diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/patchelf.cc | 32 |
1 files changed, 26 insertions, 6 deletions
diff --git a/src/patchelf.cc b/src/patchelf.cc index b4e3e18..a59c12d 100644 --- a/src/patchelf.cc +++ b/src/patchelf.cc @@ -72,6 +72,13 @@ static vector<string> splitColonDelimitedString(const char * s){ return parts; } +static bool hasAllowedPrefix(const string & s, const vector<string> & allowedPrefixes){ + for (vector<string>::const_iterator it = allowedPrefixes.begin(); it != allowedPrefixes.end(); ++it) { + if (!s.compare(0, it->size(), *it)) return true; + } + return false; +} + static unsigned int getPageSize(){ return pageSize; @@ -185,7 +192,7 @@ public: typedef enum { rpPrint, rpShrink, rpSet, rpRemove } RPathOp; - void modifyRPath(RPathOp op, string newRPath); + void modifyRPath(RPathOp op, vector<string> allowedRpathPrefixes, string newRPath); void addNeeded(set<string> libs); @@ -1043,7 +1050,7 @@ static void concatToRPath(string & rpath, const string & path) template<ElfFileParams> -void ElfFile<ElfFileParamNames>::modifyRPath(RPathOp op, string newRPath) +void ElfFile<ElfFileParamNames>::modifyRPath(RPathOp op, vector<string> allowedRpathPrefixes, string newRPath) { Elf_Shdr & shdrDynamic = findSection(".dynamic"); @@ -1122,6 +1129,13 @@ void ElfFile<ElfFileParamNames>::modifyRPath(RPathOp op, string newRPath) continue; } + /* If --allowed-rpath-prefixes was given, reject directories + not starting with any of the (colon-delimited) prefixes. */ + if (!allowedRpathPrefixes.empty() && !hasAllowedPrefix(dirName, allowedRpathPrefixes)) { + debug("removing directory '%s' from RPATH because of non-allowed prefix\n", dirName.c_str()); + continue; + } + /* For each library that we haven't found yet, see if it exists in this directory. */ bool libFound = false; @@ -1465,6 +1479,7 @@ static bool setSoname = false; static string newSoname; static string newInterpreter; static bool shrinkRPath = false; +static vector<string> allowedRpathPrefixes; static bool removeRPath = false; static bool setRPath = false; static bool printRPath = false; @@ -1493,14 +1508,14 @@ static void patchElf2(ElfFile & elfFile) elfFile.setInterpreter(newInterpreter); if (printRPath) - elfFile.modifyRPath(elfFile.rpPrint, ""); + elfFile.modifyRPath(elfFile.rpPrint, vector<string>(), ""); if (shrinkRPath) - elfFile.modifyRPath(elfFile.rpShrink, ""); + elfFile.modifyRPath(elfFile.rpShrink, allowedRpathPrefixes, ""); else if (removeRPath) - elfFile.modifyRPath(elfFile.rpRemove, ""); + elfFile.modifyRPath(elfFile.rpRemove, vector<string>(), ""); else if (setRPath) - elfFile.modifyRPath(elfFile.rpSet, newRPath); + elfFile.modifyRPath(elfFile.rpSet, vector<string>(), newRPath); if (printNeeded) elfFile.printNeededLibs(); @@ -1563,6 +1578,7 @@ void showHelp(const string & progName) [--set-rpath RPATH]\n\ [--remove-rpath]\n\ [--shrink-rpath]\n\ + [--allowed-rpath-prefixes PREFIXES]\t\tWith '--shrink-rpath', reject rpath entries not starting with the allowed prefix\n\ [--print-rpath]\n\ [--force-rpath]\n\ [--add-needed LIBRARY]\n\ @@ -1614,6 +1630,10 @@ int main(int argc, char * * argv) else if (arg == "--shrink-rpath") { shrinkRPath = true; } + else if (arg == "--allowed-rpath-prefixes") { + if (++i == argc) error("missing argument"); + allowedRpathPrefixes = splitColonDelimitedString(argv[i]); + } else if (arg == "--set-rpath") { if (++i == argc) error("missing argument"); setRPath = true; |