about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog18
-rw-r--r--elf/ldconfig.h3
-rw-r--r--elf/readlib.c17
-rw-r--r--sysdeps/generic/readelflib.c26
-rw-r--r--sysdeps/unix/sysv/linux/sparc/readelflib.c14
5 files changed, 64 insertions, 14 deletions
diff --git a/ChangeLog b/ChangeLog
index 0539897ddf..2dfc87dd4d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,21 @@
+2000-05-26  Andreas Jaeger  <aj@suse.de>
+
+	* elf/ldconfig.h: Update parameter list for process_elf_file.
+
+	* sysdeps/unix/sysv/linux/sparc/readelflib.c (process_elf_file):
+	Add parameter file_length and pass it ot process_elf*file.
+
+	* sysdeps/generic/readelflib.c (check_ptr): New.
+	(process_elf_file): Use check_ptr to check all accesses to the
+	mmapped file. Add parameter file_length.
+
+	* elf/readlib.c (known_libs): Use <gnu/lib-names.h> to specify
+	library names.
+
+	* sunrpc/xdr_intXX_t.c (xdr_uint8_t): Fix conversion.
+	Closes PR libc/1573, reported by Bradley White
+	<bww@laurelnetworks.com>.
+
 2000-05-25  Ulrich Drepper  <drepper@redhat.com>
 
 	* sysdeps/i386/fpu/bits/mathinline.h: Define expm1 inline only if
diff --git a/elf/ldconfig.h b/elf/ldconfig.h
index ecdbb14883..a94df64ad0 100644
--- a/elf/ldconfig.h
+++ b/elf/ldconfig.h
@@ -46,7 +46,8 @@ extern int process_file (const char *file_name, const char *lib, int *flag,
 
 /* Declared in readelflib.c.  */
 extern int process_elf_file (const char *file_name, const char *lib, int *flag,
-			     char **soname, void *file_contents);
+			     char **soname, void *file_contents,
+			     size_t file_length);
 
 
 /* Declared in ldconfig.c.  */
diff --git a/elf/readlib.c b/elf/readlib.c
index 580d802301..1914267b93 100644
--- a/elf/readlib.c
+++ b/elf/readlib.c
@@ -35,6 +35,7 @@
 
 #include <sys/mman.h>
 #include <sys/stat.h>
+#include <gnu/lib-names.h>
 
 #include "ldconfig.h"
 
@@ -49,23 +50,26 @@ struct known_names
 
 static struct known_names interpreters [] =
 {
-  {"/lib/ld-linux.so.2", FLAG_ELF_LIBC6},
+  {"/lib/" LD_LINUX_SO, FLAG_ELF_LIBC6},
   {"/lib/ld-linux.so.1", FLAG_ELF_LIBC5}
 };
 
 static struct known_names known_libs [] =
 {
-  {"libc.so.6", FLAG_ELF_LIBC6},
+  /* Old names:  */
   {"libc.so.5", FLAG_ELF_LIBC5},
-  {"libm.so.6", FLAG_ELF_LIBC6},
-  {"libm.so.5", FLAG_ELF_LIBC5}
+  {"libm.so.5", FLAG_ELF_LIBC5},
+  /* Current names:  */
+  {LIBC_SO, FLAG_ELF_LIBC6},
+  {LIBM_SO, FLAG_ELF_LIBC6}
 };
 
 
 
 /* Returns 0 if everything is ok, != 0 in case of error.  */
 int
-process_file (const char *file_name, const char *lib, int *flag, char **soname, int is_link)
+process_file (const char *file_name, const char *lib, int *flag,
+	      char **soname, int is_link)
 {
   FILE *file;
   struct stat statbuf;
@@ -156,7 +160,8 @@ process_file (const char *file_name, const char *lib, int *flag, char **soname,
       goto done;
     }
 
-  if (process_elf_file (file_name, lib, flag, soname, file_contents))
+  if (process_elf_file (file_name, lib, flag, soname, file_contents,
+			statbuf.st_size))
     ret = 1;
 
  done:
diff --git a/sysdeps/generic/readelflib.c b/sysdeps/generic/readelflib.c
index 645c9124a9..270c9b00a5 100644
--- a/sysdeps/generic/readelflib.c
+++ b/sysdeps/generic/readelflib.c
@@ -23,10 +23,24 @@
    which need to handle both 32bit and 64bit ELF libraries,  this file is
    included twice for each arch size.  */
 
+/* check_ptr checks that a pointer is in the mmaped file and doesn't
+   point outside it.  */
+#define check_ptr(ptr)						\
+do								\
+  {								\
+    if ((void *)(ptr) < file_contents				\
+	|| (void *)(ptr) > (file_contents+file_length))		\
+      {								\
+	error (0, 0, _("file %s is truncated\n"), file_name);	\
+	return 1;						\
+      }								\
+  }								\
+ while (0);
+ 
 /* Returns 0 if everything is ok, != 0 in case of error.  */
 int
-process_elf_file (const char *file_name, const char *lib, int *flag, char **soname,
-		  void *file_contents)
+process_elf_file (const char *file_name, const char *lib, int *flag,
+		  char **soname, void *file_contents, size_t file_length)
 {
   int i;
   unsigned int j;
@@ -65,6 +79,7 @@ process_elf_file (const char *file_name, const char *lib, int *flag, char **sona
   
   /* Get information from elf program header.  */
   elf_pheader = (ElfW(Phdr) *) (elf_header->e_phoff + file_contents);
+  check_ptr (elf_pheader);
 
   /* The library is an elf library, now search for soname and
      libc5/libc6.  */
@@ -77,6 +92,8 @@ process_elf_file (const char *file_name, const char *lib, int *flag, char **sona
   for (i = 0, segment = elf_pheader;
        i < elf_header->e_phnum; i++, segment++)
     {
+      check_ptr (segment);
+
       switch (segment->p_type)
 	{
 	case PT_LOAD:
@@ -94,6 +111,7 @@ process_elf_file (const char *file_name, const char *lib, int *flag, char **sona
 	  break;
 	case PT_INTERP:
 	  program_interpreter = (char *) (file_contents + segment->p_offset);
+	  check_ptr (program_interpreter);
 
 	  /* Check if this is enough to classify the binary.  */
 	  for (j = 0; j < sizeof (interpreters) / sizeof (interpreters [0]);
@@ -120,15 +138,18 @@ process_elf_file (const char *file_name, const char *lib, int *flag, char **sona
     return 1;
   
   dynamic_segment = (ElfW(Dyn) *) (file_contents + dynamic_addr);
+  check_ptr (dynamic_segment);
 
   /* Find the string table.  */
   dynamic_strings = NULL;
   for (dyn_entry = dynamic_segment; dyn_entry->d_tag != DT_NULL;
        ++dyn_entry)
     {
+      check_ptr (dyn_entry);
       if (dyn_entry->d_tag == DT_STRTAB)
 	{
 	  dynamic_strings = (char *) (file_contents + dyn_entry->d_un.d_val - loadaddr);
+	  check_ptr (dynamic_strings);
 	  break;
 	}
     }
@@ -143,6 +164,7 @@ process_elf_file (const char *file_name, const char *lib, int *flag, char **sona
       if (dyn_entry->d_tag == DT_NEEDED || dyn_entry->d_tag == DT_SONAME)
 	{
 	  char *name = dynamic_strings + dyn_entry->d_un.d_val;
+	  check_ptr (name);
 
 	  if (dyn_entry->d_tag == DT_NEEDED)
 	    {
diff --git a/sysdeps/unix/sysv/linux/sparc/readelflib.c b/sysdeps/unix/sysv/linux/sparc/readelflib.c
index d956ad90f6..f5006278bb 100644
--- a/sysdeps/unix/sysv/linux/sparc/readelflib.c
+++ b/sysdeps/unix/sysv/linux/sparc/readelflib.c
@@ -20,23 +20,27 @@
 
 
 int process_elf32_file (const char *file_name, const char *lib, int *flag,
-			char **soname, void *file_contents);
+			char **soname, void *file_contents,
+			size_t file_length);
 int process_elf64_file (const char *file_name, const char *lib, int *flag,
-			char **soname, void *file_contents);
+			char **soname, void *file_contents,
+			size_t file_length);
 
 /* Returns 0 if everything is ok, != 0 in case of error.  */
 int
 process_elf_file (const char *file_name, const char *lib, int *flag,
-		  char **soname, void *file_contents)
+		  char **soname, void *file_contents, size_t file_length)
 {
   ElfW(Ehdr) *elf_header = (ElfW(Ehdr) *) file_contents;
   int ret;
 
   if (elf_header->e_ident [EI_CLASS] == ELFCLASS32)
-    return process_elf32_file (file_name, lib, flag, soname, file_contents);
+    return process_elf32_file (file_name, lib, flag, soname, file_contents,
+			       file_length);
   else
     {
-      ret = process_elf64_file (file_name, lib, flag, soname, file_contents);
+      ret = process_elf64_file (file_name, lib, flag, soname, file_contents,
+				file_length);
       /* Sparc 64bit libraries are always libc.so.6+.  */
       if (!ret)
 	*flag = FLAG_SPARC_LIB64|FLAG_ELF_LIBC6;