This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug dynamic-link/20802] New: getauxval NULL pointer dereference after static dlopen
- From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Thu, 10 Nov 2016 16:23:09 +0000
- Subject: [Bug dynamic-link/20802] New: getauxval NULL pointer dereference after static dlopen
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=20802
Bug ID: 20802
Summary: getauxval NULL pointer dereference after static dlopen
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: dynamic-link
Assignee: unassigned at sourceware dot org
Reporter: fweimer at redhat dot com
Target Milestone: ---
Flags: security-
Created attachment 9620
--> https://sourceware.org/bugzilla/attachment.cgi?id=9620&action=edit
0001-Test-case-for-getauxval-after-static-dlopen.patch
The attached test case fails because _rtld_global_ro is not initialized after
static dlopen (beyond the static initializer), so GLRO (dl_auxv) is a NULL
pointer.
Backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7b41977 in __getauxval (type=25) at getauxval.c:36
36 for (p = GLRO(dl_auxv); p->a_type != AT_NULL; p++)
(gdb) bt
#0 0x00007ffff7b41977 in __getauxval (type=25) at getauxval.c:36
#1 0x00007ffff7df974f in getauxval_wrapper (type=type@entry=25,
errnop=errnop@entry=0x7fffffffdb2c)
at tst-auxvalmod.c:28
#2 0x0000000000401171 in do_test () at tst-getauxval-static.c:59
#3 0x00000000004007f7 in main (argc=<optimized out>, argv=<optimized out>) at
../test-skeleton.c:513
(gdb)
I think we need a way to inject this information into the inner libc, so I'm
putting this bug into the dynamic-link component.
--
You are receiving this mail because:
You are on the CC list for the bug.