From owner-freebsd-ia64 Thu Mar 6 19:40:30 2003 Delivered-To: freebsd-ia64@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 96EA737B401; Thu, 6 Mar 2003 19:40:29 -0800 (PST) Received: from ns1.xcllnt.net (209-128-86-226.bayarea.net [209.128.86.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8507343FA3; Thu, 6 Mar 2003 19:40:28 -0800 (PST) (envelope-from marcel@xcllnt.net) Received: from athlon.pn.xcllnt.net (athlon.pn.xcllnt.net [192.168.4.3]) by ns1.xcllnt.net (8.12.8/8.12.8) with ESMTP id h273eSSd018599; Thu, 6 Mar 2003 19:40:28 -0800 (PST) (envelope-from marcel@piii.pn.xcllnt.net) Received: from athlon.pn.xcllnt.net (localhost [127.0.0.1]) by athlon.pn.xcllnt.net (8.12.8/8.12.8) with ESMTP id h273eRQh002022; Thu, 6 Mar 2003 19:40:27 -0800 (PST) (envelope-from marcel@athlon.pn.xcllnt.net) Received: (from marcel@localhost) by athlon.pn.xcllnt.net (8.12.8/8.12.8/Submit) id h273eRZ0002021; Thu, 6 Mar 2003 19:40:27 -0800 (PST) Date: Thu, 6 Mar 2003 19:40:27 -0800 From: Marcel Moolenaar To: Arun Sharma Cc: freebsd-ia64@FreeBSD.ORG, jdp@FreeBSD.ORG Subject: Re: Review fix for ia64/48024 Message-ID: <20030307034027.GA1962@athlon.pn.xcllnt.net> References: <200303070216.h272Gev29185@unix-os.sc.intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200303070216.h272Gev29185@unix-os.sc.intel.com> User-Agent: Mutt/1.5.3i Sender: owner-freebsd-ia64@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Mar 06, 2003 at 06:16:40PM -0800, Arun Sharma wrote: > > The following changes are proposed to: rtld-elf > > - factor out alloc_fptrs into a function of its own > - update the fptrs array of the defining object rather than the > referencing object > - We use the same algorithm to index fptrs array now in > make_function_pointer and reloc_non_plt_obj. > > Issues: > > - Is it possible to make an out of bounds access to the fptr array ? Yes. nchains depends on the number of symbols exposed to to the dynamic linker (ie the number of symbols that can be found though the hash table). This is generally less than the actual number of symbols in the symbol table and thus the index of the symbol in the symbol table of the defining load module. I'm also not sure if allocating an array of pointers is optimal, but that's a seperate issue. -- Marcel Moolenaar USPA: A-39004 marcel@xcllnt.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ia64" in the body of the message