[Tinycc-devel] Shall symbols ever be implicitly added?

[Czcibor Bohusz-Dobosz]

Hello,

I have recently been researching the possibility of using libtcc to make 
C a highly efficient scripting language for my codebase. The idea is 
certainly very promising - at a similar level of visible abstraction, 
TCC takes two seconds to allocate a single-gigabyte array on my setup, 
Lua takes about five... to trigger OOM :-)

However, it appears that if if I use the -rdynamic flag while compiling 
the codebase, the TCC state is being given access to symbols that have 
not been explicitly added to it - I've attached the code of a simple 
program showcasing the issue. Because CMake exposes this flag by default 
to the *nix compiler toolchains (spent quite a while scratching my 
head...), this may be a fairly serious vulnerability if unnoticed.

I would therefore love to get an answer on whether the described 
behavior is intentional. If it indeed is - TCC should probably get it 
visibly documented for the benefit of security and easier adoption of 
the library. If not - well, I've tried to fix it and failed (or rather, 
succeeded while making a thousand other things break, by changing 
RTLD_DEFAULT to RTLD_NEXT in tccelf.c:823), so if anybody here happened 
to be blessed with actual know-how... :-)

Thank You a thousand times to all the great contributors to this 
outstanding project!

- Czcibor

seetcc.c
Description: Text Data