fix rejection of dns responses with pointers past 512 byte offset

[musl] / ldso / dynlink.c

diff --git a/ldso/dynlink.c b/ldso/dynlink.c
index 8068fb3..ceca3c9 100644 (file)
--- a/ldso/dynlink.c
+++ b/ldso/dynlink.c
@@ -21,9 +21,15 @@
 #include <sys/membarrier.h>
 #include "pthread_impl.h"
 #include "fork_impl.h"
-#include "libc.h"
 #include "dynlink.h"
 
+static size_t ldso_page_size;
+#ifndef PAGE_SIZE
+#define PAGE_SIZE ldso_page_size
+#endif
+
+#include "libc.h"
+
 #define malloc __libc_malloc
 #define calloc __libc_calloc
 #define realloc __libc_realloc
@@ -339,7 +345,8 @@ static struct symdef find_sym(struct dso *dso, const char *s, int need_def)
 
 static struct symdef get_lfs64(const char *name)
 {
-       static const char *p, lfs64_list[] =
+       const char *p;
+       static const char lfs64_list[] =
                "aio_cancel\0aio_error\0aio_fsync\0aio_read\0aio_return\0"
                "aio_suspend\0aio_write\0alphasort\0creat\0fallocate\0"
                "fgetpos\0fopen\0freopen\0fseeko\0fsetpos\0fstat\0"
@@ -1723,6 +1730,7 @@ hidden void __dls2(unsigned char *base, size_t *sp)
        ldso.phnum = ehdr->e_phnum;
        ldso.phdr = laddr(&ldso, ehdr->e_phoff);
        ldso.phentsize = ehdr->e_phentsize;
+       search_vec(auxv, &ldso_page_size, AT_PAGESZ);
        kernel_mapped_dso(&ldso);
        decode_dyn(&ldso);
 
@@ -1985,6 +1993,10 @@ void __dls3(size_t *sp, size_t *auxv)
                        size_t *ptr = (size_t *) app.dynv[i+1];
                        *ptr = (size_t)&debug;
                }
+               if (app.dynv[i]==DT_DEBUG_INDIRECT_REL) {
+                       size_t *ptr = (size_t *)((size_t)&app.dynv[i] + app.dynv[i+1]);
+                       *ptr = (size_t)&debug;
+               }
        }
 
        /* This must be done before final relocations, since it calls