lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-07-14 20:01:03 +03:00
Code Activity

[BZ #3924]

Browse Source 
* sysdeps/i386/dl-trampoline.S (_dl_runtime_profile): Fix a few
	more little bugs in creating the stack frame when pltexit has to
	be called.
This commit is contained in:
Ulrich Drepper
2007-10-07 05:31:00 +00:00
parent 506073094c
commit a6fa53288f
4 changed files with 33 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,5 +1,10 @@
2007-10-06 Ulrich Drepper <drepper@redhat.com> 2007-10-06 Ulrich Drepper <drepper@redhat.com>
[BZ #3924]
* sysdeps/i386/dl-trampoline.S (_dl_runtime_profile): Fix a few
more little bugs in creating the stack frame when pltexit has to
be called.
* nscd/nscd_helper.c (__nscd_cache_search): Prevent endless loops. * nscd/nscd_helper.c (__nscd_cache_search): Prevent endless loops.
* nscd/connections.c (verify_persistent_db): Recognize circular lists. * nscd/connections.c (verify_persistent_db): Recognize circular lists.

10
nscd/connections.c
View File

@ -378,8 +378,9 @@ verify_persistent_db (void *mem, struct database_pers_head *readhead, int dbnr)
nscd_ssize_t he_cnt = 0; nscd_ssize_t he_cnt = 0;
for (nscd_ssize_t cnt = 0; cnt < head->module; ++cnt) for (nscd_ssize_t cnt = 0; cnt < head->module; ++cnt)
{ {
ref_t first = head->array[cnt]; ref_t trail = head->array[cnt];
ref_t work = first; ref_t work = trail;
int tick = 0;
while (work != ENDREF) while (work != ENDREF)
{ {
@ -439,9 +440,12 @@ verify_persistent_db (void *mem, struct database_pers_head *readhead, int dbnr)
work = here->next; work = here->next;
if (work == first) if (work == trail)
/* A circular list, this must not happen. */ /* A circular list, this must not happen. */
goto fail; goto fail;
if (tick)
trail = ((struct hashentry *) (data + trail))->next;
tick = 1 - tick;
} }
} }

21
nscd/nscd_helper.c
View File

@ -416,8 +416,10 @@ __nscd_cache_search (request_type type, const char *key, size_t keylen,
unsigned long int hash = __nis_hash (key, keylen) % mapped->head->module; unsigned long int hash = __nis_hash (key, keylen) % mapped->head->module;
size_t datasize = mapped->datasize; size_t datasize = mapped->datasize;
ref_t first = mapped->head->array[hash]; ref_t trail = mapped->head->array[hash];
ref_t work = first; ref_t work = trail;
int tick = 0;
while (work != ENDREF && work + sizeof (struct hashentry) <= datasize) while (work != ENDREF && work + sizeof (struct hashentry) <= datasize)
{ {
struct hashentry *here = (struct hashentry *) (mapped->data + work); struct hashentry *here = (struct hashentry *) (mapped->data + work);
@ -457,8 +459,21 @@ __nscd_cache_search (request_type type, const char *key, size_t keylen,
work = here->next; work = here->next;
/* Prevent endless loops. This should never happen but perhaps /* Prevent endless loops. This should never happen but perhaps
the database got corrupted, accidentally or deliberately. */ the database got corrupted, accidentally or deliberately. */
if (work == first) if (work == trail)
break; break;
if (tick)
{
struct hashentry *trailelem;
trailelem = (struct hashentry *) (mapped->data + trail);
#ifndef _STRING_ARCH_unaligned
/* We have to redo the checks. Maybe the data changed. */
if ((uintptr_t) trailelem & (__alignof__ (*trailelem) - 1))
return NULL;
#endif
trail = trailelem->next;
}
tick = 1 - tick;
} }
return NULL; return NULL;

5
sysdeps/i386/dl-trampoline.S
View File

@ -113,6 +113,7 @@ _dl_runtime_profile:
movl %ebx, %ecx movl %ebx, %ecx
orl $4, %ebx # Increase frame size if necessary to align orl $4, %ebx # Increase frame size if necessary to align
# stack for the function call # stack for the function call
andl $~3, %ebx
movl %esp, %edi movl %esp, %edi
subl %ebx, %edi subl %ebx, %edi
movl %esp, %ebx movl %esp, %ebx
@ -121,9 +122,9 @@ _dl_runtime_profile:
shrl $2, %ecx shrl $2, %ecx
rep rep
movsl movsl
movl (%edi), %esi movl (%ebx), %esi
cfi_restore (esi) cfi_restore (esi)
movl 4(%edi), %edi movl 4(%ebx), %edi
cfi_restore (edi) cfi_restore (edi)
/* /*
%ebx+40 return address %ebx+40 return address