From: deraadt <deraadt@openbsd.org>
Date: Thu, 12 Oct 2023 16:37:05 +0000 (+0000)
Subject: Static binaries which do not call execve() were not calling
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=15330de0e9e18a84264594ec9595f478ea3a3d8a;p=openbsd

Static binaries which do not call execve() were not calling
pinsyscall(SYS_execve, ...).  Upon review, this is a fairly small
set of programs which either pledge() aggressively or don't usually
operate in a risky operating environment.  We now point at a location
which is definately not a "syscall" instruction.
ok kettenis
---

diff --git a/lib/libc/dlfcn/init.c b/lib/libc/dlfcn/init.c
index c6d4701f3c7..b6acbf91064 100644
--- a/lib/libc/dlfcn/init.c
+++ b/lib/libc/dlfcn/init.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: init.c,v 1.18 2023/02/27 15:00:17 deraadt Exp $ */
+/*	$OpenBSD: init.c,v 1.19 2023/10/12 16:37:05 deraadt Exp $ */
 /*
  * Copyright (c) 2014,2015 Philip Guenther <guenther@openbsd.org>
  *
@@ -154,6 +154,11 @@ _libc_preinit(int argc, char **argv, char **envp, dl_cb_cb *cb)
 			extern const int _execve_size;
 
 			pinsyscall(SYS_execve, &HIDDEN(execve), _execve_size);
+		} else {
+			static const int not_syscall;
+
+			/* Static binary which does not use execve() */
+			pinsyscall(SYS_execve, (void *)&not_syscall, 1);
 		}
 #endif
 	}