
default:
printf ("FAIL: At p_memsz-1: Invalid return value.\n");
exit (1);
}
/* Address is outside the segment and addr == p_vaddr + p_memsz. */
addr = 0x2000 + 0x2000;
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("PASS: At p_memsz: Address is detected as outside the segment.\n");
break;
case 1:
printf ("FAIL: At p_memsz: Address is detected as inside the segment.\n");
err++;
break;
default:
printf ("FAIL: At p_memsz: Invalid return value.\n");
exit (1);
}
/* Address is outside the segment and p_vaddr at maximum address. */
addr = 0x0 - 0x2;
header.p_vaddr = 0x0 - 0x1;
header.p_memsz = 0x1;
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("PASS: At max: Address is detected as outside the segment.\n");
break;
case 1:
printf ("FAIL: At max: Address is detected as inside the segment.\n");
err++;
break;
default:
printf ("FAIL: At max: Invalid return value.\n");
exit (1);
}
/* Address is outside the segment and p_vaddr at minimum address. */
addr = 0x1;
header.p_vaddr = 0x0;
header.p_memsz = 0x1;
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("PASS: At min: Address is detected as outside the segment.\n");
break;
case 1:
printf ("FAIL: At min: Address is detected as inside the segment.\n");
err++;
break;
default:
printf ("FAIL: At min: Invalid return value.\n");
exit (1);
}
/* Address is always inside the segment with p_memsz at max. */
addr = 0x0;
header.p_vaddr = 0x0;
header.p_memsz = 0x0 - 0x1;
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("FAIL: At maxmem: Address is detected as outside the segment.\n");
err++;
break;
case 1:
printf ("PASS: At maxmem: Address is detected as inside the segment.\n");
break;
default:
printf ("FAIL: At maxmem: Invalid return value.\n");
exit (1);
}
/* Attempt to wrap addr into the segment.
Pick a load address in the middle of the address space.
Place the test address at 0x0 so it wraps to the middle again. */
map.l_addr = 0x0 - 0x1;
map.l_addr = map.l_addr / 2;
addr = 0;
/* Setup a segment covering 1/2 the address space. */
header.p_vaddr = 0x0;
header.p_memsz = 0x0 - 0x1 - map.l_addr;
/* No matter where you place addr everything is shifted modulo l_addr
and even with this underflow you're always 1 byte away from being
in the range. */
ret = _dl_addr_inside_object (&map, addr);
switch (ret)
{
case 0:
printf ("PASS: Underflow: Address is detected as outside the segment.\n");
break;
case 1:
printf ("FAIL: Underflow: Address is detected as inside the segment.\n");
err++;
break;
default:
printf ("FAIL: Underflow: Invalid return value.\n");
exit (1);
}
return err;
}
#define TEST_FUNCTION do_test ()
#include "../test-skeleton.c"