-
Notifications
You must be signed in to change notification settings - Fork 17.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
debug/elf: Does not always correctly read DT_BIND_NOW flag. #68144
Comments
Similar Issues
(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.) |
This is working as expected. ELF is not as simple as one might expect. The |
Go version
go version go1.21.4 darwin/arm64
Output of
go env
in your module/workspace:What did you do?
checking for the existing of DT_BIND_NOW flag on binaries does not always properly report.
gcc -o test test.c -w -D_FORTIFY_SOURCE=3 -fstack-protector-strong -fpie -O2 -z relro -z now -z noexecstack -pie -s
What did you see happen?
when compiling with Rocky Linux 9 gcc.
the debug/elf check for
file.DynValue(24)
returns[0]
to indicate that it includes BIND_NOW (This returns properly)gcc version 11.4.1 20231218 (Red Hat 11.4.1-3) (GCC) on Rocky Linux 9
However, when running the same code on ubuntu:22.04, this does NOT return properly
the debug/elf check for
file.DynValue(24)
returns[]
to indicate that it BIND_NOW is not set (This does NOT return properly)gcc version 11.4.0 (Ubuntu 11.4.0-1ubuntu1~22.04)
but readelf shows that the BIND_NOW flag IS set.
from what it looks like, there are set in different places.
0x000000000000001e (FLAGS) BIND_NOW
(ubuntu)0x0000000000000018 (BIND_NOW)
(rocky)But both of them are proper.
What did you expect to see?
Both would be expected to return
[0]
to indicate that it is set properly on the binary.Additional info on RELRO: https://www.redhat.com/en/blog/hardening-elf-binaries-using-relocation-read-only-relro
The text was updated successfully, but these errors were encountered: