From 0479b305c5b7c8e3fa8e3002982cf8cac02b842e Mon Sep 17 00:00:00 2001 From: Andreas Schwab Date: Fri, 22 Jun 2012 11:10:31 -0700 Subject: Fix invalid memory access in do_lookup_x. [BZ #13579] Do not free l_initfini and allow it to be reused on subsequent dl_open calls for the same library. This fixes the invalid memory access in do_lookup_x when the previously free'd l_initfini was accessed through l_searchlist when a library had been opened for the second time. --- include/link.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/link.h b/include/link.h index 2eb3179475..f0c8ad521f 100644 --- a/include/link.h +++ b/include/link.h @@ -1,6 +1,6 @@ /* Data structure for communication from the run-time dynamic linker for loaded ELF shared objects. - Copyright (C) 1995-2006, 2007, 2009, 2010, 2011 Free Software Foundation, Inc. + Copyright (C) 1995-2012 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -191,6 +191,9 @@ struct link_map during LD_TRACE_PRELINKING=1 contains any DT_SYMBOLIC libraries. */ + unsigned int l_free_initfini:1; /* Nonzero if l_initfini can be + freed, ie. not allocated with + the dummy malloc in ld.so. */ /* Collected information about own RPATH directories. */ struct r_search_path_struct l_rpath_dirs; @@ -239,9 +242,6 @@ struct link_map /* List of object in order of the init and fini calls. */ struct link_map **l_initfini; - /* The init and fini list generated at startup, saved when the - object is also loaded dynamically. */ - struct link_map **l_orig_initfini; /* List of the dependencies introduced through symbol binding. */ struct link_map_reldeps -- cgit v1.2.3-70-g09d2