aboutsummaryrefslogtreecommitdiff
path: root/elf
diff options
context:
space:
mode:
authorJeff Law <law@redhat.com>2012-06-21 09:26:41 -0600
committerJeff Law <law@redhat.com>2012-06-21 09:26:41 -0600
commit28363bbf705830cb35791af679401559376eaa75 (patch)
treed04ba0e96581b43edcfe7eaaea5e4bdce8870886 /elf
parent09615db4a954a51014bb75e6def15ec05d4f0da9 (diff)
downloadglibc-28363bbf705830cb35791af679401559376eaa75.tar
glibc-28363bbf705830cb35791af679401559376eaa75.tar.gz
glibc-28363bbf705830cb35791af679401559376eaa75.tar.bz2
glibc-28363bbf705830cb35791af679401559376eaa75.zip
2012-06-21 Jeff Law <law@redhat.com>
[BZ #13882] * elf/dl-deps.c (_dl_map_object_deps): Fix cycle detection. Use uint16_t for elements in the "seen" array to avoid char overflows. * elf/dl-fini.c (_dl_sort_fini): Likewise. * elf/dl-open.c (dl_open_worker): Likewise.
Diffstat (limited to 'elf')
-rw-r--r--elf/dl-deps.c8
-rw-r--r--elf/dl-fini.c8
-rw-r--r--elf/dl-open.c8
3 files changed, 12 insertions, 12 deletions
diff --git a/elf/dl-deps.c b/elf/dl-deps.c
index fb1c3058c0..69aec461fb 100644
--- a/elf/dl-deps.c
+++ b/elf/dl-deps.c
@@ -1,5 +1,5 @@
/* Load the dependencies of a mapped object.
- Copyright (C) 1996-2003, 2004, 2005, 2006, 2007, 2010, 2011
+ Copyright (C) 1996-2003, 2004-2007, 2010-2012
Free Software Foundation, Inc.
This file is part of the GNU C Library.
@@ -632,7 +632,7 @@ Filters not supported with LD_TRACE_PRELINKING"));
/* We can skip looking for the binary itself which is at the front
of the search list. */
i = 1;
- char seen[nlist];
+ uint16_t seen[nlist];
memset (seen, 0, nlist * sizeof (seen[0]));
while (1)
{
@@ -658,13 +658,13 @@ Filters not supported with LD_TRACE_PRELINKING"));
(k - i) * sizeof (l_initfini[0]));
l_initfini[k] = thisp;
- if (seen[i + 1] > 1)
+ if (seen[i + 1] > nlist - i)
{
++i;
goto next_clear;
}
- char this_seen = seen[i];
+ uint16_t this_seen = seen[i];
memmove (&seen[i], &seen[i + 1],
(k - i) * sizeof (seen[0]));
seen[k] = this_seen;
diff --git a/elf/dl-fini.c b/elf/dl-fini.c
index 05146b3795..87cf2f1d33 100644
--- a/elf/dl-fini.c
+++ b/elf/dl-fini.c
@@ -1,5 +1,5 @@
/* Call the termination functions of loaded shared objects.
- Copyright (C) 1995,96,1998-2002,2004-2005,2009,2011
+ Copyright (C) 1995, 1996, 1998-2002, 2004-2005, 2009, 2011-2012
Free Software Foundation, Inc.
This file is part of the GNU C Library.
@@ -38,7 +38,7 @@ _dl_sort_fini (struct link_map **maps, size_t nmaps, char *used, Lmid_t ns)
/* We can skip looking for the binary itself which is at the front
of the search list for the main namespace. */
unsigned int i = ns == LM_ID_BASE;
- char seen[nmaps];
+ uint16_t seen[nmaps];
memset (seen, 0, nmaps * sizeof (seen[0]));
while (1)
{
@@ -78,13 +78,13 @@ _dl_sort_fini (struct link_map **maps, size_t nmaps, char *used, Lmid_t ns)
used[k] = here_used;
}
- if (seen[i + 1] > 1)
+ if (seen[i + 1] > nmaps - i)
{
++i;
goto next_clear;
}
- char this_seen = seen[i];
+ uint16_t this_seen = seen[i];
memmove (&seen[i], &seen[i + 1], (k - i) * sizeof (seen[0]));
seen[k] = this_seen;
diff --git a/elf/dl-open.c b/elf/dl-open.c
index 570c5f8791..9fe0a7ff6a 100644
--- a/elf/dl-open.c
+++ b/elf/dl-open.c
@@ -1,5 +1,5 @@
/* Load a shared object at runtime, relocate it, and run its initializer.
- Copyright (C) 1996-2007, 2009, 2010, 2011, 2012 Free Software Foundation, Inc.
+ Copyright (C) 1996-2007, 2009-2012 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
@@ -325,7 +325,7 @@ dl_open_worker (void *a)
while (l != NULL);
if (nmaps > 1)
{
- char seen[nmaps];
+ uint16_t seen[nmaps];
memset (seen, '\0', nmaps);
size_t i = 0;
while (1)
@@ -351,13 +351,13 @@ dl_open_worker (void *a)
(k - i) * sizeof (maps[0]));
maps[k] = thisp;
- if (seen[i + 1] > 1)
+ if (seen[i + 1] > nmaps - i)
{
++i;
goto next_clear;
}
- char this_seen = seen[i];
+ uint16_t this_seen = seen[i];
memmove (&seen[i], &seen[i + 1],
(k - i) * sizeof (seen[0]));
seen[k] = this_seen;