RepoMirrors/musl
1
0
Fork 0
mirror of git://git.musl-libc.org/musl synced 2025-01-30 18:41:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix uninitialized map_len being used in munmap failure paths in load_library

Browse Source 
this bug seems to have been introduced when the map_library signatures
was changed to return the mapping in a temp dso structure instead of
into separate variables.
This commit is contained in:
Rich Felker 2013-02-02 00:59:25 -05:00
parent 72768ea99e
commit 74025c80ce
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/ldso/dynlink.c
View File

@ -435,7 +435,6 @@ static struct dso *load_library(const char *name)
char buf[2*NAME_MAX+2]; char buf[2*NAME_MAX+2];
const char *pathname; const char *pathname;
unsigned char *map; unsigned char *map;
size_t map_len;
struct dso *p, temp_dso = {0}; struct dso *p, temp_dso = {0};
int fd; int fd;
struct stat st; struct stat st;
@ -528,7 +527,7 @@ static struct dso *load_library(const char *name)
} }
p = calloc(1, alloc_size); p = calloc(1, alloc_size);
if (!p) { if (!p) {
munmap(map, map_len); munmap(map, temp_dso.map_len);
return 0; return 0;
} }
memcpy(p, &temp_dso, sizeof temp_dso); memcpy(p, &temp_dso, sizeof temp_dso);
@ -542,8 +541,8 @@ static struct dso *load_library(const char *name)
if (pathname != name) p->shortname = strrchr(p->name, '/')+1; if (pathname != name) p->shortname = strrchr(p->name, '/')+1;
if (p->tls_image) { if (p->tls_image) {
if (runtime && !__pthread_self_init()) { if (runtime && !__pthread_self_init()) {
munmap(map, p->map_len);
free(p); free(p);
munmap(map, map_len);
return 0; return 0;
} }
p->tls_id = ++tls_cnt; p->tls_id = ++tls_cnt;