This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

dl-load.c in glibc-2.2 branch


This fixes an off-by-one that causes crashes due to reading past EOS,
triggered by the changes in _dl_dst_count and _dl_dst_substitute.

Andreas.

2002-02-04  Andreas Schwab  <schwab@suse.de>

	* elf/dl-load.c (is_dst): Fix return value as expected by caller.

--- elf/dl-load.c.~1.184.2.2.~	Mon Feb  4 11:29:04 2002
+++ elf/dl-load.c	Mon Feb  4 16:26:48 2002
@@ -165,16 +165,16 @@
   size_t len;
 
   if (strncmp (name, str, cmplen) == 0)
-    len = cmplen + 1;
+    len = cmplen;
   else if (strncmp (name, str + 1, cmplen - 2) == 0
 	   && (name[cmplen - 2] == '\0' || name[cmplen - 2] == '/'
 	       || (is_path && name[cmplen - 2] == ':')))
-    len = cmplen - 1;
+    len = cmplen - 2;
   else
     return 0;
 
   if (__builtin_expect (secure, 0)
-      && ((name[len - 1] != '\0' && (!is_path || name[len - 1] != ':'))
+      && ((name[len] != '\0' && (!is_path || name[len] != ':'))
 	  || (name != start + 1 && (!is_path || name[-2] != ':'))))
     return 0;
 

-- 
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE GmbH, Deutschherrnstr. 15-19, D-90429 Nürnberg
Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]