Mercurial > illumos > illumos-gate
changeset 4991:8312f51e0f59
6597841 gelf_getdyn() reads one too many dynamic entries
| author | ab196087 |
|---|---|
| date | Tue, 04 Sep 2007 13:24:56 -0700 |
| parents | 320a8657b24d |
| children | 18d161314626 |
| files | usr/src/cmd/sgs/libelf/common/gelf.c usr/src/cmd/sgs/packages/Makefile.targ usr/src/cmd/sgs/packages/common/SUNWonld-README |
| diffstat | 3 files changed, 38 insertions(+), 37 deletions(-) [+] |
line wrap: on
line diff
--- a/usr/src/cmd/sgs/libelf/common/gelf.c Tue Sep 04 12:54:15 2007 -0700 +++ b/usr/src/cmd/sgs/libelf/common/gelf.c Tue Sep 04 13:24:56 2007 -0700 @@ -19,7 +19,7 @@ * CDDL HEADER END */ /* - * Copyright 2006 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -487,7 +487,7 @@ EDATA_READLOCKS(data); - if ((entsize * ndx) > data->d_size) { + if ((entsize * ndx) >= data->d_size) { _elf_seterr(EREQ_RAND, 0); dst = NULL; } else if (class == ELFCLASS32) { @@ -497,7 +497,7 @@ dst->st_value = (Elf64_Addr)s->st_value; dst->st_size = (Elf64_Xword)s->st_size; dst->st_info = ELF64_ST_INFO(ELF32_ST_BIND(s->st_info), - ELF32_ST_TYPE(s->st_info)); + ELF32_ST_TYPE(s->st_info)); dst->st_other = s->st_other; dst->st_shndx = s->st_shndx; } else @@ -529,7 +529,7 @@ ELFWLOCK(EDATA_ELF(dst)); - if ((entsize * ndx) > dst->d_size) { + if ((entsize * ndx) >= dst->d_size) { _elf_seterr(EREQ_RAND, 0); rc = 0; } else if (class == ELFCLASS32) { @@ -542,7 +542,7 @@ /* LINTED */ d->st_size = (Elf32_Word)src->st_size; d->st_info = ELF32_ST_INFO(ELF64_ST_BIND(src->st_info), - ELF64_ST_TYPE(src->st_info)); + ELF64_ST_TYPE(src->st_info)); d->st_other = src->st_other; d->st_shndx = src->st_shndx; } else @@ -573,7 +573,7 @@ } EDATA_READLOCKS(data); - if ((entsize * ndx) > data->d_size) { + if ((entsize * ndx) >= data->d_size) { _elf_seterr(EREQ_RAND, 0); dst = NULL; } else if (class == ELFCLASS32) { @@ -609,7 +609,7 @@ } ELFWLOCK(EDATA_ELF(dst)); - if ((entsize * ndx) > dst->d_size) { + if ((entsize * ndx) >= dst->d_size) { _elf_seterr(EREQ_RAND, 0); rc = 0; } else if (class == ELFCLASS32) { @@ -643,7 +643,7 @@ } EDATA_READLOCKS(data); - if ((entsize * ndx) > data->d_size) { + if ((entsize * ndx) >= data->d_size) { _elf_seterr(EREQ_RAND, 0); dst = NULL; } else if (class == ELFCLASS32) { @@ -679,7 +679,7 @@ } ELFWLOCK(EDATA_ELF(dst)); - if ((entsize * ndx) > dst->d_size) { + if ((entsize * ndx) >= dst->d_size) { _elf_seterr(EREQ_RAND, 0); rc = 0; } else if (class == ELFCLASS32) { @@ -706,7 +706,7 @@ return (NULL); if (shndxdata && xshndx) { EDATA_READLOCKS(shndxdata); - if ((ndx * sizeof (Elf32_Word)) > shndxdata->d_size) { + if ((ndx * sizeof (Elf32_Word)) >= shndxdata->d_size) { _elf_seterr(EREQ_RAND, 0); EDATA_READUNLOCKS(shndxdata); return (NULL); @@ -727,7 +727,7 @@ return (0); if (shndxdata) { ELFWLOCK(EDATA_ELF(shndxdata)); - if ((ndx * sizeof (Elf32_Word)) > shndxdata->d_size) { + if ((ndx * sizeof (Elf32_Word)) >= shndxdata->d_size) { _elf_seterr(EREQ_RAND, 0); ELFUNLOCK(EDATA_ELF(shndxdata)); return (0); @@ -759,7 +759,7 @@ } EDATA_READLOCKS(src); - if ((entsize * ndx) > src->d_size) { + if ((entsize * ndx) >= src->d_size) { _elf_seterr(EREQ_RAND, 0); dst = NULL; } else if (class == ELFCLASS32) { @@ -769,11 +769,11 @@ dst->m_repeat = (Elf64_Xword)m->m_repeat; dst->m_stride = (Elf64_Half)m->m_stride; dst->m_value = (Elf64_Xword)m->m_value; - dst->m_info = ELF64_M_INFO( - ELF32_M_SYM(m->m_info), - ELF32_M_SIZE(m->m_info)); - } else + dst->m_info = ELF64_M_INFO(ELF32_M_SYM(m->m_info), + ELF32_M_SIZE(m->m_info)); + } else { *dst = ((Elf64_Move *)src->d_buf)[ndx]; + } EDATA_READUNLOCKS(src); return (dst); @@ -799,7 +799,7 @@ } ELFWLOCK(EDATA_ELF(dest)); - if ((entsize * ndx) > dest->d_size) { + if ((entsize * ndx) >= dest->d_size) { _elf_seterr(EREQ_RAND, 0); rc = 0; } else if (class == ELFCLASS32) { @@ -809,11 +809,11 @@ m->m_repeat = (Elf32_Half)src->m_repeat; m->m_stride = (Elf32_Half)src->m_stride; m->m_value = (Elf32_Lword)src->m_value; - m->m_info = (Elf32_Word)ELF32_M_INFO( - ELF64_M_SYM(src->m_info), - ELF64_M_SIZE(src->m_info)); - } else + m->m_info = (Elf32_Word)ELF32_M_INFO(ELF64_M_SYM(src->m_info), + ELF64_M_SIZE(src->m_info)); + } else { ((Elf64_Move *)dest->d_buf)[ndx] = *(Elf64_Move *)src; + } ELFUNLOCK(EDATA_ELF(dest)); return (rc); @@ -840,7 +840,7 @@ } EDATA_READLOCKS(src); - if ((entsize * ndx) > src->d_size) { + if ((entsize * ndx) >= src->d_size) { _elf_seterr(EREQ_RAND, 0); dst = NULL; } else if (class == ELFCLASS32) { @@ -885,7 +885,7 @@ } ELFWLOCK(EDATA_ELF(dst)); - if ((entsize * ndx) > dst->d_size) { + if ((entsize * ndx) >= dst->d_size) { _elf_seterr(EREQ_RAND, 0); rc = 0; } else if (class == ELFCLASS32) { @@ -901,11 +901,11 @@ * Elf64's r_info field can have, so ignore it. */ /* LINTED */ - r->r_info = ELF32_R_INFO( - ELF64_R_SYM(src->r_info), - ELF64_R_TYPE(src->r_info)); - } else + r->r_info = ELF32_R_INFO(ELF64_R_SYM(src->r_info), + ELF64_R_TYPE(src->r_info)); + } else { ((Elf64_Rela *)dst->d_buf)[ndx] = *(Elf64_Rela *)src; + } ELFUNLOCK(EDATA_ELF(dst)); @@ -933,7 +933,7 @@ } EDATA_READLOCKS(src); - if ((entsize * ndx) > src->d_size) { + if ((entsize * ndx) >= src->d_size) { _elf_seterr(EREQ_RAND, 0); dst = NULL; } else if (class == ELFCLASS32) { @@ -947,7 +947,7 @@ */ /* LINTED */ dst->r_info = ELF64_R_INFO(ELF32_R_SYM(r->r_info), - ELF32_R_TYPE(r->r_info)); + ELF32_R_TYPE(r->r_info)); } else *dst = ((Elf64_Rel *)src->d_buf)[ndx]; @@ -976,7 +976,7 @@ } ELFWLOCK(EDATA_ELF(dst)); - if ((entsize * ndx) > dst->d_size) { + if ((entsize * ndx) >= dst->d_size) { _elf_seterr(EREQ_RAND, 0); rc = 0; } else if (class == ELFCLASS32) { @@ -990,12 +990,12 @@ * Elf64's r_info field can have, so ignore it. */ /* LINTED */ - r->r_info = ELF32_R_INFO( - ELF64_R_SYM(src->r_info), - ELF64_R_TYPE(src->r_info)); + r->r_info = ELF32_R_INFO(ELF64_R_SYM(src->r_info), + ELF64_R_TYPE(src->r_info)); - } else + } else { ((Elf64_Rel *)dst->d_buf)[ndx] = *(Elf64_Rel *)src; + } ELFUNLOCK(EDATA_ELF(dst)); return (rc); @@ -1036,7 +1036,7 @@ EDATA_READLOCKS(data); - if ((entsize * ndx) > data->d_size) { + if ((entsize * ndx) >= data->d_size) { _elf_seterr(EREQ_RAND, 0); dst = NULL; } else if (class == ELFCLASS32) { @@ -1072,7 +1072,7 @@ ELFWLOCK(EDATA_ELF(dst)); - if ((entsize * ndx) > dst->d_size) { + if ((entsize * ndx) >= dst->d_size) { _elf_seterr(EREQ_RAND, 0); rc = 0; } else if (class == ELFCLASS32) {
--- a/usr/src/cmd/sgs/packages/Makefile.targ Tue Sep 04 12:54:15 2007 -0700 +++ b/usr/src/cmd/sgs/packages/Makefile.targ Tue Sep 04 13:24:56 2007 -0700 @@ -29,7 +29,7 @@ pkg: FRC @ $(RM) -r $(PACKAGE) - pkgmk -l 15000 -f prototype_$(MACH) -d $(PKGARCHIVE) -r $(ROOT) \ + pkgmk -l 18000 -f prototype_$(MACH) -d $(PKGARCHIVE) -r $(ROOT) \ -o $(PACKAGE) 2>&1 | egrep -v "$(SRC)|parametric paths may" pkgtrans -o -s $(PKGARCHIVE) $(PACKAGE).tmp $(PACKAGE) $(RM) -r $(PKGARCHIVE)/$(PACKAGE)
--- a/usr/src/cmd/sgs/packages/common/SUNWonld-README Tue Sep 04 12:54:15 2007 -0700 +++ b/usr/src/cmd/sgs/packages/common/SUNWonld-README Tue Sep 04 13:24:56 2007 -0700 @@ -1255,3 +1255,4 @@ 6589819 ld generated reference to __tls_get_addr() fails when resolving to a shared object reference 6595139 various applications should export yy* global variables for libl +6597841 gelf_getdyn() reads one too many dynamic entries