Konstantin Belousov <kostik...@gmail.com> writes:
> Dag-Erling Smørgrav <d...@des.no> writes:
> > The string isn't just unterminated, though. It's actually longer than
> > the section. To be precise, "/lib/ld-linux.so.2" is 18 characters long,
> > plus NUL makes 19. The section is supposed to be 17 bytes long. I
> > don't mind forgiving a missing NUL, but I'm not comfortable with reading
> > past the end of the section, and it worries me that Linux doesn't care.
> Apparently it was not Linux. Look at the astro/google-earth/Makefile
> before r425359.
Ah, I see. The port used sed to edit the file in-place instead of using
a tool that understands Elf and would have adjusted the section length.
But it doesn't any more, probably because the linux_base ports install
ld-lsb.so.3, so what's the issue? And regardless, your patch wouldn't
have helped in this case, since it would only have copied the first 17
characters ("/lib/ld-linux.so.", missing the final 2) to the new buffer.
So what is the rationale for the patch?
DES
--
Dag-Erling Smørgrav - d...@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
