Bug 1579739
| Summary: | glibc: Fix stack overflow with huge PT_NOTE segment | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Florian Weimer <fweimer> |
| Component: | glibc | Assignee: | Florian Weimer <fweimer> |
| Status: | CLOSED ERRATA | QA Contact: | qe-baseos-tools-bugs |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 7.5 | CC: | ashankar, codonell, dj, fweimer, mcermak, mnewsome, pfrankli, skolosov |
| Target Milestone: | rc | Keywords: | Patch |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | glibc-2.17-281.el7 | Doc Type: | No Doc Update |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-08-06 12:48:58 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1655768 | ||
Note to QE: The test case needs improvement, and I posted a patch upstream: https://sourceware.org/ml/libc-alpha/2019-03/msg00011.html I will backport this test adjustment once it has been approved upstream. glibc-2.17-283.el7 has the test improvement from upstream. Verified with elf/tst-big-note glibc test case. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:2118 |
Certain Rust binaries used to trigger this (but Rust has since installed a workaround). Upstream fix: Upstream fix: commit 0065aaaaae51cd60210ec3a7e13dddd8e01ffe2c Author: Paul Pluzhnikov <ppluzhnikov> Date: Sat May 5 18:08:27 2018 -0700 Fix BZ 20419. A PT_NOTE in a binary could be arbitratily large, so using alloca for it may cause stack overflow. If the note is larger than __MAX_ALLOCA_CUTOFF, use dynamically allocated memory to read it in.