mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-08 06:10:06 +00:00
string: strerror, strsignal cannot use buffer after dlmopen (bug 32026)
Secondary namespaces have a different malloc. Allocating the buffer in one namespace and freeing it another results in heap corruption. Fix this by using a static string (potentially translated) in secondary namespaces. It would also be possible to use the malloc from the initial namespace to manage the buffer, but these functions would still not be safe to use in auditors etc. because a call to strerror could still free a buffer while it is used by the application. Another approach could use proper initial-exec TLS, duplicated in secondary namespaces, but that would need a callback interface for freeing libc resources in namespaces on thread exit, which does not exist today. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This commit is contained in:
parent
e7c14e542d
commit
25a5eb4010
@ -20,7 +20,7 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <tls-internal.h>
|
#include <tls-internal.h>
|
||||||
|
#include <libc-internal.h>
|
||||||
|
|
||||||
static const char *
|
static const char *
|
||||||
translate (const char *str, locale_t loc)
|
translate (const char *str, locale_t loc)
|
||||||
@ -31,6 +31,12 @@ translate (const char *str, locale_t loc)
|
|||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static char *
|
||||||
|
unknown_error (locale_t loc)
|
||||||
|
{
|
||||||
|
return (char *) translate ("Unknown error", loc);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Return a string describing the errno code in ERRNUM. */
|
/* Return a string describing the errno code in ERRNUM. */
|
||||||
char *
|
char *
|
||||||
@ -40,18 +46,25 @@ __strerror_l (int errnum, locale_t loc)
|
|||||||
char *err = (char *) __get_errlist (errnum);
|
char *err = (char *) __get_errlist (errnum);
|
||||||
if (__glibc_unlikely (err == NULL))
|
if (__glibc_unlikely (err == NULL))
|
||||||
{
|
{
|
||||||
struct tls_internal_t *tls_internal = __glibc_tls_internal ();
|
if (__libc_initial)
|
||||||
free (tls_internal->strerror_l_buf);
|
|
||||||
if (__asprintf (&tls_internal->strerror_l_buf, "%s%d",
|
|
||||||
translate ("Unknown error ", loc), errnum) > 0)
|
|
||||||
err = tls_internal->strerror_l_buf;
|
|
||||||
else
|
|
||||||
{
|
{
|
||||||
/* The memory was freed above. */
|
struct tls_internal_t *tls_internal = __glibc_tls_internal ();
|
||||||
tls_internal->strerror_l_buf = NULL;
|
free (tls_internal->strerror_l_buf);
|
||||||
/* Provide a fallback translation. */
|
if (__asprintf (&tls_internal->strerror_l_buf, "%s%d",
|
||||||
err = (char *) translate ("Unknown error", loc);
|
translate ("Unknown error ", loc), errnum) > 0)
|
||||||
|
err = tls_internal->strerror_l_buf;
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* The memory was freed above. */
|
||||||
|
tls_internal->strerror_l_buf = NULL;
|
||||||
|
/* Provide a fallback translation. */
|
||||||
|
err = unknown_error (loc);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
/* Secondary namespaces use a different malloc, so cannot
|
||||||
|
participate in the buffer management. */
|
||||||
|
err = unknown_error (loc);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
err = (char *) translate (err, loc);
|
err = (char *) translate (err, loc);
|
||||||
|
@ -21,6 +21,7 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <libintl.h>
|
#include <libintl.h>
|
||||||
#include <tls-internal.h>
|
#include <tls-internal.h>
|
||||||
|
#include <libc-internal.h>
|
||||||
|
|
||||||
/* Return a string describing the meaning of the signal number SIGNUM. */
|
/* Return a string describing the meaning of the signal number SIGNUM. */
|
||||||
char *
|
char *
|
||||||
@ -30,21 +31,28 @@ strsignal (int signum)
|
|||||||
if (desc != NULL)
|
if (desc != NULL)
|
||||||
return _(desc);
|
return _(desc);
|
||||||
|
|
||||||
struct tls_internal_t *tls_internal = __glibc_tls_internal ();
|
if (__libc_initial)
|
||||||
free (tls_internal->strsignal_buf);
|
{
|
||||||
|
struct tls_internal_t *tls_internal = __glibc_tls_internal ();
|
||||||
|
free (tls_internal->strsignal_buf);
|
||||||
|
|
||||||
int r;
|
int r;
|
||||||
#ifdef SIGRTMIN
|
#ifdef SIGRTMIN
|
||||||
if (signum >= SIGRTMIN && signum <= SIGRTMAX)
|
if (signum >= SIGRTMIN && signum <= SIGRTMAX)
|
||||||
r = __asprintf (&tls_internal->strsignal_buf, _("Real-time signal %d"),
|
r = __asprintf (&tls_internal->strsignal_buf, _("Real-time signal %d"),
|
||||||
signum - SIGRTMIN);
|
signum - SIGRTMIN);
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
r = __asprintf (&tls_internal->strsignal_buf, _("Unknown signal %d"),
|
r = __asprintf (&tls_internal->strsignal_buf, _("Unknown signal %d"),
|
||||||
signum);
|
signum);
|
||||||
|
|
||||||
if (r == -1)
|
if (r >= 0)
|
||||||
tls_internal->strsignal_buf = NULL;
|
return tls_internal->strsignal_buf;
|
||||||
|
else
|
||||||
return tls_internal->strsignal_buf;
|
tls_internal->strsignal_buf = NULL;
|
||||||
|
}
|
||||||
|
/* Fall through on asprintf error, and for !__libc_initial:
|
||||||
|
secondary namespaces use a different malloc and cannot
|
||||||
|
participate in the buffer management. */
|
||||||
|
return _("Unknown signal");
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user