Version parsing sanity check for dl_osinfo

Daniel Jacobowitz drow@mvista.com
Sat Nov 1 19:28:00 GMT 2003


One of our users used an EXTRAVERSION starting with a dot when he compiled
his kernel.  The version was 2.4.22.2003-10-30, which works out to
516.22.2003 in this parsing routine.  The extra check is just a couple of
cycles at application startup, so I think it's reasonable to be paranoid
here.

Is this OK?

-- 
Daniel Jacobowitz
MontaVista Software                         Debian GNU/Linux Developer

2003-11-01  Daniel Jacobowitz  <dan@debian.org>

	* sysdeps/unix/sysv/linux/dl-osinfo.h (DL_SYSDEP_OSCHECK): Don't
	parse more than three parts of the version number.

--- glibc-2.3.2/sysdeps/unix/sysv/linux/dl-osinfo.h.orig	2003-11-01 14:20:45.000000000 -0500
+++ glibc-2.3.2/sysdeps/unix/sysv/linux/dl-osinfo.h	2003-11-01 14:21:32.000000000 -0500
@@ -91,7 +91,7 @@
 	    version <<= 8;						      \
 	    version |= here;						      \
 									      \
-	    if (*cp++ != '.')						      \
+	    if (*cp++ != '.' || parts == 3)				      \
 	      /* Another part following?  */				      \
 	      break;							      \
 	  }								      \



More information about the Libc-alpha mailing list