ld.so.preload of libmediaclient.so is *very* harmful

Markus Rechberger mrechberger at gmail.com
Thu Feb 3 21:39:55 MST 2011


Andrew Bartlett <abartlet <at> samba.org> writes:

> 
> On Thu, 2011-02-03 at 13:28 +0100, c.hoffmann <at> bnet.at wrote:
> > Could finish provision!
> > There was a problem with the libmediaclient.so which is installed with the
> > driver for my tv-card (sundtek) I am using.
> > Deinstalled the driver and did provision again, this time it worked!
> > Reinstall the driver and it hopefully does not interfere with samba4.
> > 
> > br
> 
> After a very good guess by tridge, I found:
> http://www.sundtek.com/support/install.sh.txt
> 
> This script, which I presume you used, modifies /etc/ld.so.preload, and
> causes libmediaclient.so to be preloaded into every single process on
> the system.  Any process that calls net_read() will call into your TV
> card driver, and will break badly.
> 
> You are lucky that you only got a hang, as the preloading (equivalent to
> LD_PRELOAD set over every program on the system) of Sundtek's
> libmediaclient.so could easily have caused a segfault, or simply random
> data corruption. 
> 
> I suggest you never install this library on any system for which you
> care for it's integrity.  Once loaded, this library can override any
> function in any program, with all the checks overridden.  We have taken
> considerable care to ensure that we don't use random library functions,
> but cannot prevent a preload. 
> 
> I've observed other backtraces on the net showing this library providing
> functions as basic as 'poll', so even avoiding using a function by this
> particular name won't help. 
> 
> You could, as suggested in the sundtek forums, simply load this library
> for the only particular applications you need using LD_PRELOAD, but I
> would simply recommend avoiding this code entirely.  
> 

thank you for reporting this to us, although you are a little bit exaggerating.
This has been running on our PCs for more than 2 years now without any bigger 
complications (all known and reported issues have been fixed during that time).

As we had the discussion, this discussion came up in our forums as well, the 
problem is some users are not very familiar with the console and that's the 
reason why it is set globally. If issues come up and are reported to us we take 
care about them.

In the end both has to work samba and our driver (and by the way Samba4 misses 
some symbols with Ubuntu 10.10, according to launchpad it's fixed but doesn't 
seem to be mainstream). Software is improving by time in general.
As soon as CUSE (a mechanism that allows us to drop the old mechanism) is stable 
enough we will switch over to it. Last time we tested CUSE it crashed linux 
(this was a half year ago, we also reported this).

The reason for all that is that the preloading mechanism provides very high 
backward compatibility (one compiled driver works with Linux 2.6.18+), it avoids 
the need of having to compile drivers. And since updating the drivers also works 
very quick customers can easily handle this.

Last but not least we'll take over fixing this of course.
Andrew, sorry for wasting your time with this.

Best Regards,
Markus Rechberger



More information about the samba-technical mailing list