diff options
author | Florian Weimer <fweimer@redhat.com> | 2019-10-31 18:25:39 +0100 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2019-11-27 20:55:35 +0100 |
commit | 440b7f8653e4ed8f6e1425145208050b795e9a6c (patch) | |
tree | 45f02b5d7f2af8adc0a6d71f1e30555e6d6ccc94 /elf/dblunload.c | |
parent | 79e0cd7b3c997e211fad44a81fd839dc5b2546e8 (diff) | |
download | glibc-440b7f8653e4ed8f6e1425145208050b795e9a6c.tar.gz glibc-440b7f8653e4ed8f6e1425145208050b795e9a6c.tar.xz glibc-440b7f8653e4ed8f6e1425145208050b795e9a6c.zip |
Avoid late failure in dlopen in global scope update [BZ #25112]
The call to add_to_global in dl_open_worker happens after running ELF constructors for new objects. At this point, proper recovery from malloc failure would be quite complicated: We would have to run the ELF destructors and close all opened objects, something that we currently do not do. Instead, this change splits add_to_global into two phases, add_to_global_resize (which can raise an exception, called before ELF constructors run), and add_to_global_update (which cannot, called after ELF constructors). A complication arises due to recursive dlopen: After the inner dlopen consumes some space, the pre-allocation in the outer dlopen may no longer be sufficient. A new member in the namespace structure, _ns_global_scope_pending_adds keeps track of the maximum number of objects that need to be added to the global scope. This enables the inner add_to_global_resize call to take into account the needs of an outer dlopen. Most code in the dynamic linker assumes that the number of global scope entries fits into an unsigned int (matching the r_nlist member of struct r_scop_elem). Therefore, change the type of _ns_global_scope_alloc to unsigned int (from size_t), and add overflow checks. Change-Id: Ie08e2f318510d5a6a4bcb1c315f46791b5b77524
Diffstat (limited to 'elf/dblunload.c')
0 files changed, 0 insertions, 0 deletions