diff options
author | Florian Weimer <fweimer@redhat.com> | 2018-06-27 17:55:55 +0200 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2018-06-27 17:55:56 +0200 |
commit | 92d6aa8528f2ddab2361bc160a96b9cd3c497a11 (patch) | |
tree | 5914941e1df8cc69977d96397f80e230e381d543 | |
parent | 890c2ced35cfbf2de7d787fd37caf23d250da531 (diff) | |
download | glibc-92d6aa8528f2ddab2361bc160a96b9cd3c497a11.tar.gz glibc-92d6aa8528f2ddab2361bc160a96b9cd3c497a11.tar.xz glibc-92d6aa8528f2ddab2361bc160a96b9cd3c497a11.zip |
_dl_map_object_deps: Use struct scratch_buffer [BZ #18023]
The function comment suggests that _dl_map_object_deps cannot use malloc, but it already allocates the l_initfini array on the heap, so the additional allocation should be acceptable.
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | elf/dl-deps.c | 28 |
2 files changed, 22 insertions, 12 deletions
diff --git a/ChangeLog b/ChangeLog index b14f1cd29d..1a2a7f8c62 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,12 @@ 2018-06-27 Florian Weimer <fweimer@redhat.com> [BZ #18023] + * elf/dl-deps.c (_dl_map_object_deps): Use struct + scratch_buffer instead of extend_alloca. + +2018-06-27 Florian Weimer <fweimer@redhat.com> + + [BZ #18023] * sysdeps/unix/sysv/linux/gethostid.c (gethostid): Use struct scratch_buffer instead of extend_alloca. Update comments. diff --git a/elf/dl-deps.c b/elf/dl-deps.c index 20b8e94f2e..9d9b1ba7f2 100644 --- a/elf/dl-deps.c +++ b/elf/dl-deps.c @@ -27,6 +27,7 @@ #include <unistd.h> #include <sys/param.h> #include <ldsodefs.h> +#include <scratch_buffer.h> #include <dl-dst.h> @@ -181,9 +182,8 @@ _dl_map_object_deps (struct link_map *map, /* Pointer to last unique object. */ tail = &known[nlist - 1]; - /* No alloca'd space yet. */ - struct link_map **needed_space = NULL; - size_t needed_space_bytes = 0; + struct scratch_buffer needed_space; + scratch_buffer_init (&needed_space); /* Process each element of the search list, loading each of its auxiliary objects and immediate dependencies. Auxiliary objects @@ -213,13 +213,12 @@ _dl_map_object_deps (struct link_map *map, if (l->l_searchlist.r_list == NULL && l->l_initfini == NULL && l != map && l->l_ldnum > 0) { - size_t new_size = l->l_ldnum * sizeof (struct link_map *); - - if (new_size > needed_space_bytes) - needed_space - = extend_alloca (needed_space, needed_space_bytes, new_size); - - needed = needed_space; + /* l->l_ldnum includes space for the terminating NULL. */ + if (!scratch_buffer_set_array_size + (&needed_space, l->l_ldnum, sizeof (struct link_map *))) + _dl_signal_error (ENOMEM, map->l_name, NULL, + N_("cannot allocate dependency buffer")); + needed = needed_space.data; } if (l->l_info[DT_NEEDED] || l->l_info[AUXTAG] || l->l_info[FILTERTAG]) @@ -438,8 +437,11 @@ _dl_map_object_deps (struct link_map *map, struct link_map **l_initfini = (struct link_map **) malloc ((2 * nneeded + 1) * sizeof needed[0]); if (l_initfini == NULL) - _dl_signal_error (ENOMEM, map->l_name, NULL, - N_("cannot allocate dependency list")); + { + scratch_buffer_free (&needed_space); + _dl_signal_error (ENOMEM, map->l_name, NULL, + N_("cannot allocate dependency list")); + } l_initfini[0] = l; memcpy (&l_initfini[1], needed, nneeded * sizeof needed[0]); memcpy (&l_initfini[nneeded + 1], l_initfini, @@ -457,6 +459,8 @@ _dl_map_object_deps (struct link_map *map, } out: + scratch_buffer_free (&needed_space); + if (errno == 0 && errno_saved != 0) __set_errno (errno_saved); |