+2015-04-17 Roland McGrath <roland@hack.frob.com>
+
+ * elf/dl-open.c (_dl_open): Use __glibc_unlikely in invalid namespace
+ check. Reject NSID < 0 and NSID >= dl_nns, and check for DL_NNS==1,
+ before using NSID as an index.
+
2015-04-17 Il'ya Malakhov <ilmalakhov@yandex.ru>
[BZ #17825]
struct link_map *l = _dl_find_dso_for_object ((ElfW(Addr)) caller_dlopen);
if (l)
- call_map = l;
+ call_map = l;
if (args->nsid == __LM_ID_CALLER)
args->nsid = call_map->l_ns;
/* Never allow loading a DSO in a namespace which is empty. Such
direct placements is only causing problems. Also don't allow
loading into a namespace used for auditing. */
- else if (__builtin_expect (nsid != LM_ID_BASE && nsid != __LM_ID_CALLER, 0)
- && (GL(dl_ns)[nsid]._ns_nloaded == 0
+ else if (__glibc_unlikely (nsid != LM_ID_BASE && nsid != __LM_ID_CALLER)
+ && (__glibc_unlikely (nsid < 0 || nsid >= GL(dl_nns))
+ /* This prevents the [NSID] index expressions from being
+ evaluated, so the compiler won't think that we are
+ accessing an invalid index here in the !SHARED case where
+ DL_NNS is 1 and so any NSID != 0 is invalid. */
+ || DL_NNS == 1
+ || GL(dl_ns)[nsid]._ns_nloaded == 0
|| GL(dl_ns)[nsid]._ns_loaded->l_auditing))
_dl_signal_error (EINVAL, file, NULL,
N_("invalid target namespace in dlmopen()"));
git://sourceware.org / glibc.git / commitdiff