svn commit: r240208 - in stable: 7/contrib/binutils/binutils 8/contrib/binutils/binutils 9/contrib/binutils/binutils

Dimitry Andric dim at
Fri Sep 7 18:03:30 UTC 2012

Author: dim
Date: Fri Sep  7 18:03:29 2012
New Revision: 240208

  MFC r239962:
  Fix a twelve year old bug in readelf: when process_dynamic_segment()
  encounters a DT_RUNPATH entry, the global dynamic_info[] array is
  overrun, causing some other global variable to be overwritten.
  In my testcase, this was the section_headers variable, leading to
  segfaults or jemalloc assertions when it was freed later on.
  Thanks to Koop Mast for providing samples of a few "bad" .so files.

Directory Properties:
  stable/7/contrib/binutils/   (props changed)

Changes in other areas also in this revision:
Directory Properties:
  stable/8/contrib/binutils/   (props changed)
  stable/9/contrib/binutils/   (props changed)

Modified: stable/7/contrib/binutils/binutils/readelf.c
--- stable/7/contrib/binutils/binutils/readelf.c	Fri Sep  7 17:58:36 2012	(r240207)
+++ stable/7/contrib/binutils/binutils/readelf.c	Fri Sep  7 18:03:29 2012	(r240208)
@@ -128,7 +128,7 @@ Elf_Internal_Syminfo *dynamic_syminfo;
 unsigned long dynamic_syminfo_offset;
 unsigned int dynamic_syminfo_nent;
 char program_interpreter[64];
-bfd_vma dynamic_info[DT_JMPREL + 1];
+bfd_vma dynamic_info[DT_ENCODING];
 bfd_vma version_info[16];
 Elf_Internal_Ehdr elf_header;
 Elf_Internal_Shdr *section_headers;

More information about the svn-src-stable-7 mailing list