+2015-07-29 H.J. Lu <hongjiu.lu@intel.com>
+
+ [BZ #18078]
+ * scripts/check-localplt.awk: Support alternate relocations.
+ * scripts/localplt.awk: Also check relocations in DT_RELA/DT_REL
+ sections.
+ * sysdeps/unix/sysv/linux/i386/localplt.data: Mark free and
+ malloc entries with + REL R_386_GLOB_DAT.
+ * sysdeps/x86_64/localplt.data: New file.
+
2015-03-03 Alan Modra <amodra@gmail.com>
[BZ #16512]
* The following bugs are resolved with this release:
16512, 17090, 17269, 17620, 17621, 17628, 17905, 17949, 18007, 18032,
- 18080, 18240, 18287, 18508, 18694, 18887, 18985, 19048, 19682.
+ 18078, 18080, 18240, 18287, 18508, 18694, 18887, 18985, 19048, 19682.
* A stack-based buffer overflow was found in libresolv when invoked from
libnss_dns, allowing specially crafted DNS responses to seize control
# Each line is either a comment starting with # or it looks like:
# libfoo.so: function
# or
+# libfoo.so: function + {RELA|REL} RELOC
+# or
# libfoo.so: function ?
-# The latter means that a PLT entry for function is optional in libfoo.so.
-# The former means one is required.
+# The first entry means that one is required.
+# The second entry means that one is required and relocation may also be
+# {RELA|REL} RELOC.
+# The third entry means that a PLT entry for function is optional in
+# libfoo.so.
# The second file argument is - and this (stdin) receives the output
# of the check-localplt program.
FILENAME != "-" && /^#/ { next }
FILENAME != "-" {
- if (NF != 2 && !(NF == 3 && $3 == "?")) {
+ if (NF == 5 && $3 == "+" && ($4 == "RELA" || $4 == "REL")) {
+ accept_type[$1 " " $2] = $4;
+ accept_reloc[$1 " " $2] = $5;
+ } else if (NF != 2 && !(NF == 3 && $3 == "?")) {
printf "%s:%d: bad data line: %s\n", FILENAME, FNR, $0 > "/dev/stderr";
result = 2;
} else {
next;
}
-NF != 2 {
+NF != 2 && !(NF == 4 && ($3 == "RELA" || $3 == "REL")) {
print "Unexpected output from check-localplt:", $0 > "/dev/stderr";
result = 2;
next
{
key = $1 " " $2
- if (key in accept) {
+ if ($3 == "RELA" || $3 == "REL") {
+ # Entries like:
+ # libc.so: free + RELA R_X86_64_GLOB_DAT
+ # may be ignored.
+ if (key in accept_type && accept_type[key] == $3 && accept_reloc[key] == $4) {
+ # Match
+ # libc.so: free + RELA R_X86_64_GLOB_DAT
+ delete accept_type[key]
+ }
+ } else if (NF == 2 && key in accept_reloc) {
+ # Match
+ # libc.so: free
+ # against
+ # libc.so: free + RELA R_X86_64_GLOB_DAT
+ if (key in accept_type)
+ delete accept_type[key]
+ } else if (key in accept) {
delete accept[key]
} else {
print "Extra PLT reference:", $0;
}
}
+ for (key in accept_type) {
+ # It's mandatory.
+ print "Missing required PLT or " accept_reloc[key] " reference:", key;
+ result = 1;
+ }
+
exit(result);
}
}
lastfile = FILENAME;
jmprel_offset = 0;
+ rela_offset = 0;
+ rel_offset = 0;
delete section_offset_by_address;
}
}
}
+in_relocs && relocs_offset == rela_offset && NF >= 5 {
+ # Relocations against GNU_IFUNC symbols are not shown as an hexadecimal
+ # value, but rather as the resolver symbol followed by ().
+ if ($4 ~ /\(\)/) {
+ print whatfile, gensub(/@.*/, "", "g", $5), "RELA", $3
+ } else {
+ symval = strtonum("0x" $4);
+ if (symval != 0)
+ print whatfile, gensub(/@.*/, "", "g", $5), "RELA", $3
+ }
+}
+
+in_relocs && relocs_offset == rel_offset && NF >= 5 {
+ # Relocations against GNU_IFUNC symbols are not shown as an hexadecimal
+ # value, but rather as the resolver symbol followed by ().
+ if ($4 ~ /\(\)/) {
+ print whatfile, gensub(/@.*/, "", "g", $5), "REL", $3
+ } else {
+ symval = strtonum("0x" $4);
+ if (symval != 0)
+ print whatfile, gensub(/@.*/, "", "g", $5), "REL", $3
+ }
+}
+
in_relocs { next }
$1 == "Relocation" && $2 == "section" && $5 == "offset" {
next
}
+$2 == "(RELA)" {
+ rela_addr = strtonum($3);
+ if (rela_addr in section_offset_by_address) {
+ rela_offset = section_offset_by_address[rela_addr];
+ } else {
+ print FILENAME ": *** DT_RELA does not match any section's address";
+ result = 2;
+ }
+ next
+}
+
+$2 == "(REL)" {
+ rel_addr = strtonum($3);
+ if (rel_addr in section_offset_by_address) {
+ rel_offset = section_offset_by_address[rel_addr];
+ } else {
+ print FILENAME ": *** DT_REL does not match any section's address";
+ result = 2;
+ }
+ next
+}
END { exit(result) }
+# Linker in binutils 2.26 and newer consolidates R_X86_64_JUMP_SLOT
+# relocation with R_386_GLOB_DAT relocation against the same symbol.
libc.so: _Unwind_Find_FDE
libc.so: calloc
-libc.so: free
-libc.so: malloc
+libc.so: free + REL R_386_GLOB_DAT
+libc.so: malloc + REL R_386_GLOB_DAT
libc.so: memalign
libc.so: realloc
libm.so: matherr
ld.so: malloc
ld.so: calloc
ld.so: realloc
-ld.so: free
+ld.so: free + REL R_386_GLOB_DAT
--- /dev/null
+# See scripts/check-localplt.awk for how this file is processed.
+# PLT use is required for the malloc family and for matherr because
+# users can define their own functions and have library internals call them.
+# Linker in binutils 2.26 and newer consolidates R_X86_64_JUMP_SLOT
+# relocation with R_X86_64_GLOB_DAT relocation against the same symbol.
+libc.so: calloc
+libc.so: free + RELA R_X86_64_GLOB_DAT
+libc.so: malloc + RELA R_X86_64_GLOB_DAT
+libc.so: memalign
+libc.so: realloc
+libm.so: matherr
+# The dynamic loader uses __libc_memalign internally to allocate aligned
+# TLS storage. The other malloc family of functions are expected to allow
+# user symbol interposition.
+ld.so: __libc_memalign
+ld.so: malloc
+ld.so: calloc
+ld.so: realloc
+ld.so: free + RELA R_X86_64_GLOB_DAT
projects / thirdparty / glibc.git / commitdiff
