On 09/04/2015 07:11 AM, Jakub Jelinek wrote:
> On Fri, Sep 04, 2015 at 03:58:12PM +0200, Florian Weimer wrote:
>> On 09/04/2015 03:49 PM, Jakub Jelinek wrote:
>>
>>> Clearly it is used by some programs, so it should be considered part of the
>>> public API.  If it wasn't meant to be exported, it should not have been
>>> exported.  The ld.so warning is only emitted if there is a copy relocation
>>> against that symbol and the symbol has different size in the copy relocation
>>> vs. the new size in the shared library.
>>
>> Ugh, I forgot.
>>
>> Will the process use the size from the shared library, or will the
>> object be truncated, so that when the library tries to traverse the
>> array (using its hard-coded size), it will read past the end of the
>> allocated portion?
> 
> It copies the minimum of the two sizes.

FWIW I found this Mozilla bug which added accessor functions:
https://bugzilla.mozilla.org/show_bug.cgi?id=496993

I think the comment about this being "pedantic nonsense" is very wrong,
especially since this minimum size copied will not match with reported
SSL_NumImplementedCiphers.  Or if you rely on the 0-terminating entry of
that array, that might not be copied and you'll go off the end.

Anyway, I'll see about porting my code to the accessor functions to
sidestep the whole issue.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Reply via email to