Update.

	* elf/Makefile (trusted-dirs.st): Use gen-trusted-dirs.awk.
	* elf/gen-trusted-dirs.awk: New file.
	* elf/dl-load.c (systems_dirs): Moved into file scope.  Initialize
	from SYSTEM_DIRS macro.
	(system_dirs_len): New variable.  Contains lengths of system_dirs
	strings.
	(fillin_rpath): Rewrite for systems_dirs being a simple string.
	Improve string comparisons.  Change parameter trusted to be a flag.
	Change all callers.
	(_dt_init_paths): Improve using new format for system_dirs.

diff --git a/ChangeLog b/ChangeLog
index 4a65061..6b9ec0c 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,16 @@
 1999-05-03  Ulrich Drepper  <drepper@cygnus.com>
 
+       * elf/Makefile (trusted-dirs.st): Use gen-trusted-dirs.awk.
+       * elf/gen-trusted-dirs.awk: New file.
+       * elf/dl-load.c (systems_dirs): Moved into file scope.  Initialize
+       from SYSTEM_DIRS macro.
+       (system_dirs_len): New variable.  Contains lengths of system_dirs
+       strings.
+       (fillin_rpath): Rewrite for systems_dirs being a simple string.
+       Improve string comparisons.  Change parameter trusted to be a flag.
+       Change all callers.
+       (_dt_init_paths): Improve using new format for system_dirs.
+
        * elf/dl-load.c (expand_dynamic_string_token): Don't expand
        $ORIGIN for SUID binaries.
 

diff --git a/elf/Makefile b/elf/Makefile
index 0fcb1b2..26a0832 100644 (file)
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -155,10 +155,8 @@ endif
 $(objpfx)trusted-dirs.h: $(objpfx)trusted-dirs.st; @:
 $(objpfx)trusted-dirs.st: Makefile $(..)Makeconfig
        $(make-target-directory)
-       dirs="$(subst :, ,$(default-rpath) $(user-defined-trusted-dirs))";   \
-       for dir in $$dirs; do                                                \
-         echo "  \"$$dir/\",";                                              \
-       done > ${@:st=T}
+       echo "$(subst :, ,$(default-rpath) $(user-defined-trusted-dirs))"    \
+       | $(AWK) -f gen-trusted-dirs.awk > ${@:st=T};
        $(move-if-change) ${@:st=T} ${@:st=h}
        touch $@
 CPPFLAGS-dl-load.c = -I$(objpfx).

diff --git a/elf/dl-load.c b/elf/dl-load.c
index c1d1d7e..05569ed 100644 (file)
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -120,6 +120,15 @@ const unsigned char _dl_pf_to_prot[8] =
 };
 
 
+/* Get the generated information about the trusted directories.  */
+#include "trusted-dirs.h"
+
+static const char system_dirs[] = SYSTEM_DIRS;
+static const size_t system_dirs_len[] =
+{
+  SYSTEM_DIRS_LEN
+};
+
 /* This function has no public prototype.  */
 extern ssize_t __libc_read (int, void *, size_t);
 
@@ -294,7 +303,7 @@ static size_t max_dirnamelen;
 
 static inline struct r_search_path_elem **
 fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
-             const char **trusted, const char *what, const char *where)
+             int check_trusted, const char *what, const char *where)
 {
   char *cp;
   size_t nelems = 0;
@@ -308,38 +317,44 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
          interpreted as `use the current directory'. */
       if (len == 0)
        {
-         static char curwd[] = "./";
-         cp = curwd;
+         static const char curwd[] = "./";
+         cp = (char *) curwd;
        }
 
       /* Remove trailing slashes (except for "/").  */
       while (len > 1 && cp[len - 1] == '/')
        --len;
 
+      /* Now add one if there is none so far.  */
+      if (len > 0 && cp[len - 1] != '/')
+       cp[len++] = '/';
+
       /* Make sure we don't use untrusted directories if we run SUID.  */
-      if (trusted != NULL)
+      if (check_trusted)
        {
-         const char **trun = trusted;
+         const char *trun = system_dirs;
+         size_t idx;
 
          /* All trusted directories must be complete names.  */
          if (cp[0] != '/')
            continue;
 
-         while (*trun != NULL
-                && (memcmp (*trun, cp, len) != 0
-                    || (*trun)[len] != '/'
-                    || (*trun)[len + 1] != '\0'))
-           ++trun;
+         for (idx = 0;
+              idx < sizeof (system_dirs_len) / sizeof (system_dirs_len[0]);
+              ++idx)
+           {
+             if (len == system_dirs_len[idx] && memcmp (trun, cp, len) == 0)
+               /* Found it.  */
+               break;
+
+             trun += system_dirs_len[idx] + 1;
+           }
 
-         if (*trun == NULL)
+         if (idx == sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
            /* It's no trusted directory, skip it.  */
            continue;
        }
 
-      /* Now add one if there is none so far.  */
-      if (len > 0 && cp[len - 1] != '/')
-       cp[len++] = '/';
-
       /* See if this directory is already known.  */
       for (dirp = all_dirs; dirp != NULL; dirp = dirp->next)
        if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
@@ -455,7 +470,7 @@ decompose_rpath (const char *rpath, struct link_map *l)
   if (result == NULL)
     _dl_signal_error (ENOMEM, NULL, "cannot create cache for search path");
 
-  return fillin_rpath (copy, result, ":", NULL, "RPATH", where);
+  return fillin_rpath (copy, result, ":", 0, "RPATH", where);
 }
 
 
@@ -463,12 +478,8 @@ void
 internal_function
 _dl_init_paths (const char *llp)
 {
-  static const char *system_dirs[] =
-  {
-#include "trusted-dirs.h"
-    NULL
-  };
-  const char **strp;
+  size_t idx;
+  const char *strp;
   struct r_search_path_elem *pelem, **aelem;
   size_t round_size;
 #ifdef PIC
@@ -484,7 +495,7 @@ _dl_init_paths (const char *llp)
 
   /* First set up the rest of the default search directory entries.  */
   aelem = rtld_search_dirs = (struct r_search_path_elem **)
-    malloc ((sizeof (system_dirs) / sizeof (system_dirs[0]))
+    malloc ((sizeof (system_dirs_len) / sizeof (system_dirs_len[0]))
             * sizeof (struct r_search_path_elem *));
   if (rtld_search_dirs == NULL)
     _dl_signal_error (ENOMEM, NULL, "cannot create search path array");
@@ -500,20 +511,21 @@ _dl_init_paths (const char *llp)
     _dl_signal_error (ENOMEM, NULL, "cannot create cache for search path");
 
   pelem = all_dirs = rtld_search_dirs[0];
-  for (strp = system_dirs; *strp != NULL; ++strp, pelem += round_size)
+  strp = system_dirs;
+  idx = 0;
+
+  do
     {
       size_t cnt;
 
       *aelem++ = pelem;
 
-      pelem->next = *(strp + 1) == NULL ? NULL : (pelem + round_size);
-
       pelem->what = "system search path";
       pelem->where = NULL;
 
-      pelem->dirnamelen = strlen (pelem->dirname = *strp);
-      if (pelem->dirnamelen > max_dirnamelen)
-       max_dirnamelen = pelem->dirnamelen;
+      pelem->dirname = strp;
+      pelem->dirnamelen = system_dirs_len[idx];
+      strp += system_dirs_len[idx] + 1;
 
       if (pelem->dirname[0] != '/')
        for (cnt = 0; cnt < ncapstr; ++cnt)
@@ -521,7 +533,16 @@ _dl_init_paths (const char *llp)
       else
        for (cnt = 0; cnt < ncapstr; ++cnt)
          pelem->status[cnt] = unknown;
+
+      pelem->next = (++idx == (sizeof (system_dirs_len)
+                              / sizeof (system_dirs_len[0]))
+                    ? NULL : (pelem + round_size));
+
+      pelem += round_size;
     }
+  while (idx < sizeof (system_dirs_len) / sizeof (system_dirs_len[0]));
+
+  max_dirnamelen = SYSTEM_DIRS_MAX_LEN;
   *aelem = NULL;
 
 #ifdef PIC
@@ -565,8 +586,7 @@ _dl_init_paths (const char *llp)
                          "cannot create cache for search path");
 
       (void) fillin_rpath (local_strdup (llp), env_path_list, ":;",
-                          __libc_enable_secure ? system_dirs : NULL,
-                          "LD_LIBRARY_PATH", NULL);
+                          __libc_enable_secure, "LD_LIBRARY_PATH", NULL);
     }
 }
 

diff --git a/elf/gen-trusted-dirs.awk b/elf/gen-trusted-dirs.awk
new file mode 100644 (file)
index 0000000..59f10a4
--- /dev/null
+++ b/elf/gen-trusted-dirs.awk
@@ -0,0 +1,37 @@
+BEGIN {
+  FS = " ";
+}
+
+{
+  for (i = 1; i <= NF; ++i) {
+    s[cnt++] = $i"/";
+  }
+}
+
+END {
+  printf ("#define SYSTEM_DIRS \\\n");
+
+  printf ("  \"%s\"", s[0]);
+
+  for (i = 1; i < cnt; ++i) {
+    printf (" \"\\0\" \"%s\"", s[i]);
+  }
+
+  printf ("\n\n");
+
+  printf ("#define SYSTEM_DIRS_LEN \\\n");
+
+  printf ("  %d", length (s[0]));
+  m = length (s[0]);
+
+  for (i = 1; i < cnt; ++i) {
+    printf (", %d", length(s[i]));
+    if (length(s[i]) > m) {
+      m = length(s[i]);
+    }
+  }
+
+  printf ("\n\n");
+
+  printf ("#define SYSTEM_DIRS_MAX_LEN\t%d\n", m);
+}