From: Khem Raj <raj.khem@gmail.com>
To: openembedded-core@lists.openembedded.org
Subject: [PATCH 5/5] musl: Fix out of bounds data access in dlopen
Date: Thu, 28 Feb 2019 19:21:12 -0800 [thread overview]
Message-ID: <20190301032112.38191-5-raj.khem@gmail.com> (raw)
In-Reply-To: <20190301032112.38191-1-raj.khem@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
.../musl/musl/out_of_bounds_read.patch | 20 +++++++++++++++++++
meta/recipes-core/musl/musl_git.bb | 1 +
2 files changed, 21 insertions(+)
create mode 100644 meta/recipes-core/musl/musl/out_of_bounds_read.patch
diff --git a/meta/recipes-core/musl/musl/out_of_bounds_read.patch b/meta/recipes-core/musl/musl/out_of_bounds_read.patch
new file mode 100644
index 0000000000..a681cc284e
--- /dev/null
+++ b/meta/recipes-core/musl/musl/out_of_bounds_read.patch
@@ -0,0 +1,20 @@
+Fix out of bounds read
+
+self->dtv hasn't been extended yet
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+diff --git a/ldso/dynlink.c b/ldso/dynlink.c
+index e2c3259f..b23ea0df 100644
+--- a/ldso/dynlink.c
++++ b/ldso/dynlink.c
+@@ -1374,7 +1376,7 @@ static void install_new_tls(void)
+ }
+ /* Install new dtls into the enlarged, uninstalled dtv copies. */
+ for (p=head; ; p=p->next) {
+- if (!p->tls_id || self->dtv[p->tls_id]) continue;
++ if (p->tls_id <= old_cnt) continue;
+ unsigned char *mem = p->new_tls;
+ for (j=0; j<i; j++) {
+ unsigned char *new = mem;
diff --git a/meta/recipes-core/musl/musl_git.bb b/meta/recipes-core/musl/musl_git.bb
index f1052278c8..6a72b7d3bc 100644
--- a/meta/recipes-core/musl/musl_git.bb
+++ b/meta/recipes-core/musl/musl_git.bb
@@ -15,6 +15,7 @@ PV = "${BASEVER}+git${SRCPV}"
SRC_URI = "git://git.musl-libc.org/musl \
file://0001-Make-dynamic-linker-a-relative-symlink-to-libc.patch \
file://0002-ldso-Use-syslibdir-and-libdir-as-default-pathes-to-l.patch \
+ file://out_of_bounds_read.patch \
"
S = "${WORKDIR}/git"
--
2.21.0
prev parent reply other threads:[~2019-03-01 3:21 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-01 3:21 [PATCH V3 1/5] bitbake.conf: Use -Og in DEBUG_OPTIMIZATION Khem Raj
2019-03-01 3:21 ` [PATCH V2 2/5] glibc: Disable Werror when building with debug options Khem Raj
2019-03-01 3:21 ` [PATCH 3/5] bitbake.conf: Drop -fno-omit-frame-pointer Khem Raj
2019-03-01 3:21 ` [PATCH 4/5] perf: Set libunwind dir explicitly to point into staging sysroot Khem Raj
2019-03-01 3:21 ` Khem Raj [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190301032112.38191-5-raj.khem@gmail.com \
--to=raj.khem@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox