Loading a library dynamically without specifying an absolute path could
allow an attacker to link a malicious library by changing
`$LD_LIBRARY_PATH` or other aspects of the program's execution
environment
Change-Id: I664e7530b9ffb8415a2d5b38ed8c2988f901f533
Signed-off-by: MyoungJune Park <mj2004.park@samsung.com>
}while(0)
#define DB_UTIL_ERR_COL_FUNC_RET DB_UTIL_ERROR
+#define ICUI18N_LIBPATH "/usr/lib/libicui18n.so"
enum {
DB_UTIL_ERR_DLOPEN = -10,
};
if(g_dl_icu_handle == NULL) {
- g_dl_icu_handle = dlopen("libicui18n.so", RTLD_LAZY | RTLD_GLOBAL);
+ g_dl_icu_handle = dlopen(ICUI18N_LIBPATH, RTLD_LAZY | RTLD_GLOBAL);
if(g_dl_icu_handle == NULL) {
DB_UTIL_TRACE_WARNING("dlopen icu so fail");
return DB_UTIL_ERR_DLOPEN;