But I had a look into glibc 2.31-0ubuntu9.2 source package
and recognized Florians patch:
debian/ubuntu/git-elf-Add-endianness-markup-to-ld.so.cache-bug-27008.patch
But compared to upstream, elf/dl-cache.c:_dl_load_cache_lookup():
if (file != MAP_FAILED && cachesize > sizeof *cache_new
&& memcmp (file, CACHEMAGIC_VERSION_NEW,
sizeof CACHEMAGIC_VERSION_NEW - 1) == 0)
### Missing the "Check for corruption, avoiding overflow." here. ###
{
if (! cache_file_new_matches_endian (file))
{
This check was introduced in a different patch. See my former comment:
On glibc upstream > glibc-2.31 && < glibc-2.32,
there is the following commit which adds a further check for corruption, avoiding overflow:
"ld.so: Check for new cache format first and enhance corruption check" https://sourceware.org/git/?p=glibc.git;a=commit;h=e221c512c74ec42fd47b71de2981a475b38110a4
------- Comment From <email address hidden> 2020-12-17 09:42 EDT------- /launchpad. net/ubuntu/ +source/ cross-toolchain -base/43ubuntu3 .1
The build of the cross-packages is not finished yet:
https:/
See "Builds"
Focal: (Icon: currently building) amd64
But I had a look into glibc 2.31-0ubuntu9.2 source package ubuntu/ git-elf- Add-endianness- markup- to-ld.so. cache-bug-27008.patch
and recognized Florians patch:
debian/
But compared to upstream, elf/dl- cache.c: _dl_load_ cache_lookup( ): VERSION_ NEW, VERSION_ NEW - 1) == 0) new_matches_ endian (file))
if (file != MAP_FAILED && cachesize > sizeof *cache_new
&& memcmp (file, CACHEMAGIC_
sizeof CACHEMAGIC_
### Missing the "Check for corruption, avoiding overflow." here. ###
{
if (! cache_file_
{
This check was introduced in a different patch. See my former comment: /sourceware. org/git/ ?p=glibc. git;a=commit; h=e221c512c74ec 42fd47b71de2981 a475b38110a4
On glibc upstream > glibc-2.31 && < glibc-2.32,
there is the following commit which adds a further check for corruption, avoiding overflow:
"ld.so: Check for new cache format first and enhance corruption check"
https:/