diff options
| author | Florian Weimer <fweimer@redhat.com> | 2022-08-26 21:15:43 +0200 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2022-08-30 16:53:14 +0200 |
| commit | da7afc97ad9ddc817686d61f046277166ef42644 (patch) | |
| tree | 651343f949fc59f6782fc1c389fb1f10e1d0cd06 /elf/dl-open.c | |
| parent | 0631ff369dd3986f7e66dfac03f1233d8cd74045 (diff) | |
| download | glibc-da7afc97ad9ddc817686d61f046277166ef42644.tar.gz glibc-da7afc97ad9ddc817686d61f046277166ef42644.tar.xz glibc-da7afc97ad9ddc817686d61f046277166ef42644.zip | |
elf: Call __libc_early_init for reused namespaces (bug 29528)
libc_map is never reset to NULL, neither during dlclose nor on a dlopen call which reuses the namespace structure. As a result, if a namespace is reused, its libc is not initialized properly. The most visible result is a crash in the <ctype.h> functions. To prevent similar bugs on namespace reuse from surfacing, unconditionally initialize the chosen namespace to zero using memset. (cherry picked from commit d0e357ff45a75553dee3b17ed7d303bfa544f6fe)
Diffstat (limited to 'elf/dl-open.c')
| -rw-r--r-- | elf/dl-open.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/elf/dl-open.c b/elf/dl-open.c index 1b965457c4..08cf5a02ad 100644 --- a/elf/dl-open.c +++ b/elf/dl-open.c @@ -819,11 +819,14 @@ _dl_open (const char *file, int mode, const void *caller_dlopen, Lmid_t nsid, _dl_signal_error (EINVAL, file, NULL, N_("\ no more namespaces available for dlmopen()")); } - else if (nsid == GL(dl_nns)) - { - __rtld_lock_initialize (GL(dl_ns)[nsid]._ns_unique_sym_table.lock); - ++GL(dl_nns); - } + + if (nsid == GL(dl_nns)) + ++GL(dl_nns); + + /* Initialize the new namespace. Most members are + zero-initialized, only the lock needs special treatment. */ + memset (&GL(dl_ns)[nsid], 0, sizeof (GL(dl_ns)[nsid])); + __rtld_lock_initialize (GL(dl_ns)[nsid]._ns_unique_sym_table.lock); _dl_debug_initialize (0, nsid)->r_state = RT_CONSISTENT; } |