commit 6a1cf708dd5681b517744d6d4fac02e4e4a0aa2e
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Wed Mar 11 21:03:50 2015 -0400
Fix ldconfig segmentation fault with corrupted cache (Bug 18093).
--- glibc-2.17-c758a686/elf/cache.c
+++ glibc-2.17-c758a686/elf/cache.c
@@ -688,7 +688,9 @@
if (aux_cache == MAP_FAILED
|| aux_cache_size < sizeof (struct aux_cache_file)
|| memcmp (aux_cache->magic, AUX_CACHEMAGIC, sizeof AUX_CACHEMAGIC - 1)
- || aux_cache->nlibs >= aux_cache_size)
+ || aux_cache_size != (sizeof(struct aux_cache_file) +
+ aux_cache->nlibs * sizeof(struct aux_cache_file_entry) +
+ aux_cache->len_strings))
{
close (fd);
init_aux_cache ();