git: 43d44842aef3 - main - rtld: Fix null-pointer dereference
Konstantin Belousov
kib at FreeBSD.org
Tue Feb 2 14:15:32 UTC 2021
The branch main has been updated by kib:
URL: https://cgit.FreeBSD.org/src/commit/?id=43d44842aef3972cc86ce673e84e31f372257b15
commit 43d44842aef3972cc86ce673e84e31f372257b15
Author: David Chisnall <theraven at FreeBSD.org>
AuthorDate: 2021-02-02 14:06:33 +0000
Commit: Konstantin Belousov <kib at FreeBSD.org>
CommitDate: 2021-02-02 14:14:16 +0000
rtld: Fix null-pointer dereference
When a library is opened via fdlopen, it has a null pointer for its path
and so _rtld_bind can crash as a result of passing the null pointer to
basename() (which passes it to strrchr(), which doesn't do a null check).
PR: 253081
Submitted by: theraven
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D28442
---
libexec/rtld-elf/rtld.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index 7b8bfba84d7d..b186bebbfefc 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -894,8 +894,10 @@ _rtld_bind(Obj_Entry *obj, Elf_Size reloff)
target = (Elf_Addr)(defobj->relocbase + def->st_value);
dbg("\"%s\" in \"%s\" ==> %p in \"%s\"",
- defobj->strtab + def->st_name, basename(obj->path),
- (void *)target, basename(defobj->path));
+ defobj->strtab + def->st_name,
+ obj->path == NULL ? NULL : basename(obj->path),
+ (void *)target,
+ defobj->path == NULL ? NULL : basename(defobj->path));
/*
* Write the new contents for the jmpslot. Note that depending on
More information about the dev-commits-src-all
mailing list