diff options
author | Florian Weimer <fweimer@redhat.com> | 2022-03-11 08:23:56 +0100 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2022-03-11 08:24:19 +0100 |
commit | 9bdf92c79d63b42f931101bb6df87129c408b0c4 (patch) | |
tree | 7efd60fdfd80e687502c0bb1c7b511010153e7a4 /nss/nss_module.c | |
parent | aefc79ab5ad4bb9feea2876720cec70dca7cd8ed (diff) | |
download | glibc-9bdf92c79d63b42f931101bb6df87129c408b0c4.tar.gz glibc-9bdf92c79d63b42f931101bb6df87129c408b0c4.tar.xz glibc-9bdf92c79d63b42f931101bb6df87129c408b0c4.zip |
nss: Protect against errno changes in function lookup (bug 28953)
dlopen may clobber errno. The nss_test_errno module uses an ELF constructor to achieve that, but there could be internal errors during dlopen that cause this, too. Therefore, the NSS framework has to guard against such errno clobbers. __nss_module_get_function is currently the only function that calls __nss_module_load, so it is sufficient to save and restore errno around this call. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Diffstat (limited to 'nss/nss_module.c')
-rw-r--r-- | nss/nss_module.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/nss/nss_module.c b/nss/nss_module.c index f9a1263e5a..f00bbd9e1a 100644 --- a/nss/nss_module.c +++ b/nss/nss_module.c @@ -330,8 +330,18 @@ name_search (const void *left, const void *right) void * __nss_module_get_function (struct nss_module *module, const char *name) { + /* A successful dlopen might clobber errno. */ + int saved_errno = errno; + if (!__nss_module_load (module)) - return NULL; + { + /* Reporting module load failure is currently inaccurate. See + bug 22041. Not changing errno is the conservative choice. */ + __set_errno (saved_errno); + return NULL; + } + + __set_errno (saved_errno); function_name *name_entry = bsearch (name, nss_function_name_array, array_length (nss_function_name_array), |