linker: disallow W + E PT_LOAD segments No mapped segment from the elf file can be writable and executable at the same time. This commit adds a check for malformed PT_LOAD segments in the elf-files. Bug: http://b/30146890 Test: run bionic-unit-tests --gtest_filter=dlfcn.* Change-Id: Ia23acbe5a48780b65d7e4a50bbe024cd528079f4

commit: 9700babc051f5839b4fc861587d63bf06bab6324 [log] [tgz]
author: Dimitry Ivanov <dimitry@google.com> Wed Aug 10 18:54:06 2016 -0700
committer: Dimitry Ivanov <dimitry@google.com> Thu Aug 11 17:24:47 2016 -0700
tree: 9a98bffcda9eb741b937947d781e8bdf33025b93
parent: 3e35b26704b17139f6cd49d66d1be8e1a74d43dc [diff] [blame]
diff --git a/linker/linker_phdr.cpp b/linker/linker_phdr.cpp
index c41f3a0..bced722 100644
--- a/linker/linker_phdr.cpp
+++ b/linker/linker_phdr.cpp

@@ -604,9 +604,16 @@
     }
 
     if (file_length != 0) {
+      int prot = PFLAGS_TO_PROT(phdr->p_flags);
+      // W + E PT_LOAD segments are not allowed.
+      if ((prot & (PROT_EXEC | PROT_WRITE)) == (PROT_EXEC | PROT_WRITE)) {
+        DL_ERR_AND_LOG("\"%s\": W + E load segments are not allowed", name_.c_str());
+        return false;
+      }
+
       void* seg_addr = mmap64(reinterpret_cast<void*>(seg_page_start),
                             file_length,
-                            PFLAGS_TO_PROT(phdr->p_flags),
+                            prot,
                             MAP_FIXED|MAP_PRIVATE,
                             fd_,
                             file_offset_ + file_page_start);
commit	9700babc051f5839b4fc861587d63bf06bab6324	[log] [tgz]
author	Dimitry Ivanov <dimitry@google.com>	Wed Aug 10 18:54:06 2016 -0700
committer	Dimitry Ivanov <dimitry@google.com>	Thu Aug 11 17:24:47 2016 -0700
tree	9a98bffcda9eb741b937947d781e8bdf33025b93
parent	3e35b26704b17139f6cd49d66d1be8e1a74d43dc [diff] [blame]