Fix security issue CVE-2009-3736

pull/1/head r14.0.9
François Andriot 10 years ago committed by Slávek Banko
parent 9af400f988
commit 7aeb4e9d71

@ -1459,9 +1459,10 @@ lt_dlexit ()
} }
static int static int
tryall_dlopen (handle, filename) tryall_dlopen (handle, filename, useloader)
lt_dlhandle *handle; lt_dlhandle *handle;
const char *filename; const char *filename;
const char *useloader;
{ {
lt_dlhandle cur; lt_dlhandle cur;
lt_dlloader *loader; lt_dlloader *loader;
@ -1519,6 +1520,11 @@ tryall_dlopen (handle, filename)
while (loader) while (loader)
{ {
if (useloader && strcmp(loader->loader_name, useloader))
{
loader = loader->next;
continue;
}
lt_user_data data = loader->dlloader_data; lt_user_data data = loader->dlloader_data;
cur->module = loader->module_open (data, filename); cur->module = loader->module_open (data, filename);
@ -1561,7 +1567,7 @@ find_module (handle, dir, libdir, dlname, old_name, installed)
/* try to open the old library first; if it was dlpreopened, /* try to open the old library first; if it was dlpreopened,
we want the preopened version of it, even if a dlopenable we want the preopened version of it, even if a dlopenable
module is available */ module is available */
if (old_name && tryall_dlopen(handle, old_name) == 0) if (old_name && tryall_dlopen(handle, old_name, "dlpreload") == 0)
{ {
return 0; return 0;
} }
@ -1584,7 +1590,7 @@ find_module (handle, dir, libdir, dlname, old_name, installed)
} }
sprintf (filename, "%s/%s", libdir, dlname); sprintf (filename, "%s/%s", libdir, dlname);
error = (tryall_dlopen (handle, filename) != 0); error = (tryall_dlopen (handle, filename, NULL) != 0);
LT_DLFREE (filename); LT_DLFREE (filename);
if (!error) if (!error)
@ -1616,7 +1622,7 @@ find_module (handle, dir, libdir, dlname, old_name, installed)
strcat(filename, objdir); strcat(filename, objdir);
strcat(filename, dlname); strcat(filename, dlname);
error = tryall_dlopen (handle, filename) != 0; error = tryall_dlopen (handle, filename, NULL) != 0;
LT_DLFREE (filename); LT_DLFREE (filename);
if (!error) if (!error)
{ {
@ -1639,7 +1645,7 @@ find_module (handle, dir, libdir, dlname, old_name, installed)
} }
strcat(filename, dlname); strcat(filename, dlname);
error = (tryall_dlopen (handle, filename) != 0); error = (tryall_dlopen (handle, filename, NULL) != 0);
LT_DLFREE (filename); LT_DLFREE (filename);
if (!error) if (!error)
{ {
@ -1754,7 +1760,7 @@ find_file (basename, search_path, pdir, handle)
strcpy(filename+lendir, basename); strcpy(filename+lendir, basename);
if (handle) if (handle)
{ {
if (tryall_dlopen (handle, filename) == 0) if (tryall_dlopen (handle, filename, NULL) == 0)
{ {
result = (lt_ptr) handle; result = (lt_ptr) handle;
goto cleanup; goto cleanup;
@ -2068,7 +2074,7 @@ lt_dlopen (filename)
/* lt_dlclose()ing yourself is very bad! Disallow it. */ /* lt_dlclose()ing yourself is very bad! Disallow it. */
LT_DLSET_FLAG (handle, LT_DLRESIDENT_FLAG); LT_DLSET_FLAG (handle, LT_DLRESIDENT_FLAG);
if (tryall_dlopen (&newhandle, 0) != 0) if (tryall_dlopen (&newhandle, 0, NULL) != 0)
{ {
LT_DLFREE (handle); LT_DLFREE (handle);
return 0; return 0;
@ -2373,7 +2379,7 @@ lt_dlopen (filename)
#ifdef LTDL_SYSSEARCHPATH #ifdef LTDL_SYSSEARCHPATH
&& !find_file (basename, sys_search_path, 0, &newhandle) && !find_file (basename, sys_search_path, 0, &newhandle)
#endif #endif
)) && tryall_dlopen (&newhandle, filename)) )) && tryall_dlopen (&newhandle, filename, NULL))
{ {
LT_DLFREE (handle); LT_DLFREE (handle);
goto cleanup; goto cleanup;

Loading…
Cancel
Save