From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 21166 invoked by alias); 15 Feb 2012 22:16:32 -0000 Received: (qmail 21157 invoked by uid 22791); 15 Feb 2012 22:16:31 -0000 X-SWARE-Spam-Status: No, hits=-2.8 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00,TW_JS X-Spam-Check-By: sourceware.org Received: from localhost (HELO sourceware.org) (127.0.0.1) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 15 Feb 2012 22:15:38 +0000 From: "jsm28 at gcc dot gnu.org" To: glibc-bugs@sources.redhat.com Subject: [Bug ports/11615] ld.so segfaults when RLD_MAP is 0 Date: Wed, 15 Feb 2012 22:16:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: ports X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: jsm28 at gcc dot gnu.org X-Bugzilla-Status: SUSPENDED X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Status AssignedTo Message-ID: In-Reply-To: References: X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org X-SW-Source: 2012-02/txt/msg00108.txt.bz2 http://sourceware.org/bugzilla/show_bug.cgi?id=11615 Joseph Myers changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |SUSPENDED AssignedTo|roland at gnu dot org |unassigned at sourceware | |dot org --- Comment #2 from Joseph Myers 2012-02-15 22:04:41 UTC --- My impression when I looked at another issue relating to ldd and its use of ld.so was that ld.so is not expected to do anything sensible with broken binaries or libraries in any mode, as an architecture-independent matter, and running with them may involve arbitrary code execution (so you mustn't use ld.so on possibly hostile code). Maybe we should generically fix this so that ldd of hostile code is safe, but then you'd also need to allow for arbitrary values that are not 0 but still involve writing somewhere inappropriate - that is, somehow check the address for sanity. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.