From 35a279ff390d85f21f51d0fd205e414676d4775d Mon Sep 17 00:00:00 2001
From: Darshan Sen <raisinten@gmail.com>
Date: Thu, 2 Mar 2023 11:32:49 +0530
Subject: [PATCH] fix: only iterate the main executable program headers

The resource gets injected in the main executable, so there is no need
to iterate the other shared libraries that are loaded by the program.
This also resolves a security concern.

Refs: https://github.com/nodejs/postject/pull/77#pullrequestreview-1321016158
Signed-off-by: Darshan Sen <raisinten@gmail.com>
---
 postject-api.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/postject-api.h b/postject-api.h
index e0e6ca2..43b8875 100644
--- a/postject-api.h
+++ b/postject-api.h
@@ -91,8 +91,9 @@ static int postject__dl_iterate_phdr_callback(struct dl_phdr_info* info,
     }
   }
 
-  // skip to the next shared object
-  return 0;
+  // wasn't able to find the note in the main executable program headers, so
+  // terminate the search
+  return 1;
 }
 #endif