diff options
| author | MyoungJune Park <mj2004.park@samsung.com> | 2016-09-27 11:29:00 +0900 |
|---|---|---|
| committer | MyoungJune Park <mj2004.park@samsung.com> | 2016-09-27 11:32:58 +0900 |
| commit | b1933100267a2f1a823c6e5b1ea817952e049688 (patch) | |
| tree | f7c54252a6eeb605b2583219ee352da1b7eb3eac | |
| parent | f1b6391d4e92993a6e6554072fdcd82c0dbcc485 (diff) | |
| download | libslp-db-util-b1933100267a2f1a823c6e5b1ea817952e049688.tar.gz libslp-db-util-b1933100267a2f1a823c6e5b1ea817952e049688.tar.bz2 libslp-db-util-b1933100267a2f1a823c6e5b1ea817952e049688.zip | |
Use absolute path of where .so is
Loading a library dynamically without specifying an absolute path could
allow an attacker to link a malicious library by changing
`$LD_LIBRARY_PATH` or other aspects of the program's execution
environment
Change-Id: I664e7530b9ffb8415a2d5b38ed8c2988f901f533
Signed-off-by: MyoungJune Park <mj2004.park@samsung.com>
| -rw-r--r-- | collation.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/collation.c b/collation.c index 5b38fb5..93e3320 100644 --- a/collation.c +++ b/collation.c @@ -54,6 +54,7 @@ }while(0) #define DB_UTIL_ERR_COL_FUNC_RET DB_UTIL_ERROR +#define ICUI18N_LIBPATH "/usr/lib/libicui18n.so" enum { DB_UTIL_ERR_DLOPEN = -10, @@ -118,7 +119,7 @@ static int __db_util_dl_load_icu() }; if(g_dl_icu_handle == NULL) { - g_dl_icu_handle = dlopen("libicui18n.so", RTLD_LAZY | RTLD_GLOBAL); + g_dl_icu_handle = dlopen(ICUI18N_LIBPATH, RTLD_LAZY | RTLD_GLOBAL); if(g_dl_icu_handle == NULL) { DB_UTIL_TRACE_WARNING("dlopen icu so fail"); return DB_UTIL_ERR_DLOPEN; |