From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-return-58494-listarch-libc-alpha=sources.redhat.com@sourceware.org>
Received: (qmail 115595 invoked by alias); 17 Apr 2015 21:03:19 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Received: (qmail 115585 invoked by uid 89); 17 Apr 2015 21:03:18 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.7 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2
X-HELO: topped-with-meat.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: Roland McGrath <roland@hack.frob.com>
to: <libc-alpha@sourceware.org>
CC: <sellcey@imgtec.com>
Subject: [COMMITTED PATCH] Fuller check for invalid NSID in _dl_open.
In-Reply-To: Steve Ellcey's message of  Friday, 17 April 2015 13:46:14 -0700 <1429303574.30498.247.camel@ubuntu-sellcey>
References: <88baa580-c27b-4fc8-b7da-7de3c0a7f64d@BAMAIL02.ba.imgtec.org>
	<20150417192032.70DE42C3B91@topped-with-meat.com>
	<1429300312.30498.241.camel@ubuntu-sellcey>
	<20150417195820.664E52C3B86@topped-with-meat.com>
	<1429300926.30498.243.camel@ubuntu-sellcey>
	<1429303574.30498.247.camel@ubuntu-sellcey>
Message-Id: <20150417210315.B68D42C3AB9@topped-with-meat.com>
Date: Fri, 17 Apr 2015 21:03:00 -0000
X-CMAE-Score: 0
X-CMAE-Analysis: v=2.1 cv=SvUDtp+0 c=1 sm=1 tr=0
		a=WkljmVdYkabdwxfqvArNOQ==:117 a=14OXPxybAAAA:8 a=kj9zAlcOel0A:10
		a=hOe2yjtxAAAA:8 a=rxWXYwp4bqm4pF4tegQA:9 a=CjuIK1q_8ugA:10
X-SW-Source: 2015-04/txt/msg00240.txt.bz2

This is the patch I just posted under:
	Subject: Re: Build problem with ToT GCC
But in case some people didn't notice it was a proposed patch,
here it is again, just committed after Steve's verification that
it fixes the trunk-gcc warning.


Thanks,
Roland


2015-04-17  Roland McGrath  <roland@hack.frob.com>

	* elf/dl-open.c (_dl_open): Use __glibc_unlikely in invalid namespace
	check.  Reject NSID < 0 and NSID >= dl_nns, and check for DL_NNS==1,
	before using NSID as an index.

diff --git a/elf/dl-open.c b/elf/dl-open.c
index 0dbe07f..2d0e082 100644
--- a/elf/dl-open.c
+++ b/elf/dl-open.c
@@ -619,8 +619,14 @@ no more namespaces available for dlmopen()"));
   /* Never allow loading a DSO in a namespace which is empty.  Such
      direct placements is only causing problems.  Also don't allow
      loading into a namespace used for auditing.  */
-  else if (__builtin_expect (nsid != LM_ID_BASE && nsid != __LM_ID_CALLER, 0)
-	   && (GL(dl_ns)[nsid]._ns_nloaded == 0
+  else if (__glibc_unlikely (nsid != LM_ID_BASE && nsid != __LM_ID_CALLER)
+	   && (__glibc_unlikely (nsid < 0 || nsid >= GL(dl_nns))
+	       /* This prevents the [NSID] index expressions from being
+		  evaluated, so the compiler won't think that we are
+		  accessing an invalid index here in the !SHARED case where
+		  DL_NNS is 1 and so any NSID != 0 is invalid.  */
+	       || DL_NNS == 1
+	       || GL(dl_ns)[nsid]._ns_nloaded == 0
 	       || GL(dl_ns)[nsid]._ns_loaded->l_auditing))
     _dl_signal_error (EINVAL, file, NULL,
 		      N_("invalid target namespace in dlmopen()"));