Hi all,
secure_getenv
was introduced in GLIBC 2.17.
I compile my software using an odd toolchain, namely one with GLIBC 2.12 where secure_getenv
is not available using gcc-8.3.0
The result binary, does contains a reference to secure_getenv
:
$ objdump -T ~/Downloads/redisql_v1.0.1_x86_64.so | grep secure -C 5
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5 syscall
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5 strcspn
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5 pthread_condattr_init
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5 rewind
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5 bind
0000000000000000 D *UND* 0000000000000000 secure_getenv ### <--- here
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5 socket
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5 pthread_mutex_trylock
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.3.4 __vfprintf_chk
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5 dl_iterate_phdr
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5 nanosleep
As you can see something is odd, since the line about secure_getenv
is the only one without the version of GLIBC.
What is happening in this case? Who decide what symbols are needed?
How can I tell it to don't use secure_getenv
?
Any ideas?