[Lldb-commits] [lldb] [lldb] Use correct path for lldb-server executable (PR #131519)

Sun, 16 Mar 2025 07:18:33 -0700 

https://github.com/yuvald-sweet-security created 
https://github.com/llvm/llvm-project/pull/131519

Hey,

This solves an issue where running lldb-server-20 with a non-absolute path (for 
example, when it's installed into `/usr/bin` and the user runs it as 
`lldb-server-20 ...` and not `/usr/bin/lldb-server-20 ...`) fails with `error: 
spawn_process failed: execve failed: No such file or directory`. The underlying 
issue is that when run that way, it attempts to execute a binary named 
`lldb-server-20` from its current directory. This is also a mild security 
hazard because lldb-server is often being run as root in the directory `/tmp`, 
meaning that an unprivileged user can create the file `/tmp/lldb-server-20` and 
lldb-server will execute it as root.

I haven't previously contributed to this project; if you want me to change 
anything in the code please don't hesitate to let me know.

>From 2ffe1c4d93b05b3549ff7bc6761d9a08f82e331d Mon Sep 17 00:00:00 2001
From: Yuval Deutscher <yuvald@sweet.security>
Date: Sun, 16 Mar 2025 14:08:57 +0000
Subject: [PATCH] [lldb] Use correct path for lldb-server executable

---
 lldb/tools/lldb-server/lldb-platform.cpp | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/lldb/tools/lldb-server/lldb-platform.cpp 
b/lldb/tools/lldb-server/lldb-platform.cpp
index 880b45b989b9c..103e1ac02843d 100644
--- a/lldb/tools/lldb-server/lldb-platform.cpp
+++ b/lldb/tools/lldb-server/lldb-platform.cpp
@@ -545,13 +545,28 @@ int main_platform(int argc, char *argv[]) {
 
   MainLoop main_loop;
   {
+    char progpath[1024];
+#if defined(_WIN32)
+    if (GetModuleFileName(NULL, progpath, sizeof(progpath)) == 0) {
+      printf("Error retrieving executable path.\n");
+      return 1;
+    }
+#else
+    ssize_t len = readlink("/proc/self/exe", progpath, sizeof(progpath) - 1);
+    if (len == -1) {
+      perror("readlink");
+      return 1;
+    }
+    path[len] = '\0';
+#endif
+
     llvm::Expected<std::vector<MainLoopBase::ReadHandleUP>> platform_handles =
         platform_sock->Accept(
             main_loop, [progname, gdbserver_port, &inferior_arguments, 
log_file,
                         log_channels, &main_loop,
                         &platform_handles](std::unique_ptr<Socket> sock_up) {
               printf("Connection established.\n");
-              Status error = spawn_process(progname, sock_up.get(),
+              Status error = spawn_process(progpath, sock_up.get(),
                                            gdbserver_port, inferior_arguments,
                                            log_file, log_channels, main_loop);
               if (error.Fail()) {

_______________________________________________
lldb-commits mailing list
lldb-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-commits

Reply via email to