diff --git a/SOURCES/ltrace-0.7.91-x86-plt_map.patch b/SOURCES/ltrace-0.7.91-x86-plt_map.patch new file mode 100644 index 0000000..9983cc7 --- /dev/null +++ b/SOURCES/ltrace-0.7.91-x86-plt_map.patch @@ -0,0 +1,101 @@ +From fba95ad936f1d8c1052259bae811f1fc07f9a215 Mon Sep 17 00:00:00 2001 +From: Petr Machata +Date: Thu, 30 Oct 2014 01:48:17 +0100 +Subject: [PATCH] Initialize the PLT slot map correctly on x86 and x86_64 + +The PLT slot map translates relocation numbers to PLT slot numbers, +but was actually initialized in the opposite direction. Fix the way +it's initialized. This bug can be seen on glibc in particular: + + $ ltrace -e free ls + libc.so.6->free(0x5) = + libc.so.6->free(0x78) = + libc.so.6->free(0xc) = + libc.so.6->free(0x308) = + +Note the nonsense values passed to free. The problem is that these +are not free calls at all, but malloc calls that are assigned to wrong +PLT slots due to above bug. +--- + sysdeps/linux-gnu/x86/plt.c | 38 +++++++++++++++++++++----------------- + 1 file changed, 21 insertions(+), 17 deletions(-) + +diff --git a/sysdeps/linux-gnu/x86/plt.c b/sysdeps/linux-gnu/x86/plt.c +index c860af6..97f6c3e 100644 +--- a/sysdeps/linux-gnu/x86/plt.c ++++ b/sysdeps/linux-gnu/x86/plt.c +@@ -77,6 +77,18 @@ arch_elf_init(struct ltelf *lte, struct library *lib) + { + VECT_INIT(<e->arch.plt_map, unsigned int); + ++ if (vect_reserve(<e->arch.plt_map, vect_size(<e->plt_relocs)) < 0) { ++ fail: ++ arch_elf_destroy(lte); ++ return -1; ++ } ++ ++ { ++ unsigned int i, sz = vect_size(<e->plt_relocs); ++ for (i = 0; i < sz; ++i) ++ vect_pushback (<e->arch.plt_map, &i); ++ } ++ + /* IRELATIVE slots may make the whole situation a fair deal + * more complex. On x86{,_64}, the PLT slots are not + * presented in the order of the corresponding relocations, +@@ -114,43 +126,35 @@ arch_elf_init(struct ltelf *lte, struct library *lib) + /* Here we scan the PLT table and initialize a map of + * relocation->slot number in lte->arch.plt_map. */ + +- size_t i; +- for (i = 0; i < vect_size(<e->plt_relocs); ++i) { ++ unsigned int i, sz = vect_size(<e->plt_relocs); ++ for (i = 0; i < sz; ++i) { + + GElf_Addr offset = x86_plt_offset(i); +- uint32_t reloc_arg = 0; + + uint8_t byte; + if (elf_read_next_u8(lte->plt_data, &offset, &byte) < 0 + || byte != 0xff + || elf_read_next_u8(lte->plt_data, &offset, &byte) < 0 + || (byte != 0xa3 && byte != 0x25)) +- goto next; ++ continue; + + /* Skip immediate argument in the instruction. */ + offset += 4; + ++ uint32_t reloc_arg; + if (elf_read_next_u8(lte->plt_data, &offset, &byte) < 0 + || byte != 0x68 + || elf_read_next_u32(lte->plt_data, +- &offset, &reloc_arg) < 0) { +- reloc_arg = 0; +- goto next; +- } ++ &offset, &reloc_arg) < 0) ++ continue; + + if (lte->ehdr.e_machine == EM_386) { +- if (reloc_arg % 8 != 0) { +- reloc_arg = 0; +- goto next; +- } ++ if (reloc_arg % 8 != 0) ++ continue; + reloc_arg /= 8; + } + +- next: +- if (VECT_PUSHBACK(<e->arch.plt_map, &reloc_arg) < 0) { +- arch_elf_destroy(lte); +- return -1; +- } ++ *VECT_ELEMENT(<e->arch.plt_map, unsigned int, reloc_arg) = i; + } + + return 0; +-- +2.1.0 + diff --git a/SOURCES/ltrace-0.7.91-x86-unused_label.patch b/SOURCES/ltrace-0.7.91-x86-unused_label.patch new file mode 100644 index 0000000..e56bda2 --- /dev/null +++ b/SOURCES/ltrace-0.7.91-x86-unused_label.patch @@ -0,0 +1,32 @@ +From e16a28f1b6e5a15368f8ed98dc29a6da714dc5fa Mon Sep 17 00:00:00 2001 +From: Petr Machata +Date: Tue, 9 Dec 2014 17:44:30 +0100 +Subject: [PATCH] Drop unused label in x86 backend + +--- + sysdeps/linux-gnu/x86/plt.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/sysdeps/linux-gnu/x86/plt.c b/sysdeps/linux-gnu/x86/plt.c +index 97f6c3e..44ea260 100644 +--- a/sysdeps/linux-gnu/x86/plt.c ++++ b/sysdeps/linux-gnu/x86/plt.c +@@ -1,6 +1,6 @@ + /* + * This file is part of ltrace. +- * Copyright (C) 2013 Petr Machata, Red Hat Inc. ++ * Copyright (C) 2013,2014 Petr Machata, Red Hat Inc. + * Copyright (C) 2004,2008,2009 Juan Cespedes + * + * This program is free software; you can redistribute it and/or +@@ -78,7 +78,6 @@ arch_elf_init(struct ltelf *lte, struct library *lib) + VECT_INIT(<e->arch.plt_map, unsigned int); + + if (vect_reserve(<e->arch.plt_map, vect_size(<e->plt_relocs)) < 0) { +- fail: + arch_elf_destroy(lte); + return -1; + } +-- +2.1.0 + diff --git a/SPECS/ltrace.spec b/SPECS/ltrace.spec index 5abba3d..8be896a 100644 --- a/SPECS/ltrace.spec +++ b/SPECS/ltrace.spec @@ -3,7 +3,7 @@ Summary: Tracks runtime library calls from dynamically linked executables Name: %{?scl_prefix}ltrace Version: 0.7.91 -Release: 8%{?dist} +Release: 9%{?dist} URL: http://ltrace.alioth.debian.org/ License: GPLv2+ Group: Development/Debuggers @@ -55,6 +55,10 @@ Patch10: ltrace-0.7.91-aarch64.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1064406 Patch11: ltrace-0.7.2-e_machine.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1158714 +Patch17: ltrace-0.7.91-x86-plt_map.patch +Patch18: ltrace-0.7.91-x86-unused_label.patch + %description Ltrace is a debugging program which runs a specified command until the command exits. While the command is executing, ltrace intercepts and @@ -79,6 +83,8 @@ execution of processes. %patch9 -p1 %patch10 -p1 %patch11 -p1 +%patch17 -p1 +%patch18 -p1 %build %configure --docdir=%{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}} @@ -103,6 +109,11 @@ echo ====================TESTING END===================== %{_datadir}/ltrace %changelog +* Wed Jan 7 2015 Petr Machata - 0.7.91-9 +- Add upstream fix for a bug in labeling PLT slots + (ltrace-0.7.91-x86-plt_map.patch, + ltrace-0.7.91-x86-unused_label.patch) + * Sun May 11 2014 Petr Machata - 0.7.91-8 - Package for SCL