musl: Fix out of bounds data access in dlopen

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/recipes-core/musl/musl/out_of_bounds_read.patch b/meta/recipes-core/musl/musl/out_of_bounds_read.patch
new file mode 100644 (file)
index 0000000..a681cc2
--- /dev/null
+++ b/meta/recipes-core/musl/musl/out_of_bounds_read.patch
@@ -0,0 +1,20 @@
+Fix out of bounds read
+
+self->dtv hasn't been extended yet
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+diff --git a/ldso/dynlink.c b/ldso/dynlink.c
+index e2c3259f..b23ea0df 100644
+--- a/ldso/dynlink.c
++++ b/ldso/dynlink.c
+@@ -1374,7 +1376,7 @@ static void install_new_tls(void)
+       }
+       /* Install new dtls into the enlarged, uninstalled dtv copies. */
+       for (p=head; ; p=p->next) {
+-              if (!p->tls_id || self->dtv[p->tls_id]) continue;
++              if (p->tls_id <= old_cnt) continue;
+               unsigned char *mem = p->new_tls;
+               for (j=0; j<i; j++) {
+                       unsigned char *new = mem;

diff --git a/meta/recipes-core/musl/musl_git.bb b/meta/recipes-core/musl/musl_git.bb
index f1052278c807fc83c80a17074bace5731af83115..6a72b7d3bc6f9bd989ad7ab90f192b2ba20ff120 100644 (file)
--- a/meta/recipes-core/musl/musl_git.bb
+++ b/meta/recipes-core/musl/musl_git.bb
@@ -15,6 +15,7 @@ PV = "${BASEVER}+git${SRCPV}"
 SRC_URI = "git://git.musl-libc.org/musl \
            file://0001-Make-dynamic-linker-a-relative-symlink-to-libc.patch \
            file://0002-ldso-Use-syslibdir-and-libdir-as-default-pathes-to-l.patch \
+           file://out_of_bounds_read.patch \
           "
 
 S = "${WORKDIR}/git"