Florian Weimer, le sam. 01 janv. 2022 20:02:12 +0100, a ecrit: > * Samuel Thibault: > > > Florian Weimer, le sam. 01 janv. 2022 19:48:21 +0100, a ecrit: > >> * Samuel Thibault via Libc-alpha: > >> >> > + if (&__trivfs_server_name && __trivfs_server_name > >> >> > + && __trivfs_server_name[0] == 'r' > >> >> > + && __trivfs_server_name[1] == 'a' > >> >> > + && __trivfs_server_name[2] == 'n' > >> >> > + && __trivfs_server_name[3] == 'd' > >> >> > + && __trivfs_server_name[4] == 'o' > >> >> > + && __trivfs_server_name[5] == 'm' > >> >> > + && __trivfs_server_name[6] == '\0') > >> >> > /* We are random, don't try to read ourselves! */ > >> >> > return length; > >> >> > >> >> How does this work? It's a new synbol name, so there's no definition, > >> >> so the weak reference is always null. > >> > > >> > It is peeking it from the program. > >> > > >> > Basically the problem is that the random translator uses glibc, whose > >> > malloc implementation started using /dev/random in glibc 2.34, thus > >> > reading itself. > >> > >> I still don't understand. Why isn't the condition always false? > > > > The definition is in the random translator, which exports it in its > > dynamic symbol table. > > Oh, so there is a companion patch that is not reflected in the glibc > sources?
Yes, it's there: http://git.savannah.gnu.org/cgit/hurd/hurd.git/commit/?id=8c5eb657ff196a31a3230652823221f3fe805d73 Samuel
