From 7bece9c2095ee81f14b1088f6b0ba2f37fecb283 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Thu, 17 Jul 2014 22:01:52 -0400 Subject: provide getauxval(AT_SECURE) even if it is missing from the aux vector this could happen on 2.4-series linux kernels that predate AT_SECURE and possibly on other kernels that are emulating the linux syscall API but not providing AT_SECURE in the aux vector at startup. in principle applications should be checking errno anyway, but this does not really work. to be secure, the caller would have to treat ENOENT (indeterminate result) as possibly-suid and thereby disable functionality in the typical non-suid usage case. and since glibc only runs on kernels that provide AT_SECURE, applications written to the glibc getauxval API might simply assume it succeeds. --- src/misc/getauxval.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src/misc/getauxval.c') diff --git a/src/misc/getauxval.c b/src/misc/getauxval.c index 5ac8b3d2..b846c80f 100644 --- a/src/misc/getauxval.c +++ b/src/misc/getauxval.c @@ -5,6 +5,7 @@ unsigned long getauxval(unsigned long item) { size_t *auxv = libc.auxv; + if (item == AT_SECURE) return libc.secure; for (; *auxv; auxv+=2) if (*auxv==item) return auxv[1]; errno = ENOENT; -- cgit v1.2.1