This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/18093] New: Corrupted aux-cache causes ldconfig to segfault
- From: "aurelien at aurel32 dot net" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Sun, 08 Mar 2015 20:46:14 +0000
- Subject: [Bug libc/18093] New: Corrupted aux-cache causes ldconfig to segfault
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=18093
Bug ID: 18093
Summary: Corrupted aux-cache causes ldconfig to segfault
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: aurelien at aurel32 dot net
CC: drepper.fsp at gmail dot com
ldconfig is using an aux-cache to speed up the ld.so.cache update. It is read
by mmaping the file to a structure which contains data offsets used as
pointers. As they are not checked, it is not hard to get ldconfig to segfault
with a corrupted file. This happens for instance if the file is truncated,
which is common following a filesystem check after system crash.
This can be reproduced for example by truncating the file to roughly half of
it's size.
There is already in some code in elf/cache.c (load_aux_cache) to check for a
corrupted aux cache, but it happens not to be enough.
Patch to fix that will follow on the mailing list.
--
You are receiving this mail because:
You are on the CC list for the bug.