On 09/12/2012 12:55 AM, Ian Lance Taylor wrote:
I have finished the initial implementation of the backtrace library I
proposed at http://gcc.gnu.org/ml/gcc/2012-08/msg00317.html . I've
separated the work into three patches. These patches only implement the
backtrace library itself; actual use of the library will follow in
separate patches.
I'm trying to add a few comments below. I hope Thunderbird does not
garble them too much.
+backtrace_open (const char *filename, backtrace_error_callback
error_callback,
+ void *data)
+{
+ int descriptor;
+
+ descriptor = open (filename, O_RDONLY | O_CLOEXEC);
+ if (descriptor < 0)
+ {
+ error_callback (data, filename, errno);
+ return -1;
+ }
+ if (O_CLOEXEC == 0)
+ {
+ /* It doesn't matter if this fails for some reason. */
+ fcntl (descriptor, F_SETFD, FD_CLOEXEC);
+ }
You should call fcntl unconditionally. O_CLOEXEC might be non-zero
during build, but could still be ignored by the kernel.
+static void
+fileline_initialize (backtrace_error_callback error_callback, void *data)
+{
...
+ if (executable_name != NULL)
+ descriptor = backtrace_open (executable_name, error_callback, data);
+ else
+ descriptor = backtrace_open ("/proc/self/exe", error_callback, data);
You should try getauxval(AT_EXECFN) as well (needs recent glibc), so
that this works with a mounted /proc.
This library should only be used when getauxval(AT_SECURE) is zero, so
that the program doesn't try to read files with elevated privileges to
which the original user wouldn't have access. I don't think this has to
be addressed within the library itself.
Adding /usr/lib/debug support shouldn't be too hard, I will try to
figure out the required path transformations (which are somewhat
system-specific).
--
Florian Weimer / Red Hat Product Security Team
