This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
[kubicek@bitsmart.com] libc/2039: Bug+fix, ld-linux.so.2 segmentation fault, file elf/dl-load.c function _dl_init_paths
- To: libc-alpha at sources dot redhat dot com
- Subject: [kubicek@bitsmart.com] libc/2039: Bug+fix, ld-linux.so.2 segmentation fault, file elf/dl-load.c function _dl_init_paths
- From: Andreas Jaeger <aj at suse dot de>
- Date: 23 Jan 2001 09:39:10 +0100
- Cc: kubicek at bitsmart dot com
According to the manual the fix is correct, here's a patch. Ok to
commit?
Btw. I made a grep through the whole of glibc and didn't notice any
other problems.
Andreas
2001-01-23 Andreas Jaeger <aj@suse.de>
* elf/dl-load.c (_dl_init_paths): Don't use strdupa in function
arguments. Reported by Jiri Kubicek <kubicek@bitsmart.com>,
closes PR libc/2039.
============================================================
Index: elf/dl-load.c
--- elf/dl-load.c 2001/01/12 17:03:52 1.157
+++ elf/dl-load.c 2001/01/23 08:36:47
@@ -667,6 +667,7 @@
{
size_t nllp;
const char *cp = llp;
+ char *llp_tmp = strdupa (llp);
/* Decompose the LD_LIBRARY_PATH contents. First determine how many
elements it has. */
@@ -684,7 +685,7 @@
_dl_signal_error (ENOMEM, NULL,
N_("cannot create cache for search path"));
- (void) fillin_rpath (strdupa (llp), env_path_list.dirs, ":;",
+ (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
__libc_enable_secure, "LD_LIBRARY_PATH", NULL);
if (env_path_list.dirs[0] == NULL)
Subject: Topics
Topics:
libc/2039: Bug+fix, ld-linux.so.2 segmentation fault, file elf/dl-load.c function _dl_init_paths
- To: libc-gnats at gnu dot org, gnats-admin at gnu dot org
- Subject: libc/2039: Bug+fix, ld-linux.so.2 segmentation fault, file elf/dl-load.c function _dl_init_paths
- From: kubicek at bitsmart dot com
- Date: Tue, 23 Jan 2001 02:35:53 -0500
>Number: 2039
>Category: libc
>Synopsis: Bug+fix, ld-linux.so.2 segmentation fault, file elf/dl-load.c function _dl_init_paths
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: libc-gnats
>State: open
>Quarter:
>Keywords:
>Class: sw-bug
>Submitter-Id: gnatsweb
>Arrival-Date: Tue Jan 23 02:35:53 -0500 2001
>Cases:
>Originator: kubicek@bitsmart.com
>Release: glibc-2.2
>Organization:
>Environment:
i586-pc-linux-gnu
>Description:
After building the library, `make check' fails, ld-linux.so.2 causes segmentation fault:
/usr/src/glibc-2.2-obj/elf/ld-linux.so.2 --library-path /usr/src/glibc-2.2-obj:/usr/src/glibc-2.2-obj/math:/usr/src/glibc-2.2-obj/elf:/usr/src/glibc-2.2-obj/dlfcn:/usr/src/glibc-2.2-obj/nss:/usr/src/glibc-2.2-obj/nis:/usr/src/glibc-2.2-obj/rt:/usr/src/glibc-2.2-obj/resolv:/usr/src/glibc-2.2-obj/crypt:/usr/src/glibc-2.2-obj/linuxthreads /usr/src/glibc-2.2-obj/sunrpc/rpcgen -Y `gcc -print-file-name=cpp | sed "s|/cpp$||"` -c rpcsvc/bootparam_prot.x -o /usr/src/glibc-2.2-obj/sunrpc/xbootparam_prot.T
>How-To-Repeat:
...not necessary, fix follows
>Fix:
File elf/dl-load.c, line 687, function _dl_init_paths calls another function this way:
(void) fillin_rpath (strdupa (llp), env_path_list.dirs, ":;",__libc_enable_secure, "LD_LIBRARY_PATH", NULL);
Macro `strdupa' duplicates string on the stack and must not be called inside the function arguments, otherwise the stack contents in the called function `fillin_rpath' is unpredictable. The string llp should be strdupa()-ed to a temporary variable and this variable should be used as a first agument of fillin_rpath.
By the way, creating debuggable ld-linux.so.2 (GNU gdb 5.0 under i586-pc-linux-gnu) was difficult, the debugger normally can't access memory where the ld-linux.so.2 runs. Any hint in the FAQ would be fine.
Sincerelly
Jiri Kubicek
>Unformatted:
--
Andreas Jaeger
SuSE Labs aj@suse.de
private aj@arthur.inka.de
http://www.suse.de/~aj