From 5a2f83cd86ce824167fa7ea8e5357c014034ed46 Mon Sep 17 00:00:00 2001 From: Jakub Filak Date: Mon, 9 Jun 2014 17:13:09 +0200 Subject: [ABRT PATCH 45/66] gdb: disable loading of auto-loaded files https://sourceware.org/gdb/onlinedocs/gdb/Auto_002dloading.html There are two main reasons for doing so: 1. we cannot trust anybody - the auto-loaded file may change the output format - security? 2. bugs in such a files (#817) Resolves: #1128637 Signed-off-by: Jakub Filak --- src/lib/hooklib.c | 40 +++++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/src/lib/hooklib.c b/src/lib/hooklib.c index 4a50727..21ad9e0 100644 --- a/src/lib/hooklib.c +++ b/src/lib/hooklib.c @@ -252,10 +252,12 @@ char *get_backtrace(const char *dump_dir_name, unsigned timeout_sec, const char /* Let user know what's going on */ log(_("Generating backtrace")); - char *args[21]; + char *args[23]; args[0] = (char*)"gdb"; args[1] = (char*)"-batch"; args[2] = (char*)"-ex"; + args[3] = (char*)"set auto-load off"; + args[4] = (char*)"-ex"; struct strbuf *set_debug_file_directory = strbuf_new(); if(debuginfo_dirs == NULL) { @@ -278,7 +280,7 @@ char *get_backtrace(const char *dump_dir_name, unsigned timeout_sec, const char p = colon_or_nul; } } - args[3] = strbuf_free_nobuf(set_debug_file_directory); + args[5] = strbuf_free_nobuf(set_debug_file_directory); /* "file BINARY_FILE" is needed, without it gdb cannot properly * unwind the stack. Currently the unwind information is located @@ -300,27 +302,27 @@ char *get_backtrace(const char *dump_dir_name, unsigned timeout_sec, const char * TODO: check mtimes on COREFILE and BINARY_FILE and not supply * BINARY_FILE if it is newer (to at least avoid gdb complaining). */ - args[4] = (char*)"-ex"; - args[5] = xasprintf("file %s", executable); - free(executable); - args[6] = (char*)"-ex"; - args[7] = xasprintf("core-file %s/"FILENAME_COREDUMP, dump_dir_name); + args[7] = xasprintf("file %s", executable); + free(executable); args[8] = (char*)"-ex"; - /*args[9] = ... see below */ + args[9] = xasprintf("core-file %s/"FILENAME_COREDUMP, dump_dir_name); + args[10] = (char*)"-ex"; - args[11] = (char*)"info sharedlib"; - /* glibc's abort() stores its message in __abort_msg variable */ + /*args[11] = ... see below */ args[12] = (char*)"-ex"; - args[13] = (char*)"print (char*)__abort_msg"; + args[13] = (char*)"info sharedlib"; + /* glibc's abort() stores its message in __abort_msg variable */ args[14] = (char*)"-ex"; - args[15] = (char*)"print (char*)__glib_assert_msg"; + args[15] = (char*)"print (char*)__abort_msg"; args[16] = (char*)"-ex"; - args[17] = (char*)"info all-registers"; + args[17] = (char*)"print (char*)__glib_assert_msg"; args[18] = (char*)"-ex"; - args[19] = (char*)"disassemble"; - args[20] = NULL; + args[19] = (char*)"info all-registers"; + args[20] = (char*)"-ex"; + args[21] = (char*)"disassemble"; + args[22] = NULL; /* Get the backtrace, but try to cap its size */ /* Limit bt depth. With no limit, gdb sometimes OOMs the machine */ @@ -330,9 +332,9 @@ char *get_backtrace(const char *dump_dir_name, unsigned timeout_sec, const char char *bt = NULL; while (1) { - args[9] = xasprintf("%s backtrace %u%s", thread_apply_all, bt_depth, full); + args[11] = xasprintf("%s backtrace %u%s", thread_apply_all, bt_depth, full); bt = exec_vp(args, /*redirect_stderr:*/ 1, timeout_sec, NULL); - free(args[9]); + free(args[11]); if ((bt && strnlen(bt, 256*1024) < 256*1024) || bt_depth <= 32) { break; @@ -357,7 +359,7 @@ char *get_backtrace(const char *dump_dir_name, unsigned timeout_sec, const char * End of assembler dump. * (IOW: "empty" dump) */ - args[19] = (char*)"disassemble $pc-20, $pc+64"; + args[21] = (char*)"disassemble $pc-20, $pc+64"; if (bt_depth <= 64 && thread_apply_all[0] != '\0') { @@ -373,9 +375,9 @@ char *get_backtrace(const char *dump_dir_name, unsigned timeout_sec, const char } } - free(args[3]); free(args[5]); free(args[7]); + free(args[9]); return bt; } -- 1.8.3.1