--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: gcc-snapshot: mudflap instrumentation of dlopen is incorrect
- From: "Brian M. Carlson" <sandals@crustytoothpaste.ath.cx>
- Date: Sun, 30 Oct 2005 21:10:49 +0000
- Message-id: <200510302115.j9ULF4TC011875@crustytoothpaste.ath.cx>
Package: gcc-snapshot
Version: 20051023-1
Severity: normal
Tags: patch
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
If mudflap is used to instrument a program using dlopen, and the program
(assuming it is compiled with -rdynamic) loads itself by passing NULL for the
path to dlopen, the program will crash unconditionally; that is, regardless of
the options passed to mudflap, so long as instrumentation is enabled.
This is because (at least with GNU/Linux) it is valid to pass a NULL pointer as
the path argument to dlopen, and the instrumentation code unconditionally uses
strlen on that pointer, without checking first if it is NULL.
I have included the following patch, which may help fix the problem. I have not
tested it, but it should work. As always, it is "as is", with no warranty of
any kind. The patch is against svn HEAD (r104588).
- --- mf-hooks2.c.orig 2005-10-30 20:35:44.000000000 +0000
+++ mf-hooks2.c 2005-10-30 20:37:38.000000000 +0000
@@ -1679,8 +1679,10 @@ WRAPPER2(void *, dlopen, const char *pat
void *p;
size_t n;
TRACE ("%s\n", __PRETTY_FUNCTION__);
- - n = strlen (path);
- - MF_VALIDATE_EXTENT (path, CLAMPADD(n, 1), __MF_CHECK_READ, "dlopen path");
+ if (NULL != path) {
+ n = strlen (path);
+ MF_VALIDATE_EXTENT (path, CLAMPADD(n, 1), __MF_CHECK_READ, "dlopen path");
+ }
p = dlopen (path, flags);
if (NULL != p) {
#ifdef MF_REGISTER_dlopen
- -- System Information:
Debian Release: testing/unstable
APT prefers experimental
APT policy: (500, 'experimental'), (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-1-k7
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C)
Versions of packages gcc-snapshot depends on:
ii binutils 2.16.1cvs20050902-1 The GNU assembler, linker and bina
ii libart-2.0-2 2.3.17-1 Library of functions for 2D graphi
ii libatk1.0-0 1.10.3-1 The ATK accessibility toolkit
ii libc6 2.3.5-7 GNU C Library: Shared libraries an
ii libc6-dev 2.3.5-7 GNU C Library: Development Librari
ii libcairo2 1.0.2-1 The Cairo 2D vector graphics libra
ii libfontconfig1 2.3.2-1.1 generic font configuration library
ii libfreetype6 2.1.10-1 FreeType 2 font engine, shared lib
ii libglib2.0-0 2.8.3-1 The GLib library of C routines
ii libgmp3c2 4.1.4-11 Multiprecision arithmetic library
ii libgtk2.0-0 2.8.3-1 The GTK+ graphical user interface
ii libpango1.0-0 1.10.1-1 Layout and rendering of internatio
ii libpng12-0 1.2.8rel-5 PNG library - runtime
ii libx11-6 6.8.99.901.dfsg.1-1 X Window System protocol client li
ii libxrender1 1:0.9.0+CVS20050919-2 X Rendering Extension client libra
ii libxtst6 6.8.99.901.dfsg.1-1 X Window System event recording an
ii xlibs 6.8.99.901.dfsg.1-1 X Window System client libraries m
ii zlib1g 1:1.2.3-6 compression library - runtime
gcc-snapshot recommends no packages.
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iQEVAwUBQ2U22eWR/8lWBVPnAQOpewf/dnpt2OoQZbi7NmboBtxWvapyZoo5xTlg
EWJ2Tgv78SauIwya91o26FyG12+F3qpedy/VKQE8txkfQOVPOYtmnOd57KLNv7QJ
Q/7NYHp+AIaZD7KihuZOowZumoCXVmHjogJOT8cp4cPttduLWP5PgpplrS5T6uSz
bJXcNuhmupyBmTcx/2aPU3wglt/IEIimVEFSgAnZyWS9suHukdT2c0oaSdkxm57T
hMtX/xcK/eyQWjVC4DeQWk0G3nzSDHzZj/bnHbnC3tfuBlC8B90iI5jteCFUJmhX
RUMjGf46NbUQIOCxZzCU+1y6ws7woOXMChPhXDzW+ERGkfuxVKjbEA==
=iNA9
-----END PGP SIGNATURE-----
--- End Message ---