qiurui
/
glibc
mirror of git://sourceware.org/git/glibc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
glibc/sysdeps
History
Adhemerval Zanella bcae44ea85 elf: Only process multiple tunable once (BZ 31686) 
The 680c597e9c commit made loader reject ill-formatted strings by
first tracking all set tunables and then applying them. However, it does
not take into consideration if the same tunable is set multiple times,
where parse_tunables_string appends the found tunable without checking
if it was already in the list. It leads to a stack-based buffer overflow
if the tunable is specified more than the total number of tunables.  For
instance:

  GLIBC_TUNABLES=glibc.malloc.check=2:... (repeat over the number of
  total support for different tunable).

Instead, use the index of the tunable list to get the expected tunable
entry.  Since now the initial list is zero-initialized, the compiler
might emit an extra memset and this requires some minor adjustment
on some ports.

Checked on x86_64-linux-gnu and aarch64-linux-gnu.

Reported-by: Yuto Maeda <maeda@cyberdefense.jp>
Reported-by: Yutaro Shimizu <shimizu@cyberdefense.jp>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
 		2024-05-07 12:16:36 -03:00
..
aarch64 elf: Only process multiple tunable once (BZ 31686) 2024-05-07 12:16:36 -03:00
alpha
arc
arm
csky
generic
gnu
hppa
htl
hurd
i386 i686: Fix multiple definitions of __memmove_chk and __memset_chk 2024-05-02 11:51:10 +01:00
ieee754
loongarch
m68k
mach
microblaze
mips
nios2
nptl
or1k or1k: Add hard float support 2024-05-03 18:28:18 +01:00
posix
powerpc powerpc: Optimized strncmp for power10 2024-05-06 09:01:29 -05:00
pthread Add crt1-2.0.o for glibc 2.0 compatibility tests 2024-05-06 07:49:40 -07:00
riscv
s390
sh
sparc elf: Only process multiple tunable once (BZ 31686) 2024-05-07 12:16:36 -03:00
unix or1k: Add hard float support 2024-05-03 18:28:18 +01:00
wordsize-32
wordsize-64
x86 x86: In ld.so, diagnose missing APX support in APX-only builds 2024-04-25 17:20:28 +02:00
x86_64