From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-164604-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 1478 invoked by alias); 1 Nov 2005 17:45:51 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Received: (qmail 1463 invoked by uid 48); 1 Nov 2005 17:45:49 -0000
Date: Tue, 01 Nov 2005 17:45:00 -0000
Subject: [Bug libmudflap/24619]  New: mudflap instrumentation of dlopen is incorrect
X-Bugzilla-Reason: CC
Message-ID: <bug-24619-5724@http.gcc.gnu.org/bugzilla/>
Reply-To: gcc-bugzilla@gcc.gnu.org
To: gcc-bugs@gcc.gnu.org
From: "debian-gcc at lists dot debian dot org" <gcc-bugzilla@gcc.gnu.org>
X-SW-Source: 2005-11/txt/msg00090.txt.bz2
List-Id: <gcc-bugs.sourceware.org>

[forwarded from http://bugs.debian.org/336511]

bug submitter writes:

If mudflap is used to instrument a program using dlopen, and the program
(assuming it is compiled with -rdynamic) loads itself by passing NULL for the
path to dlopen, the program will crash unconditionally; that is, regardless of
the options passed to mudflap, so long as instrumentation is enabled.

This is because (at least with GNU/Linux) it is valid to pass a NULL pointer as
the path argument to dlopen, and the instrumentation code unconditionally uses
strlen on that pointer, without checking first if it is NULL.

I have included the following patch, which may help fix the problem.  I have
not
tested it, but it should work.  As always, it is "as is", with no warranty of
any kind.  The patch is against svn HEAD (r104588).

- --- mf-hooks2.c.orig  2005-10-30 20:35:44.000000000 +0000
+++ mf-hooks2.c 2005-10-30 20:37:38.000000000 +0000
@@ -1679,8 +1679,10 @@ WRAPPER2(void *, dlopen, const char *pat
   void *p;
   size_t n;
   TRACE ("%s\n", __PRETTY_FUNCTION__);
- -  n = strlen (path);
- -  MF_VALIDATE_EXTENT (path, CLAMPADD(n, 1), __MF_CHECK_READ, "dlopen path");
+  if (NULL != path) {
+    n = strlen (path);
+    MF_VALIDATE_EXTENT (path, CLAMPADD(n, 1), __MF_CHECK_READ, "dlopen path");
+  }
   p = dlopen (path, flags);
   if (NULL != p) {
 #ifdef MF_REGISTER_dlopen


-- 
           Summary: mudflap instrumentation of dlopen is incorrect
           Product: gcc
           Version: 4.1.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: libmudflap
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: debian-gcc at lists dot debian dot org


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=24619