[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Two bugs in the Windows loader

From: Alexis Wilke
Subject: Two bugs in the Windows loader
Date: Thu, 28 Apr 2005 22:43:53 -0700 (PDT)

Hi guys,

Rather unlikely to happen (and most certainly why these haven't
been detected yet), I found the following two bugs.

I've been working on a library called edll which includes some
changes to the ltdl tool to load plug-ins which are nothing more
than object files (i.e. the link is done at runtime). This is
how I came across these two bugs. For more info on my project,
it will be up on sourceforge very soon here:


What I was wondering also is whether my project would stand a
chance in being incorporated in the ltdl library... Hey... I
can always dream, right? 8-) From what I read in the ld tool,
you're looking into transforming it in an ldl tool also. Maybe
this is a first step?

Thank you,
Alexis Wilke


In the ltdl.c source file, in the sys_wll_open() function, you
make use of the strrchr() to find a '.' ANYWHERE in the filename
as if only the last word could have an extension. This is wrong
since a directory can also include a period:

      ext = strrchr ("c:\\my.test\\lib-to-load", '.');

In this statement you can see that we will find a period
and yet the filename doesn't have an extension. The only
way to really find whether the file has an extension is
to check for / and \ as well:

      s = filename;
      while (*s)
          if (*s == '.')
              ext = s;
          else if (*s == '/' || *s == '\\' || *s == ':') {
              ext = (char*)0;
      if (!ext)
           * this is what you intend to do, but you need to
           * make sure s can include another character!
          strcat(s, ".");

I've only been working on the Windows loading process. There could
be other such use of the strrchr() function in the library.


In the ltdl.c source file, in the sys_wll_open() function, you
check whether the library was already loaded and if so you fail
by returning 0.

This is fine except that the module needs to be freed first.
There is an excert from the FreeLibrary documentation:

    The FreeLibrary function decrements the reference count of
    the loaded dynamic-link library (DLL).


Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

reply via email to

[Prev in Thread] Current Thread [Next in Thread]