[COMMITTED] Fuller check for invalid NSID in _dl_open.
diff mbox

Message ID 20150417210315.B68D42C3AB9@topped-with-meat.com
State New
Headers show

Commit Message

Roland McGrath April 17, 2015, 9:03 p.m. UTC
This is the patch I just posted under:
	Subject: Re: Build problem with ToT GCC
But in case some people didn't notice it was a proposed patch,
here it is again, just committed after Steve's verification that
it fixes the trunk-gcc warning.


Thanks,
Roland


2015-04-17  Roland McGrath  <roland@hack.frob.com>

	* elf/dl-open.c (_dl_open): Use __glibc_unlikely in invalid namespace
	check.  Reject NSID < 0 and NSID >= dl_nns, and check for DL_NNS==1,
	before using NSID as an index.

Patch
diff mbox

diff --git a/elf/dl-open.c b/elf/dl-open.c
index 0dbe07f..2d0e082 100644
--- a/elf/dl-open.c
+++ b/elf/dl-open.c
@@ -619,8 +619,14 @@  no more namespaces available for dlmopen()"));
   /* Never allow loading a DSO in a namespace which is empty.  Such
      direct placements is only causing problems.  Also don't allow
      loading into a namespace used for auditing.  */
-  else if (__builtin_expect (nsid != LM_ID_BASE && nsid != __LM_ID_CALLER, 0)
-	   && (GL(dl_ns)[nsid]._ns_nloaded == 0
+  else if (__glibc_unlikely (nsid != LM_ID_BASE && nsid != __LM_ID_CALLER)
+	   && (__glibc_unlikely (nsid < 0 || nsid >= GL(dl_nns))
+	       /* This prevents the [NSID] index expressions from being
+		  evaluated, so the compiler won't think that we are
+		  accessing an invalid index here in the !SHARED case where
+		  DL_NNS is 1 and so any NSID != 0 is invalid.  */
+	       || DL_NNS == 1
+	       || GL(dl_ns)[nsid]._ns_nloaded == 0
 	       || GL(dl_ns)[nsid]._ns_loaded->l_auditing))
     _dl_signal_error (EINVAL, file, NULL,
 		      N_("invalid target namespace in dlmopen()"));