[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
null ptr deref in try_dlopen
|
From: |
Ralf Wildenhues |
|
Subject: |
null ptr deref in try_dlopen |
|
Date: |
Sat, 25 Sep 2004 17:59:42 +0200 |
|
User-agent: |
Mutt/1.5.6+20040722i |
The patch below fixes a null pointer dereference in try_dlopen, ltdl.c,
causing ltdl to try to malloc a huge amount of memory in case the user
tries to lt_dlopen() a file with a name without an extension.
Actually, while looking at try_dlopen, a couple of questions have come
up (don't worry about these for the next alpha or so, I'm sorry for the
unfortunate timing).
- The module name -- does it (should it) contain version information?
If yes, how much, and how encoded?
- If yes, shoud it be possible for a program (a library) to be able
to load two different versions of the same module simultaneously?
- Would you eventually accept a rewrite of try_dlopen?
BTW, I have not forgotten about the Autotest stuff, I'll send something
eventually.
Regards,
Ralf
2004-09-25 Ralf Wildenhues <address@hidden>
* libltdl/ltdl.c (try_dlopen): Fix null pointer dereference
in case the name given to lt_dlopen contains no extension.
Index: libltdl/ltdl.c
===================================================================
RCS file: /cvsroot/libtool/libtool/libltdl/ltdl.c,v
retrieving revision 1.213
diff -u -r1.213 ltdl.c
--- libltdl/ltdl.c 2 Sep 2004 13:27:24 -0000 1.213
+++ libltdl/ltdl.c 25 Sep 2004 15:58:13 -0000
@@ -985,6 +985,10 @@
assert (base_name && *base_name);
ext = strrchr (base_name, '.');
+ if (!ext)
+ {
+ ext = base_name + LT_STRLEN(base_name);
+ }
/* extract the module name from the file name */
name = MALLOC (char, ext - base_name + 1);
- null ptr deref in try_dlopen,
Ralf Wildenhues <=