From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 54AEA38708CC; Thu, 11 Mar 2021 06:24:22 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 54AEA38708CC From: "yangyanchao6 at huawei dot com" To: glibc-bugs@sourceware.org Subject: [Bug dynamic-link/20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT Date: Thu, 11 Mar 2021 06:24:21 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: dynamic-link X-Bugzilla-Version: 2.24 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: yangyanchao6 at huawei dot com X-Bugzilla-Status: RESOLVED X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: 2.25 X-Bugzilla-Flags: security- X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: glibc-bugs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Glibc-bugs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Mar 2021 06:24:22 -0000 https://sourceware.org/bugzilla/show_bug.cgi?id=3D20019 --- Comment #28 from yangyanchao6 at huawei dot com --- (In reply to H.J. Lu from comment #27) > (In reply to yangyanchao6@huawei.com from comment #26) > > (In reply to H.J. Lu from comment #24) > > > Fixed for 2.33 by > > >=20 > > > commit 6ea5b57afa5cdc9ce367d2b69a2cebfb273e4617 > > > Author: H.J. Lu > > > Date: Mon Dec 28 05:28:49 2020 -0800 > > >=20 > > > x86: Check IFUNC definition in unrelocated executable [BZ #20019] > >=20 > > I tried this patch but the problem didn't get fixed. > > Is there anything else I need to do? >=20 > What problem did you run into? [root@localhost DTS2021030805K7VLP1D00]# cat bar.c=20 void bar (void *dst, void *src) { __builtin_memmove (dst, src, 40); } [root@localhost DTS2021030805K7VLP1D00]# cat foo.c=20 void bar (void *dst, void *src); void foo (void) { char dst[50]; char src[50]; bar (dst, src); } [root@localhost DTS2021030805K7VLP1D00]# cat main.c=20 void foo (void); int main () { foo (); return 0; } [root@localhost DTS2021030805K7VLP1D00]# gcc -O2 -c -o main.o main.c [root@localhost DTS2021030805K7VLP1D00]# gcc -O2 -fPIC -c -o foo.o foo.c [root@localhost DTS2021030805K7VLP1D00]# gcc -O2 -fPIC -c -o bar.o bar.c [root@localhost DTS2021030805K7VLP1D00]# ld.gold -shared -z now -o libbar.= so bar.o [root@localhost DTS2021030805K7VLP1D00]# ld.gold -shared -z now -o libfoo.= so foo.o libbar.so [root@localhost DTS2021030805K7VLP1D00]# gcc -o foo main.o libfoo.so -Wl,-rpath,.=20 [root@localhost DTS2021030805K7VLP1D00]# ./foo=20 ./foo: Relink `./libbar.so' with `/usr/lib64/libc.so.6' for IFUNC symbol `memmove' Segmentation fault (core dumped) [root@localhost DTS2021030805K7VLP1D00]# readelf -r libbar.so Relocation section '.rela.plt' at offset 0x2b0 contains 1 entry: Offset Info Type Sym. Value Sym. Name + Addend 000000001ff8 000100000007 R_X86_64_JUMP_SLO 0000000000000000 memmove + 0 It looks the same as it did before the patch was incorporated. --=20 You are receiving this mail because: You are on the CC list for the bug.=