[COMMITTED PATCH] tile BZ #15759: Fix bug in _dl_unmap

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[COMMITTED PATCH] tile BZ #15759: Fix bug in _dl_unmap

Chris Metcalf-3
We returned without calling __munmap if not in the simulator.
Now we call a separate sim_dlclose() function to make the
control flow work correctly.
---
Siddhesh: Thanks for locating the bug!

David: this bug was (only) in 2.17.  It seems like it merits
a backport since it's a pretty straightforward fix.  What do you think?

 ports/ChangeLog.tile            |  6 ++++++
 ports/sysdeps/tile/dl-runtime.c | 12 +++++++++---
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index 4b2d5ca..a67e40b 100644
--- a/NEWS
+++ b/NEWS
@@ -21,7 +21,8 @@ Version 2.18
   15395, 15405, 15406, 15409, 15416, 15418, 15419, 15423, 15424, 15426,
   15429, 15431, 15432, 15441, 15442, 15448, 15465, 15480, 15485, 15488,
   15490, 15492, 15493, 15497, 15506, 15529, 15536, 15553, 15577, 15583,
-  15618, 15627, 15631, 15654, 15655, 15666, 15667, 15674, 15711, 15755.
+  15618, 15627, 15631, 15654, 15655, 15666, 15667, 15674, 15711, 15755,
+  15759.

 * CVE-2013-2207 Incorrectly granting access to another user's pseudo-terminal
   has been fixed by disabling the use of pt_chown (Bugzilla #15755).
diff --git a/ports/ChangeLog.tile b/ports/ChangeLog.tile
index dd3d4f4..41855f2 100644
--- a/ports/ChangeLog.tile
+++ b/ports/ChangeLog.tile
@@ -1,3 +1,9 @@
+2013-07-22  Chris Metcalf  <[hidden email]>
+
+ [BZ #15759]
+ * sysdeps/tile/dl-runtime.c (sim_dlclose): New function.
+ (_dl_unmap): Call sim_dlclose().
+
 2013-07-19  Chris Metcalf  <[hidden email]>
 
  * sysdeps/unix/sysv/linux/tile/sys/ptrace.h
diff --git a/ports/sysdeps/tile/dl-runtime.c b/ports/sysdeps/tile/dl-runtime.c
index 84b5a5a..42f0ab3 100644
--- a/ports/sysdeps/tile/dl-runtime.c
+++ b/ports/sysdeps/tile/dl-runtime.c
@@ -127,8 +127,8 @@ _dl_after_load (struct link_map *l)
 }
 
 /* Support notifying the simulator about removed objects prior to munmap().  */
-void internal_function
-_dl_unmap (struct link_map *l)
+static void
+sim_dlclose (ElfW(Addr) map_start)
 {
   int shift;
 
@@ -144,9 +144,15 @@ _dl_unmap (struct link_map *l)
   DLPUTC ('0');
   DLPUTC ('x');
   for (shift = (int) sizeof (unsigned long) * 8 - 4; shift >= 0; shift -= 4)
-    DLPUTC ("0123456789abcdef"[(l->l_map_start >> shift) & 0xF]);
+    DLPUTC ("0123456789abcdef"[(map_start >> shift) & 0xF]);
   DLPUTC ('\0');
+
 #undef DLPUTC
+}
 
+void internal_function
+_dl_unmap (struct link_map *l)
+{
+  sim_dlclose (l->l_map_start);
   __munmap ((void *) l->l_map_start, l->l_map_end - l->l_map_start);
 }
--
1.8.3.1

Reply | Threaded
Open this post in threaded view
|

Re: [COMMITTED PATCH] tile BZ #15759: Fix bug in _dl_unmap

David Miller-13
From: Chris Metcalf <[hidden email]>
Date: Mon, 22 Jul 2013 11:46:44 -0400

> David: this bug was (only) in 2.17.  It seems like it merits
> a backport since it's a pretty straightforward fix.  What do you think?

Agreed.