Load dependencies by name #1594
Conversation
aleksei-fedotov
requested review from
pavelkumbrasev
and removed request for
pavelkumbrasev
CMakeLists.txt
Outdated
| message(WARNING | ||
| "Dependency signature verification during dynamic run-time linking is disabled. This may " | ||
| "lead to security vulnerabilities. It is recommended to leave it enabled in production " | ||
| "environment. Unset TBB_VERIFY_DEPENDENCY_SIGNATURE or set it ON to enable it again.") |
There was a problem hiding this comment.
Will unsetting TBB_VERIFY_DEPENDENCY_SIGNATURE not disable it instead? Did you mean "Set TBB_VERIFY_DEPENDENCY_SIGNATURE ..."
There was a problem hiding this comment.
I clarified the messaging.
src/tbb/dynamic_link.cpp
Outdated
| error = va_arg(args, dlerr_t); | ||
| // TODO: Use fprintf_s once dynamic link functionality is extracted into a separate | ||
| // module (e.g., a static library) | ||
| std::fprintf(stdout, "%s The module \"%s\" was not loaded because it was not found. " |
There was a problem hiding this comment.
Please look up and use the more secured version fprintf_s
src/tbb/dynamic_link.cpp
Outdated
| case dl_sys_fail: | ||
| str = va_arg(args, const char*); | ||
| error = va_arg(args, dlerr_t); | ||
| std::fprintf(stdout, "oneTBB: A call to \"%s\" failed with error " DLERROR_SPECIFIER |
There was a problem hiding this comment.
and all other locations of fprintf
| } | ||
|
|
||
| va_end(args); | ||
| } // library_warning |
There was a problem hiding this comment.
Is there a case that covers a certificate that has expired?
There was a problem hiding this comment.
Please see comments in this conversation
| DYNAMIC_LINK_WARNING( dl_sig_other_error, filepath, retval); | ||
| break; | ||
| } | ||
| } |
There was a problem hiding this comment.
Similar here: Is the case for an expired certificate covered somewhere?
There was a problem hiding this comment.
It is covered by untrusted root case as the whole chain of certificates is checked.
| } | ||
|
|
||
| bool has_valid_signature(const char* filepath, const std::size_t length) { | ||
| __TBB_ASSERT_EX(length <= PATH_MAX, "Too small buffer for path conversion"); |
There was a problem hiding this comment.
This is minor:
Is length too small when it is equal to PATH_MAX? (Maybe length < PATH_MAX)
There was a problem hiding this comment.
It is just enough as it includes the null-terminating character.
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
aleksei-fedotov
force-pushed
the
load-dependencies-by-name
branch
from
3872b7b to
4605226
Compare
src/tbb/CMakeLists.txt
Outdated
| else() | ||
| set(TBB_COMPILER_MACRO_SWITCH -D) | ||
| endif() | ||
| set(TBB_LIB_COMPILE_FLAGS ${TBB_LIB_COMPILE_FLAGS} ${TBB_COMPILER_MACRO_SWITCH}__TBB_VERIFY_DEPENDENCY_SIGNATURE) |
There was a problem hiding this comment.
Can target_compile_definitions be used instead?
Description
This PR applies RFC:
Fixes # - issue number(s) if exists
Type of change
Choose one or multiple, leave empty if none of the other choices apply
Add a respective label(s) to PR if you have permissions
Tests
Documentation
Breaks backward compatibility
Notify the following users
List users with
@to send notificationsOther information