--- /dev/null
+Upstream-Status: Inappropriate [SDK specific]
+
+eglibc-nativesdk: Fix buffer overrun with a relocated SDK
+
+When ld-linux-*.so.2 is relocated to a path that is longer than the
+original fixed location, the dynamic loader will crash in open_path
+because it implicitly assumes that max_dirnamelen is a fixed size that
+never changes.
+
+The allocated buffer will not be large enough to contain the directory
+path string which is larger than the fixed location provided at build
+time.
+
+Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
+
+---
+ elf/dl-load.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+--- a/elf/dl-load.c
++++ b/elf/dl-load.c
+@@ -1919,7 +1919,19 @@ open_path (const char *name, size_t name
+ given on the command line when rtld is run directly. */
+ return -1;
+
++ do
++ {
++ struct r_search_path_elem *this_dir = *dirs;
++ if (this_dir->dirnamelen > max_dirnamelen)
++ {
++ max_dirnamelen = this_dir->dirnamelen;
++ }
++ }
++ while (*++dirs != NULL);
++
+ buf = alloca (max_dirnamelen + max_capstrlen + namelen);
++
++ dirs = sps->dirs;
+ do
+ {
+ struct r_search_path_elem *this_dir = *dirs;
require eglibc.inc
-PR = "r2"
+PR = "r3"
DEPENDS += "gperf-native kconfig-frontends-native"
SRC_URI_append_class-nativesdk = " file://ld-search-order.patch \
file://relocatable_sdk.patch \
+ file://relocatable_sdk_fix_openpath.patch \
"
S = "${WORKDIR}/eglibc-${PV}/libc"
B = "${WORKDIR}/build-${TARGET_SYS}"
