[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

null ptr deref in try_dlopen

From: Ralf Wildenhues
Subject: null ptr deref in try_dlopen
Date: Sat, 25 Sep 2004 17:59:42 +0200
User-agent: Mutt/1.5.6+20040722i

The patch below fixes a null pointer dereference in try_dlopen, ltdl.c,
causing ltdl to try to malloc a huge amount of memory in case the user
tries to lt_dlopen() a file with a name without an extension.

Actually, while looking at try_dlopen, a couple of questions have come
up (don't worry about these for the next alpha or so, I'm sorry for the
unfortunate timing).

- The module name -- does it (should it) contain version information?
  If yes, how much, and how encoded?
- If yes, shoud it be possible for a program (a library) to be able
  to load two different versions of the same module simultaneously?
- Would you eventually accept a rewrite of try_dlopen?

BTW, I have not forgotten about the Autotest stuff, I'll send something


2004-09-25  Ralf Wildenhues <address@hidden>

        * libltdl/ltdl.c (try_dlopen): Fix null pointer dereference
        in case the name given to lt_dlopen contains no extension.

Index: libltdl/ltdl.c
RCS file: /cvsroot/libtool/libtool/libltdl/ltdl.c,v
retrieving revision 1.213
diff -u -r1.213 ltdl.c
--- libltdl/ltdl.c      2 Sep 2004 13:27:24 -0000       1.213
+++ libltdl/ltdl.c      25 Sep 2004 15:58:13 -0000
@@ -985,6 +985,10 @@
   assert (base_name && *base_name);
   ext = strrchr (base_name, '.');
+  if (!ext)
+    {
+      ext = base_name + LT_STRLEN(base_name);
+    }
   /* extract the module name from the file name */
   name = MALLOC (char, ext - base_name + 1);

reply via email to

[Prev in Thread] Current Thread [Next in Thread]