When iterating over the dso program headers, the object is not initialized

yet, and object segments are not yet mapped. Only parse the notes that appear in the first page of the dso (as it should be anyway), and use the preloaded page content. Reported and tested by: stass MFC after: 20 days
author: kib <kib@FreeBSD.org> 2012-03-12 10:36:03 +0000
committer: kib <kib@FreeBSD.org> 2012-03-12 10:36:03 +0000
commit: 7654527e54953ea42e7a35136d0521bb4ae4b225 (patch)
tree: c2f87f15534ed17b42568491051d8041f734c753 /libexec/rtld-elf
parent: ea14701c38e1e288d6b394bd7a4c64e6053af67d (diff)
download: FreeBSD-src-7654527e54953ea42e7a35136d0521bb4ae4b225.zip
FreeBSD-src-7654527e54953ea42e7a35136d0521bb4ae4b225.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/libexec/rtld-elf/map_object.c b/libexec/rtld-elf/map_object.c
index d240575..f142819 100644
--- a/libexec/rtld-elf/map_object.c
+++ b/libexec/rtld-elf/map_object.c
@@ -149,7 +149,10 @@ map_object(int fd, const char *path, const struct stat *sb)
 	    break;
 
 	case PT_NOTE:
-	    note_start = (Elf_Addr)obj->relocbase + phdr->p_offset;
+	    if (phdr->p_offset > PAGE_SIZE ||
+	      phdr->p_offset + phdr->p_filesz > PAGE_SIZE)
+		break;
+	    note_start = (Elf_Addr)(char *)hdr + phdr->p_offset;
 	    note_end = note_start + phdr->p_filesz;
 	    digest_notes(obj, note_start, note_end);
 	    break;
author	kib <kib@FreeBSD.org>	2012-03-12 10:36:03 +0000
committer	kib <kib@FreeBSD.org>	2012-03-12 10:36:03 +0000
commit	7654527e54953ea42e7a35136d0521bb4ae4b225 (patch)
tree	c2f87f15534ed17b42568491051d8041f734c753 /libexec/rtld-elf
parent	ea14701c38e1e288d6b394bd7a4c64e6053af67d (diff)
download	FreeBSD-src-7654527e54953ea42e7a35136d0521bb4ae4b225.zip FreeBSD-src-7654527e54953ea42e7a35136d0521bb4ae4b225.tar.gz