diff options
| author | Konstantin Belousov <kib@FreeBSD.org> | 2012-03-12 10:36:03 +0000 |
|---|---|---|
| committer | Konstantin Belousov <kib@FreeBSD.org> | 2012-03-12 10:36:03 +0000 |
| commit | 5eab36f290bedc8ef7b7f5ac0f4aa4dbc0ca4341 (patch) | |
| tree | c2f87f15534ed17b42568491051d8041f734c753 /libexec | |
| parent | c8b31c8f20d23786fc1798d8840ae47e53feefc7 (diff) | |
| download | src-5eab36f290bedc8ef7b7f5ac0f4aa4dbc0ca4341.tar.gz src-5eab36f290bedc8ef7b7f5ac0f4aa4dbc0ca4341.zip | |
When iterating over the dso program headers, the object is not initialized
yet, and object segments are not yet mapped. Only parse the notes that
appear in the first page of the dso (as it should be anyway), and use
the preloaded page content.
Reported and tested by: stass
MFC after: 20 days
Notes
Notes:
svn path=/head/; revision=232856
Diffstat (limited to 'libexec')
| -rw-r--r-- | libexec/rtld-elf/map_object.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/libexec/rtld-elf/map_object.c b/libexec/rtld-elf/map_object.c index d2405750bb9f..f142819f261a 100644 --- a/libexec/rtld-elf/map_object.c +++ b/libexec/rtld-elf/map_object.c @@ -149,7 +149,10 @@ map_object(int fd, const char *path, const struct stat *sb) break; case PT_NOTE: - note_start = (Elf_Addr)obj->relocbase + phdr->p_offset; + if (phdr->p_offset > PAGE_SIZE || + phdr->p_offset + phdr->p_filesz > PAGE_SIZE) + break; + note_start = (Elf_Addr)(char *)hdr + phdr->p_offset; note_end = note_start + phdr->p_filesz; digest_notes(obj, note_start, note_end); break; |