aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2020-06-15 09:50:14 +0200
committerFlorian Weimer <fweimer@redhat.com>2020-06-15 09:50:14 +0200
commite221c512c74ec42fd47b71de2981a475b38110a4 (patch)
tree546ddce4493cf48a2479f41ff5195536a9e11c0c
parentc1dcc541131bb090ddc792139545ffcd2511a1dc (diff)
downloadglibc-e221c512c74ec42fd47b71de2981a475b38110a4.zip
glibc-e221c512c74ec42fd47b71de2981a475b38110a4.tar.gz
glibc-e221c512c74ec42fd47b71de2981a475b38110a4.tar.bz2
ld.so: Check for new cache format first and enhance corruption check
Now that ldconfig defaults to the new format (only), check for it first. Also apply the corruption check added in commit 2954daf00bb4d ("Add more checks for valid ld.so.cache file (bug 18093)") to the new-format-only case. Suggested-by: Josh Triplett <josh@joshtriplett.org>
-rw-r--r--elf/dl-cache.c27
1 files changed, 15 insertions, 12 deletions
diff --git a/elf/dl-cache.c b/elf/dl-cache.c
index 3eedd9a..93d185e 100644
--- a/elf/dl-cache.c
+++ b/elf/dl-cache.c
@@ -199,15 +199,25 @@ _dl_load_cache_lookup (const char *name)
PROT_READ);
/* We can handle three different cache file formats here:
+ - only the new format
- the old libc5/glibc2.0/2.1 format
- the old format with the new format in it
- - only the new format
The following checks if the cache contains any of these formats. */
- if (file != MAP_FAILED && cachesize > sizeof *cache
- && memcmp (file, CACHEMAGIC, sizeof CACHEMAGIC - 1) == 0
+ if (file != MAP_FAILED && cachesize > sizeof *cache_new
+ && memcmp (file, CACHEMAGIC_VERSION_NEW,
+ sizeof CACHEMAGIC_VERSION_NEW - 1) == 0
/* Check for corruption, avoiding overflow. */
- && ((cachesize - sizeof *cache) / sizeof (struct file_entry)
- >= ((struct cache_file *) file)->nlibs))
+ && ((cachesize - sizeof *cache_new) / sizeof (struct file_entry_new)
+ >= ((struct cache_file_new *) file)->nlibs))
+ {
+ cache_new = file;
+ cache = file;
+ }
+ else if (file != MAP_FAILED && cachesize > sizeof *cache
+ && memcmp (file, CACHEMAGIC, sizeof CACHEMAGIC - 1) == 0
+ /* Check for corruption, avoiding overflow. */
+ && ((cachesize - sizeof *cache) / sizeof (struct file_entry)
+ >= ((struct cache_file *) file)->nlibs))
{
size_t offset;
/* Looks ok. */
@@ -223,13 +233,6 @@ _dl_load_cache_lookup (const char *name)
sizeof CACHEMAGIC_VERSION_NEW - 1) != 0)
cache_new = (void *) -1;
}
- else if (file != MAP_FAILED && cachesize > sizeof *cache_new
- && memcmp (file, CACHEMAGIC_VERSION_NEW,
- sizeof CACHEMAGIC_VERSION_NEW - 1) == 0)
- {
- cache_new = file;
- cache = file;
- }
else
{
if (file != MAP_FAILED)