From 171a70b4c0173533f6f803ec6bc8c2ed910cc468 Mon Sep 17 00:00:00 2001 From: Paul Pluzhnikov Date: Wed, 2 May 2012 14:35:30 -0700 Subject: [PATCH] For PR 14055, add bounds check to _dl_show_auxv(). --- ChangeLog | 5 +++++ NEWS | 2 +- elf/dl-sysdep.c | 6 ++++-- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5e4ce0d..bcca473 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2012-05-02 Paul Pluzhnikov + + [BZ #14055] + * elf/dl-sysdep.c (_dl_show_auxv): Add bounds check. + 2012-05-02 Andreas Jaeger * math/Makefile (CPPFLAGS-test-ildoubl.c): Add -frounding-math diff --git a/NEWS b/NEWS index aebe791..12045f6 100644 --- a/NEWS +++ b/NEWS @@ -23,7 +23,7 @@ Version 2.16 13873, 13879, 13883, 13886, 13892, 13895, 13908, 13910, 13911, 13912, 13913, 13915, 13916, 13917, 13918, 13919, 13920, 13921, 13924, 13926, 13927, 13928, 13938, 13941, 13942, 13963, 13967, 13970, 13973, 14027, - 14033, 14034, 14040 + 14033, 14034, 14040, 14055 * ISO C11 support: diff --git a/elf/dl-sysdep.c b/elf/dl-sysdep.c index 1cb4460..ea505a6 100644 --- a/elf/dl-sysdep.c +++ b/elf/dl-sysdep.c @@ -1,5 +1,5 @@ /* Operating system support for run-time dynamic linker. Generic Unix version. - Copyright (C) 1995-1998,2000-2008,2009,2010 + Copyright (C) 1995-1998,2000-2010,2012 Free Software Foundation, Inc. This file is part of the GNU C Library. @@ -303,7 +303,9 @@ _dl_show_auxv (void) }; unsigned int idx = (unsigned int) (av->a_type - 2); - if ((unsigned int) av->a_type < 2u || auxvars[idx].form == ignore) + if ((unsigned int) av->a_type < 2u + || (idx < sizeof (auxvars) / sizeof (auxvars[0]) + && auxvars[idx].form == ignore)) continue; assert (AT_NULL == 0); -- 2.7.4