From: Carlos O'Donell <carlos@redhat.com>
Date: Sat, 6 Apr 2013 21:00:02 +0000 (-0400)
Subject: dl_open_worker: Memset all of seen array.
X-Git-Tag: glibc-2.18~421
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7208a313b93a42e3cef61c4249a59b4b32a5850b;p=thirdparty%2Fglibc.git

dl_open_worker: Memset all of seen array.

The seen array was doubled in size recently, but the memset to clear
the array was not adjusted. We adjust the memset to always be correct
regardless of the size of seen.

---

2013-04-06  Carlos O'Donell  <carlos@redhat.com>

	[BZ #15309]
	* elf/dl-open.c (dl_open_worker): memset all of seen array.
---

diff --git a/ChangeLog b/ChangeLog
index dbb7af5b84b..197ea247ad7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2013-04-06  Carlos O'Donell  <carlos@redhat.com>
+
+	[BZ #15309]
+	* elf/dl-open.c (dl_open_worker): memset all of seen array.
+
 2013-04-06  Marko Myllynen  <myllynen@redhat.com>
 
 	[BZ #15264]
diff --git a/NEWS b/NEWS
index e5c8c864d38..5644a59a75f 100644
--- a/NEWS
+++ b/NEWS
@@ -13,7 +13,8 @@ Version 2.18
   14176, 14200, 14317, 14327, 14478, 14496, 14686, 14812, 14920, 14964,
   14981, 14982, 14985, 14994, 14996, 15003, 15006, 15020, 15023, 15036,
   15054, 15055, 15062, 15078, 15160, 15214, 15232, 15234, 15283, 15285,
-  15287, 15304, 15305, 15307, 15327, 15330, 15335, 15336, 15337, 15342.
+  15287, 15304, 15305, 15307, 15309, 15327, 15330, 15335, 15336, 15337,
+  15342.
 
 * CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla
   #15078).
diff --git a/elf/dl-open.c b/elf/dl-open.c
index 201d95d1be6..9ff5f5736df 100644
--- a/elf/dl-open.c
+++ b/elf/dl-open.c
@@ -344,7 +344,7 @@ dl_open_worker (void *a)
   if (nmaps > 1)
     {
       uint16_t seen[nmaps];
-      memset (seen, '\0', nmaps);
+      memset (seen, '\0', sizeof (seen));
       size_t i = 0;
       while (1)
 	{