From c527fd1f14c27855a37f2e8ac5346ce8d940ced2 Mon Sep 17 00:00:00 2001 From: Tudor Florea Date: Thu, 16 Oct 2014 03:05:19 +0200 Subject: initial commit for Enea Linux 4.0-140929 Migrated from the internal git server on the daisy-enea-point-release branch Signed-off-by: Tudor Florea --- .../eglibc-2.19/relocatable_sdk_fix_openpath.patch | 41 ++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 meta/recipes-core/eglibc/eglibc-2.19/relocatable_sdk_fix_openpath.patch (limited to 'meta/recipes-core/eglibc/eglibc-2.19/relocatable_sdk_fix_openpath.patch') diff --git a/meta/recipes-core/eglibc/eglibc-2.19/relocatable_sdk_fix_openpath.patch b/meta/recipes-core/eglibc/eglibc-2.19/relocatable_sdk_fix_openpath.patch new file mode 100644 index 0000000000..f164f8f9ae --- /dev/null +++ b/meta/recipes-core/eglibc/eglibc-2.19/relocatable_sdk_fix_openpath.patch @@ -0,0 +1,41 @@ +Upstream-Status: Inappropriate [SDK specific] + +eglibc-nativesdk: Fix buffer overrun with a relocated SDK + +When ld-linux-*.so.2 is relocated to a path that is longer than the +original fixed location, the dynamic loader will crash in open_path +because it implicitly assumes that max_dirnamelen is a fixed size that +never changes. + +The allocated buffer will not be large enough to contain the directory +path string which is larger than the fixed location provided at build +time. + +Signed-off-by: Jason Wessel + +--- + elf/dl-load.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -1919,7 +1919,19 @@ open_path (const char *name, size_t name + given on the command line when rtld is run directly. */ + return -1; + ++ do ++ { ++ struct r_search_path_elem *this_dir = *dirs; ++ if (this_dir->dirnamelen > max_dirnamelen) ++ { ++ max_dirnamelen = this_dir->dirnamelen; ++ } ++ } ++ while (*++dirs != NULL); ++ + buf = alloca (max_dirnamelen + max_capstrlen + namelen); ++ ++ dirs = sps->dirs; + do + { + struct r_search_path_elem *this_dir = *dirs; -- cgit v1.2.3-54-g00ecf