From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by sourceware.org (Postfix) with ESMTP id E6285383F40D for ; Mon, 28 Jun 2021 02:15:50 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org E6285383F40D Received: from mail-qv1-f71.google.com (mail-qv1-f71.google.com [209.85.219.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-169-TblHr1ffOqyDC-flUJNvvg-1; Sun, 27 Jun 2021 22:15:48 -0400 X-MC-Unique: TblHr1ffOqyDC-flUJNvvg-1 Received: by mail-qv1-f71.google.com with SMTP id g14-20020ad4510e0000b02902890eb69b5aso4469570qvp.21 for ; Sun, 27 Jun 2021 19:15:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=VDBNiuYuWmfokTvjcTmHjgDEkhFb0lGsJp48LoNVHpU=; b=orBykPtEKGrzjvYOOdpU+1iduprLU5vwnNo42I7mXrzJepTL2BdCnawdtPX94TYUJ2 6hPLGbrZVBkdCsCqxE0cyrWZNLzoKKy7EQY5q3zvR70/gTXxpxVLT0suhrEEDMeAIeUl MAylt9xuYGHxddHgYqkGsQOfYlfbXjvHsXjo68s7Mr7+UxTsNCpdl2LwYOFrXcdoabnH ud+1lznlKul8zMCpUdq476R5Cvv25PCDFKqOBDIxeU45TBs4VfCHqRgLw9wKb6+kw9+W CpvUQ8sC6WX8/gXdndQa/mMJv7+ge08Ph/ZPH26DfoglC8fOgRHTbOQ34zfg2QU4Gh+W tEXw== X-Gm-Message-State: AOAM531xVFBaqJ5ho4WoUBdABTsGxnDsTSpsQB6X0n0KzuBSfcC9WLCJ Eh+Ikunp+zCJFWTCBWgMi82uOu26EWNFK9aKeVy6fZylKK27ngMyVR1WGqusaBfIQtXr6GZld2Q f7WKV7u4QjzzE5Wsw49eSnLsB2XLLUU+rnUN7s1CMnpnkS22LexXTW8okd4p0BuWsNDbOfA== X-Received: by 2002:a05:620a:1a1b:: with SMTP id bk27mr927081qkb.327.1624846547607; Sun, 27 Jun 2021 19:15:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxY8FweldlgjqVpYf1pbh4QgBkjR2o1THSm92qjcjU/AOdHA8vlwzq//RD+/DxORqqBMkhP/Q== X-Received: by 2002:a05:620a:1a1b:: with SMTP id bk27mr927071qkb.327.1624846547399; Sun, 27 Jun 2021 19:15:47 -0700 (PDT) Received: from [192.168.1.16] (198-84-214-74.cpe.teksavvy.com. [198.84.214.74]) by smtp.gmail.com with ESMTPSA id h128sm9589929qkc.94.2021.06.27.19.15.46 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 27 Jun 2021 19:15:46 -0700 (PDT) Subject: Re: [PATCH] elf: Assert range of ns argument in _dl_debug_initialize To: Florian Weimer Cc: libc-alpha@sourceware.org References: <87y2b04us6.fsf@oldenburg.str.redhat.com> <1517d682-9f16-6daf-b2b3-ab716a222a0b@redhat.com> <87pmw6zzt7.fsf@oldenburg.str.redhat.com> From: Carlos O'Donell Organization: Red Hat Message-ID: <251374b9-857b-b5a7-d315-6847b159923d@redhat.com> Date: Sun, 27 Jun 2021 22:15:45 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1 MIME-Version: 1.0 In-Reply-To: <87pmw6zzt7.fsf@oldenburg.str.redhat.com> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-12.9 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jun 2021 02:15:52 -0000 On 6/27/21 6:51 PM, Florian Weimer wrote: > * Carlos O'Donell: > >>> diff --git a/elf/dl-debug.c b/elf/dl-debug.c >>> index 2cd5f09753..85b087455e 100644 >>> --- a/elf/dl-debug.c >>> +++ b/elf/dl-debug.c >>> @@ -16,6 +16,8 @@ >>> License along with the GNU C Library; if not, see >>> . */ >>> >>> +#include >>> +#include >>> #include >>> >>> >>> @@ -49,7 +51,11 @@ _dl_debug_initialize (ElfW(Addr) ldbase, Lmid_t ns) >>> if (ns == LM_ID_BASE) >>> r = &_r_debug; >>> else >>> - r = &GL(dl_ns)[ns]._ns_debug; >>> + { >>> + assert (ns >= 0); >>> + assert (ns < array_length (GL (dl_ns))); >> >> The check in _dl_map_object is: >> assert (nsid >= 0); >> assert (nsid < GL(dl_nns)); >> >> Should we be consistent one way or the other? > > I wasn't sure if _dl_debug_initialize can be called with a > not-yet-allocated (or already-deallocated) namespace ID. _dl_map_object > is somewhat higher-level, so it's not surprising that it expects an > active ID. An out-of-bounds array access is clearly invalid, though. Assert on the tighter bound and we'll see? :-) -- Cheers, Carlos.