Add more checks for valid ld.so.cache file (bug 18093)

2025-03-06 20:58:33 +01:00 · 2018-10-23 09:40:14 +02:00 · 2018-10-23 09:40:14 +02:00 · 2954daf00b
commit 2954daf00b
parent a27a4f4721
3 changed files with 16 additions and 1 deletions
--- a/7
+++ b/7
@ -1,3 +1,10 @@
 2018-10-24  Andreas Schwab  <schwab@suse.de>
 	[BZ #18093]
 	* elf/dl-cache.c (_dl_load_cache_lookup): Check for truncated old
 	format cache.
 	* elf/cache.c (print_cache): Likewise.
 2018-10-24  Albert ARIBAUD <albert.aribaud@3adev.fr>
 	* bits/timesize.h: New file.
--- a/elf/cache.c
+++ b/elf/cache.c
@ -199,6 +199,11 @@ print_cache (const char *cache_name)
    }
  else
    {
      /* Check for corruption, avoiding overflow.  */
      if ((cache_size - sizeof (struct cache_file)) / sizeof (struct file_entry)
 	  < cache->nlibs)
 	error (EXIT_FAILURE, 0, _("File is not a cache file.\n"));
      size_t offset = ALIGN_CACHE (sizeof (struct cache_file)
 				   + (cache->nlibs
 				      * sizeof (struct file_entry)));
--- a/elf/dl-cache.c
+++ b/elf/dl-cache.c
@ -204,7 +204,10 @@ _dl_load_cache_lookup (const char *name)
 	 - only the new format
 	 The following checks if the cache contains any of these formats.  */
      if (file != MAP_FAILED && cachesize > sizeof *cache
-	  && memcmp (file, CACHEMAGIC, sizeof CACHEMAGIC - 1) == 0)
+	  && memcmp (file, CACHEMAGIC, sizeof CACHEMAGIC - 1) == 0
 	  /* Check for corruption, avoiding overflow.  */
 	  && ((cachesize - sizeof *cache) / sizeof (struct file_entry)
 	      >= ((struct cache_file *) file)->nlibs))
 	{
 	  size_t offset;
 	  /* Looks ok.  */