Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f8f24145-cfde-4358-bc6b-7b79a1e8f142@petroprogram.com>
Date: Sun, 28 Jan 2018 00:07:33 +0200
From: Stefan Fröberg <stefan.froberg@...roprogram.com>
To: Szabolcs Nagy <nsz@...t70.net>
Cc: musl@...ts.openwall.com
Subject: Re: BUG: $ORIGIN does not seem to work

Hi

Here is the strace

strace ./x

execve("./x", ["./x"], 0x7ffc8a938740 /* 20 vars */) = 0
arch_prctl(ARCH_SET_FS, 0x7fb0d02cfba8) = 0
set_tid_address(0x7fb0d02cfbe0)         = 2954
readlink("/proc/self/exe", "/root/batman/x", 512) = 14
open("/root/batman/lib/libcrypto.so.1.1", O_RDONLY|O_CLOEXEC) = 3
fcntl(3, F_SETFD, FD_CLOEXEC)           = 0
fstat(3, {st_mode=S_IFREG|0755, st_size=2800952, ...}) = 0
read(3,
"\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\220\6\0\0\0\0\0"...,
960) = 960
mmap(NULL, 4911104, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x7fb0cfb92000
mmap(0x7fb0d0016000, 176128, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED, 3, 0x284000) = 0x7fb0d0016000
mmap(0x7fb0d003e000, 12288, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fb0d003e000
close(3)                                = 0
mprotect(0x7fb0d0016000, 122880, PROT_READ) = 0
mprotect(0x7fb0d02cc000, 4096, PROT_READ) = 0
mprotect(0x5574fa625000, 4096, PROT_READ) = 0
ioctl(1, TIOCGWINSZ, {ws_row=34, ws_col=107, ws_xpixel=1284,
ws_ypixel=748}) = 0
writev(1, [{iov_base="Initializing crypto ... OK", iov_len=26},
{iov_base="\n", iov_len=1}], 2Initializing crypto ... OK
) = 27
exit_group(0)                           = ?
+++ exited with 0 +++
./x
Initializing crypto ... OK
So it find and uses the correct, local version $ORIGIN/lib
(/root/batman/lib/libcrypto.so.1.1) of libcrypto.so.1.1
and "readelf -d x"  confirms it.

But for some reason ldd does not show it.

ldd x
    /lib/ld-musl-x86_64.so.1 (0x7f22efa03000)
    libcrypto.so.1.1 => /usr/lib/libcrypto.so.1.1 (0x7f22ef352000)
    libc.so => /lib/ld-musl-x86_64.so.1 (0x7f22efa03000)

********************************************************************
#include <stdio.h>
#include <openssl/ssl.h>

int main(void)
{
    printf("Initializing crypto ... ");
    int    r =
OPENSSL_init_crypto(OPENSSL_INIT_NO_ADD_ALL_CIPHERS|OPENSSL_INIT_NO_ADD_ALL_DIGESTS,NULL);
    printf("%s\n",(r == 1 ? "OK" : "FAILED"));
    return(0);
}
*********************************************************************
readelf -d x

Dynamic section at offset 0xe10 contains 24 entries:
  Tag        Type                         Name/Value
 0x0000000000000001 (NEEDED)             Shared library: [libcrypto.so.1.1]
 0x0000000000000001 (NEEDED)             Shared library: [libc.so]
 0x000000000000000f (RPATH)              Library rpath: [$ORIGIN/lib]
 0x000000000000000c (INIT)               0x608
 0x000000000000000d (FINI)               0x8e2
 0x000000006ffffef5 (GNU_HASH)           0x220
 0x0000000000000005 (STRTAB)             0x3c0
 0x0000000000000006 (SYMTAB)             0x258
 0x000000000000000a (STRSZ)              253 (bytes)
 0x000000000000000b (SYMENT)             24 (bytes)
 0x0000000000000015 (DEBUG)              0x0
 0x0000000000000003 (PLTGOT)             0x201000
 0x0000000000000002 (PLTRELSZ)           96 (bytes)
 0x0000000000000014 (PLTREL)             RELA
 0x0000000000000017 (JMPREL)             0x5a8
 0x0000000000000007 (RELA)               0x500
 0x0000000000000008 (RELASZ)             168 (bytes)
 0x0000000000000009 (RELAENT)            24 (bytes)
 0x000000006ffffffb (FLAGS_1)            Flags: PIE
 0x000000006ffffffe (VERNEED)            0x4e0
 0x000000006fffffff (VERNEEDNUM)         1
 0x000000006ffffff0 (VERSYM)             0x4be
 0x000000006ffffff9 (RELACOUNT)          2
 0x0000000000000000 (NULL)               0x0

Szabolcs Nagy kirjoitti 27.01.2018 klo 21:26:
> * Stefan Fröberg <stefan.froberg@...roprogram.com> [2018-01-27 18:20:27 +0200]:
>> Szabolcs Nagy kirjoitti 27.01.2018 klo 13:07:
>>> * Stefan Fröberg <stefan.froberg@...roprogram.com> [2018-01-27 01:50:21 +0200]:
>>>> My ldd is just symbolic link inside musl chroot environment, to
>>>> /lib/ld-musl-x86_64.so.1
>>>> and it's symbolic link to /lib/libc.so
>>>>
>>>> Here is readelf output of that test program
>>>> readelf -d x
>>>>
>>>> Dynamic section at offset 0xe10 contains 24 entries:
>>>>   Tag        Type                         Name/Value
>>>>  0x0000000000000001 (NEEDED)             Shared library: [libcrypto.so.1.1]
>>>                                                             ^^^^^^^^^^^^^^^^
>>> this looks like the wrong library version
>>>
>>> if you had straced the ldd output you would have seen
>>> that musl tries to open lib/libcrypto.so.1.1, but you
>>> probably only have lib/libcrypto.so.1.0.0 based on the
>>> glibc ldd output below.
>> No, that ldd was run inside, pure, chrooted musl environment. No glibc
>> inside.
> this does not matter
>
>> These are the only libcrypto* files inside that chroot environment:
>>
>>  ls -lah /usr/lib/libcrypto.*
>> -rw-r--r--    1 0        0           5.0M Dec 17 00:24 /usr/lib/libcrypto.a
>> lrwxrwxrwx    1 0        0             16 Dec 17 00:24
>> /usr/lib/libcrypto.so -> libcrypto.so.1.1
>> -rwxr-xr-x    1 0        0           3.0M Jan 26 12:58
>> /usr/lib/libcrypto.so.1.1
>>
> like i said, you linked the wrong library, try to link
> the right one. again, if you run the ldso under strace
> the problem will be obvious and we dont have to waste time.
>
> you should also strace ld to see what gets linked,
> if it's /usr/lib/libcrypto... then that's wrong.
> (instead of strace you can use -Wl,--trace)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.