This is the mail archive of the
mailing list for the glibc project.
Re: [PATCH][BUG 18093] Fix ldconfig segmentation fault with corrupted cache
- From: Aurelien Jarno <aurelien at aurel32 dot net>
- To: GNU C Library <libc-alpha at sourceware dot org>
- Date: Mon, 9 Mar 2015 21:20:11 +0100
- Subject: Re: [PATCH][BUG 18093] Fix ldconfig segmentation fault with corrupted cache
- Authentication-results: sourceware.org; auth=none
- References: <20150308204637 dot GA21863 at aurel32 dot net> <CAFbHwiQ==YgtDGh++oDakuWfP1ACcKMdz34saw52qoJNnb0Yag at mail dot gmail dot com>
On 2015-03-09 13:37, Will Newton wrote:
> On Sun, Mar 8, 2015 at 8:46 PM, Aurelien Jarno <firstname.lastname@example.org> wrote:
> > ldconfig is using an aux-cache to speed up the ld.so.cache update. It
> > is read by mmaping the file to a structure which contains data offsets
> > used as pointers. As they are not checked, it is not hard to get
> > ldconfig to segfault with a corrupted file. This happens for instance if
> > the file is truncated, which is common following a filesystem check
> > following a system crash.
> A similar issue can also occur with qemu user running e.g. big endian
> binaries on a little endian host. I don't know if there is a good fix
> for that (or even if it is worth coming up with one).
This patch would likely workaround the issue for the aux-cache. The
sizes read from the file are inconsistent in such case, and thus the
file would be regenerated. Not very nice from the performance point of
view, but that should work.
That said I guess that there is the same problem at the ld.so.cache
level, and this patch will not help for that.
Aurelien Jarno GPG: 4096R/1DDD8C9B