diff options
author | Paul Pluzhnikov <ppluzhnikov@google.com> | 2018-05-05 18:08:27 -0700 |
---|---|---|
committer | Paul Pluzhnikov <ppluzhnikov@google.com> | 2018-05-05 18:08:27 -0700 |
commit | 0065aaaaae51cd60210ec3a7e13dddd8e01ffe2c (patch) | |
tree | fb1f587dbe38029797cdf5b3779b51b7cea3d680 /elf/tst-big-note-lib.S | |
parent | b289cd9db8286fa6c670104dd5dfcfc68d5d00d6 (diff) | |
download | glibc-0065aaaaae51cd60210ec3a7e13dddd8e01ffe2c.tar.gz glibc-0065aaaaae51cd60210ec3a7e13dddd8e01ffe2c.tar.xz glibc-0065aaaaae51cd60210ec3a7e13dddd8e01ffe2c.zip |
Fix BZ 20419. A PT_NOTE in a binary could be arbitratily large, so using
alloca for it may cause stack overflow. If the note is larger than __MAX_ALLOCA_CUTOFF, use dynamically allocated memory to read it in. 2018-05-05 Paul Pluzhnikov <ppluzhnikov@google.com> [BZ #20419] * elf/dl-load.c (open_verify): Fix stack overflow. * elf/Makefile (tst-big-note): New test. * elf/tst-big-note-lib.S: New. * elf/tst-big-note.c: New.
Diffstat (limited to 'elf/tst-big-note-lib.S')
-rw-r--r-- | elf/tst-big-note-lib.S | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/elf/tst-big-note-lib.S b/elf/tst-big-note-lib.S new file mode 100644 index 0000000000..6b514a03cc --- /dev/null +++ b/elf/tst-big-note-lib.S @@ -0,0 +1,26 @@ +/* Bug 20419: test for stack overflow in elf/dl-load.c open_verify() + Copyright (C) 2018 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +/* This creates a .so with 8MiB PT_NOTE segment. + On a typical Linux system with 8MiB "ulimit -s", that was enough + to trigger stack overflow in open_verify. */ + +.pushsection .note.big,"a" +.balign 4 +.fill 8*1024*1024, 1, 0 +.popsection |