diff options
| author |   Khem Raj <raj.khem@gmail.com> | 2015-03-18 02:05:06 +0000 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-08-16 17:28:09 +0100 |
| commit | 6ea08396dbb628140fd3289fc9fb19df97914326 (patch) | |
| tree | f79a957f71a70d8aef2f70da3fdd6d5b7c3efb30 /meta/recipes-core/glibc/glibc/0002-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch | |
| parent | b971bdb52ab709b60b42be56b5175f43c96304b1 (diff) | |
| download | openembedded-core-contrib-6ea08396dbb628140fd3289fc9fb19df97914326.tar.gz | |
glibc: Upgrade 2.21 -> 2.22
- git'ify the OE patches
- add_resource_h_to_wait_h.patch - dropped, we do not support that old
perf anymore
- mips-rld-map-check.patch - Dropped because binutils is fixed for it
see https://sourceware.org/ml/binutils/2011-12/msg00112.html
- initgroups_keys.patch - Folded into
0026-eglibc-Forward-port-eglibc-options-groups-support.patch
Change-Id: Ib8e731b212f52b8ff12e2180babbc19970fb1ef1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-core/glibc/glibc/0002-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch')
| -rw-r--r-- | meta/recipes-core/glibc/glibc/0002-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc/0002-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch b/meta/recipes-core/glibc/glibc/0002-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch new file mode 100644 index 0000000000..b568fc6bdc --- /dev/null +++ b/meta/recipes-core/glibc/glibc/0002-nativesdk-glibc-Fix-buffer-overrun-with-a-relocated-.patch @@ -0,0 +1,50 @@ +From 086b65d9aacffc47fcd8df68818a476a5ae76fa1 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 18 Mar 2015 01:50:00 +0000 +Subject: [PATCH 02/27] nativesdk-glibc: Fix buffer overrun with a relocated + SDK + +When ld-linux-*.so.2 is relocated to a path that is longer than the +original fixed location, the dynamic loader will crash in open_path +because it implicitly assumes that max_dirnamelen is a fixed size that +never changes. + +The allocated buffer will not be large enough to contain the directory +path string which is larger than the fixed location provided at build +time. + +Upstream-Status: Inappropriate [OE SDK specific] + +Signed-off-by: Jason Wessel <jason.wessel@windriver.com> +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + elf/dl-load.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/elf/dl-load.c b/elf/dl-load.c +index f45085a..f1eb5ed 100644 +--- a/elf/dl-load.c ++++ b/elf/dl-load.c +@@ -1765,7 +1765,19 @@ open_path (const char *name, size_t namelen, int mode, + given on the command line when rtld is run directly. */ + return -1; + ++ do ++ { ++ struct r_search_path_elem *this_dir = *dirs; ++ if (this_dir->dirnamelen > max_dirnamelen) ++ { ++ max_dirnamelen = this_dir->dirnamelen; ++ } ++ } ++ while (*++dirs != NULL); ++ + buf = alloca (max_dirnamelen + max_capstrlen + namelen); ++ ++ dirs = sps->dirs; + do + { + struct r_search_path_elem *this_dir = *dirs; +-- +2.1.4 + |