mirror of
				https://sourceware.org/git/glibc.git
				synced 2025-10-26 00:57:39 +03:00 
			
		
		
		
	Fuller check for invalid NSID in _dl_open.
This commit is contained in:
		| @@ -1,3 +1,9 @@ | ||||
| 2015-04-17  Roland McGrath  <roland@hack.frob.com> | ||||
| 
 | ||||
| 	* elf/dl-open.c (_dl_open): Use __glibc_unlikely in invalid namespace | ||||
| 	check.  Reject NSID < 0 and NSID >= dl_nns, and check for DL_NNS==1, | ||||
| 	before using NSID as an index. | ||||
| 
 | ||||
| 2015-04-17  Il'ya Malakhov <ilmalakhov@yandex.ru> | ||||
| 
 | ||||
| 	[BZ #17825] | ||||
|   | ||||
| @@ -211,7 +211,7 @@ dl_open_worker (void *a) | ||||
|       struct link_map *l = _dl_find_dso_for_object ((ElfW(Addr)) caller_dlopen); | ||||
|  | ||||
|       if (l) | ||||
|         call_map = l; | ||||
| 	call_map = l; | ||||
|  | ||||
|       if (args->nsid == __LM_ID_CALLER) | ||||
| 	args->nsid = call_map->l_ns; | ||||
| @@ -619,8 +619,14 @@ no more namespaces available for dlmopen()")); | ||||
|   /* Never allow loading a DSO in a namespace which is empty.  Such | ||||
|      direct placements is only causing problems.  Also don't allow | ||||
|      loading into a namespace used for auditing.  */ | ||||
|   else if (__builtin_expect (nsid != LM_ID_BASE && nsid != __LM_ID_CALLER, 0) | ||||
| 	   && (GL(dl_ns)[nsid]._ns_nloaded == 0 | ||||
|   else if (__glibc_unlikely (nsid != LM_ID_BASE && nsid != __LM_ID_CALLER) | ||||
| 	   && (__glibc_unlikely (nsid < 0 || nsid >= GL(dl_nns)) | ||||
| 	       /* This prevents the [NSID] index expressions from being | ||||
| 		  evaluated, so the compiler won't think that we are | ||||
| 		  accessing an invalid index here in the !SHARED case where | ||||
| 		  DL_NNS is 1 and so any NSID != 0 is invalid.  */ | ||||
| 	       || DL_NNS == 1 | ||||
| 	       || GL(dl_ns)[nsid]._ns_nloaded == 0 | ||||
| 	       || GL(dl_ns)[nsid]._ns_loaded->l_auditing)) | ||||
|     _dl_signal_error (EINVAL, file, NULL, | ||||
| 		      N_("invalid target namespace in dlmopen()")); | ||||
|   | ||||
		Reference in New Issue
	
	Block a user