CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/05/06 03:05:48
Modified files:
libexec/ld.so : library.c library_mquery.c
Log message:
Add checks to make sure that the ELF header and program header fit into
the data we read from the on-disk shared library. These checks should
only fail for malformed shared libraries, but failing to load a shared
library is better than crashing the program because of an out-of-bounds
access.
Issue found by Frank Denis using the Swival Security Scanner.
ok guenther@
