[PATCH] elf: Assert range of ns argument in _dl_debug_initialize
Florian Weimer
fweimer@redhat.com
Mon Jun 28 08:31:21 GMT 2021
* Carlos O'Donell:
> On 6/27/21 6:51 PM, Florian Weimer wrote:
>> * Carlos O'Donell:
>>
>>>> diff --git a/elf/dl-debug.c b/elf/dl-debug.c
>>>> index 2cd5f09753..85b087455e 100644
>>>> --- a/elf/dl-debug.c
>>>> +++ b/elf/dl-debug.c
>>>> @@ -16,6 +16,8 @@
>>>> License along with the GNU C Library; if not, see
>>>> <https://www.gnu.org/licenses/>. */
>>>>
>>>> +#include <array_length.h>
>>>> +#include <assert.h>
>>>> #include <ldsodefs.h>
>>>>
>>>>
>>>> @@ -49,7 +51,11 @@ _dl_debug_initialize (ElfW(Addr) ldbase, Lmid_t ns)
>>>> if (ns == LM_ID_BASE)
>>>> r = &_r_debug;
>>>> else
>>>> - r = &GL(dl_ns)[ns]._ns_debug;
>>>> + {
>>>> + assert (ns >= 0);
>>>> + assert (ns < array_length (GL (dl_ns)));
>>>
>>> The check in _dl_map_object is:
>>> assert (nsid >= 0);
>>> assert (nsid < GL(dl_nns));
>>>
>>> Should we be consistent one way or the other?
>>
>> I wasn't sure if _dl_debug_initialize can be called with a
>> not-yet-allocated (or already-deallocated) namespace ID. _dl_map_object
>> is somewhat higher-level, so it's not surprising that it expects an
>> active ID. An out-of-bounds array access is clearly invalid, though.
>
> Assert on the tighter bound and we'll see? :-)
Do we do things this way?
I'm mainly interested in catching the LM_ID_NEWLM case, to be honest.
Thanks,
Florian
More information about the Libc-alpha
mailing list