When iterating over the dso program headers, the object is not initialized

yet, and object segments are not yet mapped. Only parse the notes that appear in the first page of the dso (as it should be anyway), and use the preloaded page content. Reported and tested by: stass MFC after: 20 days
2012-03-12 10:36:03 +00:00 · 2012-03-12 10:36:03 +00:00 · 7654527e54
commit 7654527e54
parent ea14701c38
1 changed files with 4 additions and 1 deletions
--- a/libexec/rtld-elf/map_object.c
+++ b/libexec/rtld-elf/map_object.c
@ -149,7 +149,10 @@ map_object(int fd, const char *path, const struct stat *sb)
 	    break;

 	case PT_NOTE:
-	    note_start = (Elf_Addr)obj->relocbase + phdr->p_offset;
+	    if (phdr->p_offset > PAGE_SIZE ||
+	      phdr->p_offset + phdr->p_filesz > PAGE_SIZE)
+		break;
+	    note_start = (Elf_Addr)(char *)hdr + phdr->p_offset;
 	    note_end = note_start + phdr->p_filesz;
 	    digest_notes(obj, note_start, note_end);
 	    break;