[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug in elf/dl-close.c function _dl_close(void *) libc Version 2.2.
From: |
Andreas Schwab |
Subject: |
Re: Bug in elf/dl-close.c function _dl_close(void *) libc Version 2.2.2 |
Date: |
20 Nov 2001 17:58:57 +0100 |
User-agent: |
Gnus/5.090003 (Oort Gnus v0.03) Emacs/21.1.30 |
Guenter Jung <address@hidden> writes:
|> Hi,
|>
|> in version 2.2.2 of glibc there's a bug in elf/dl-close.c which leads
|> to a potential segfault when a library loaded via dlopen uses dlopen
|> to load another one and closes that library later.
|>
|> The bug is in function _dl_close near line 308:
|>
|> if (__builtin_expect (imap->l_reldeps != NULL, 0))
|> {
|> struct reldep_list *newrel;
|>
|> newrel = (struct reldep_list *) alloca (sizeof (*reldeps));
|> !!!! newrel->rellist = map->l_reldeps;
|> !!!! ^^^ this should be imap
|> !!!! newrel->nrellist = map->l_reldepsact;
|> !!!! ^^^ this should be imap
Thanks, this is already fixed. Current version is glibc 2.2.4.
Andreas.
--
Andreas Schwab "And now for something
address@hidden completely different."
SuSE Labs, SuSE GmbH, Schanzäckerstr. 10, D-90443 Nürnberg
Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5